☰

Updated IPsec with PublicKeys (markdown)

Anonymous committed 2015-01-15 14:12:59 +0000 commit 38b4fb6602680438faf66b38d2a65ac17f6990d7

				howto/IPsec-with-PublicKeys.md
			
          @@ -1,6 +1,7 @@

           # IPsec with public key authentication

           ## Stop using pre-shared keys!

           ### Pre-shared keys suck, because _reasons_

          +

           *  __The key must be kept secret__, which means it must be shared only over a secure channel e.g. PGP, face-to-face

           *  Most implementations will accept insecure (too short, too simple) keys

           *  The [insecure][1] [IKE][2] [aggressive mode][3] must be used to support distinct PSKs for multiple dynamic peers, or

...	...	@@ -1,6 +1,7 @@
1	1	# IPsec with public key authentication
2	2	## Stop using pre-shared keys!
3	3	### Pre-shared keys suck, because _reasons_
	4	+
4	5	* __The key must be kept secret__, which means it must be shared only over a secure channel e.g. PGP, face-to-face
5	6	* Most implementations will accept insecure (too short, too simple) keys
6	7	* The [insecure][1] [IKE][2] [aggressive mode][3] must be used to support distinct PSKs for multiple dynamic peers, or