| 123456789101112131415161718 |
- #!/bin/bash
- hostname=$(hostname -s)
- mkdir /etc/ipsec.d/public
- ipsec pki --gen --type rsa --outform pem --size 4096 > /etc/ipsec.d/private/$hostname.pem
- ipsec pki --pub --in /etc/ipsec.d/private/$hostname.pem --outform pem > /etc/ipsec.d/public/$hostname.pem
- echo ": RSA $hostname.pem" >> /etc/ipsec.secrets
- cat >/etc/ipsec.conf << EOF
- # ipsec.conf - strongSwan IPsec configuration file
- # basic configuration
- config setup
- conn %default
- keyexchange=ikev1
- dpdaction=restart
- EOF
|
