Subject: Re: racoon and psk.txt
To: None <email@example.com>
From: Jan Schaumann <firstname.lastname@example.org>
Date: 01/08/2003 12:40:51
Joel Wilsson <email@example.com> wrote:
> On Wednesday, January 8, 2003, at 12:02 am, Jan Schaumann wrote:
> >Is it just me or did racoon break recently?
> >I rebuilt -current yesterday, and after the reboot it does not seem to
> >read the psk.txt file any more:
> >Anybody with a clue?
> Not unless you find anything special in /var/log/messages.
> The racoon source hasn't been touched for over a month.
> My guess is that racoon dies before it gets so far that it actually
> needs to read psk.txt.
Well, I'm making some progress. One problem I encountered was that on
boot /etc/rc.d/sysdb failed since /usr was not yet mounted. Once that
was fixed, syslogd, ipsec and racoon started all nicely.
*However*, it it still behaving very oddly:
I have several rules in my /etc/ipsec.conf. One to encrypt all traffic
for syslog (the server logs for several other machines), one for amanda
traffic and one for rsh/login.
Syslog and amanda traffic is properly encrypted and goes through to all
hosts. But rsh traffic does NOT. And I get a million:
racoon: ERROR: isakmp.c:490: can't start the quick mode, there is no
messages, even though, at the same time, syslog through ipsec works and
'setkey -d' shows that the two hosts are talking.
Now obviously this sounds like rsh/login is misconfigured -- the
interesting thing about this is that it literally stopped working from
one moment to the next (coinciding with the update):
I was able to rsh from the server through ipsec to a workstation without
I updated kernel and userland.
I no longer am able to rsh from the server through ipsec to a
Well, any pointers are aprreciated.
Probability factor of one to one. We have normality. I repeat, we have
normality. Anything you still can't cope with is therefore your own lookout.