ipsec_init.sh 487 B

123456789101112131415161718
  1. #!/bin/bash
  2. hostname=$(hostname -s)
  3. mkdir /etc/ipsec.d/public
  4. ipsec pki --gen --type rsa --outform pem --size 4096 > /etc/ipsec.d/private/$hostname.pem
  5. ipsec pki --pub --in /etc/ipsec.d/private/$hostname.pem --outform pem > /etc/ipsec.d/public/$hostname.pem
  6. echo ": RSA $hostname.pem" >> /etc/ipsec.secrets
  7. cat >/etc/ipsec.conf << EOF
  8. # ipsec.conf - strongSwan IPsec configuration file
  9. # basic configuration
  10. config setup
  11. conn %default
  12. keyexchange=ikev1
  13. dpdaction=restart
  14. EOF