ipseckey.8 - OpenGrok cross reference for /illumos-gate/usr/src/man/man8/ipseckey.8

Deleted Added

sdiffudifftextold (bbf21555..)new (1edba515..)

ipseckey.8 (bbf215553c7233fbab8a0afdf1fac74c44781867)	ipseckey.8 (1edba515a3484e0f74b638b203d462b3112ac84d)
1'\" te 2.\" Copyright (C) 2008, Sun Microsystems, Inc. All Rights Reserved 3.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. 4.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. 5.\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]	1'\" te 2.\" Copyright (C) 2008, Sun Microsystems, Inc. All Rights Reserved 3.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. 4.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. 5.\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
6.TH IPSECKEY 8 "November 22, 2021"	6.TH IPSECKEY 8 "April 17, 2024"
7.SH NAME 8ipseckey \- manually manipulate an IPsec Security Association Database (SADB) 9.SH SYNOPSIS 10.nf 11\fBipseckey\fR [\fB-nvp\fR] 12.fi 13 14.LP --- 52 unchanged lines hidden (view full) --- 67accepts commands from the standard input until the end-of-file is reached. Some 68commands require an explicit security association ("\fBSA\fR") type, while 69others permit the \fBSA\fR type to be unspecified and act on all \fBSA\fR 70types. 71.sp 72.LP 73\fBipseckey\fR uses a \fBPF_KEY\fR socket and the message types \fBSADB_ADD\fR, 74\fBSADB_DELETE\fR, \fBSADB_GET\fR, \fBSADB_UPDATE\fR, \fBSADB_FLUSH\fR, and	7.SH NAME 8ipseckey \- manually manipulate an IPsec Security Association Database (SADB) 9.SH SYNOPSIS 10.nf 11\fBipseckey\fR [\fB-nvp\fR] 12.fi 13 14.LP --- 52 unchanged lines hidden (view full) --- 67accepts commands from the standard input until the end-of-file is reached. Some 68commands require an explicit security association ("\fBSA\fR") type, while 69others permit the \fBSA\fR type to be unspecified and act on all \fBSA\fR 70types. 71.sp 72.LP 73\fBipseckey\fR uses a \fBPF_KEY\fR socket and the message types \fBSADB_ADD\fR, 74\fBSADB_DELETE\fR, \fBSADB_GET\fR, \fBSADB_UPDATE\fR, \fBSADB_FLUSH\fR, and
75\fBSADB_X_PROMISC\fR. Thus, you must be a superuser to use this command.	75\fBSADB_X_PROMISC\fR. Thus, you must have the \fBPRIV_SYS_IP_CONFIG\fR 76privilege to use this command.
76.sp 77.LP 78\fBipseckey\fR handles sensitive cryptographic keying information. Please read 79the \fBSecurity\fR section for details on how to use this command securely. 80.SH OPTIONS 81.ne 2 82.na 83\fB\fB-c\fR [\fIfilename\fR]\fR --- 10 unchanged lines hidden (view full) --- 94.sp 95.ne 2 96.na 97\fB\fB-f\fR [\fIfilename\fR]\fR 98.ad 99.sp .6 100.RS 4n 101Read commands from an input file, \fIfilename\fR. The lines of the input file	77.sp 78.LP 79\fBipseckey\fR handles sensitive cryptographic keying information. Please read 80the \fBSecurity\fR section for details on how to use this command securely. 81.SH OPTIONS 82.ne 2 83.na 84\fB\fB-c\fR [\fIfilename\fR]\fR --- 10 unchanged lines hidden (view full) --- 95.sp 96.ne 2 97.na 98\fB\fB-f\fR [\fIfilename\fR]\fR 99.ad 100.sp .6 101.RS 4n 102Read commands from an input file, \fIfilename\fR. The lines of the input file
102are identical to the command line language. The \fBload\fR command provides 103similar functionality. The \fB-s\fR option or the \fBsave\fR command can 104generate files readable by the \fB-f\fR argument.	103are identical to the command line language. The \fB-s\fR option or the 104\fBsave\fR command can generate files readable by the \fB-f\fR argument.
105.RE 106 107.sp 108.ne 2 109.na 110\fB\fB-n\fR\fR 111.ad 112.sp .6 --- 108 unchanged lines hidden (view full) --- 221 222.sp 223.ne 2 224.na 225\fB\fBget\fR\fR 226.ad 227.sp .6 228.RS 4n	105.RE 106 107.sp 108.ne 2 109.na 110\fB\fB-n\fR\fR 111.ad 112.sp .6 --- 108 unchanged lines hidden (view full) --- 221 222.sp 223.ne 2 224.na 225\fB\fBget\fR\fR 226.ad 227.sp .6 228.RS 4n
229Lookup and display a security association from a specific \fBSADB\fR. Like	229Look up and display a security association from a specific \fBSADB\fR. Like
230\fBdelete\fR, this command only requires \fBspi\fR and \fBdest\fR for IPsec. 231.RE 232 233.sp 234.ne 2 235.na 236\fB\fBflush\fR\fR 237.ad --- 1260 unchanged lines hidden (view full) --- 1498.BR pf_key (4P), 1499.BR ike.config (5), 1500.BR attributes (7), 1501.BR smf (7), 1502.BR ipsecalgs (8), 1503.BR ipsecconf (8), 1504.BR route (8), 1505.BR svcadm (8),	230\fBdelete\fR, this command only requires \fBspi\fR and \fBdest\fR for IPsec. 231.RE 232 233.sp 234.ne 2 235.na 236\fB\fBflush\fR\fR 237.ad --- 1260 unchanged lines hidden (view full) --- 1498.BR pf_key (4P), 1499.BR ike.config (5), 1500.BR attributes (7), 1501.BR smf (7), 1502.BR ipsecalgs (8), 1503.BR ipsecconf (8), 1504.BR route (8), 1505.BR svcadm (8),
1506.BR svccfg (8)	1506.BR svccfg (8), 1507.BR tcpkey (8)
1507.sp 1508.LP 1509Schneier, B., \fIApplied Cryptography: Protocols, Algorithms, and Source Code 1510in C\fR. Second ed. New York, New York: John Wiley & Sons, 1996. 1511.SH DIAGNOSTICS 1512The \fBipseckey\fR command parses the configuration file and reports any 1513errors. In the case of multiple errors, \fBipseckey\fR reports as many of these 1514as possible. --- 125 unchanged lines hidden ---	1508.sp 1509.LP 1510Schneier, B., \fIApplied Cryptography: Protocols, Algorithms, and Source Code 1511in C\fR. Second ed. New York, New York: John Wiley & Sons, 1996. 1512.SH DIAGNOSTICS 1513The \fBipseckey\fR command parses the configuration file and reports any 1514errors. In the case of multiple errors, \fBipseckey\fR reports as many of these 1515as possible. --- 125 unchanged lines hidden ---