CentOS: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 23: | Zeile 23: | ||
==ssh enablen== | ==ssh enablen== | ||
chkconfig sshd on | chkconfig sshd on | ||
| + | ==openswan= | ||
| + | ===nss zertifikate=== | ||
| + | *to use sql format of nss db which fedora's openswan expects | ||
| + | export NSS_DEFAULT_DB_TYPE="sql" | ||
| + | *Create a new certificate database(use empty passwords) | ||
| + | certutil -N -d /etc/ipsec.d | ||
| + | *P12 import | ||
| + | pk12util -i certkey.p12 -d /etc/ipsec.d | ||
| + | *find the name of certificate in nss db | ||
| + | certutil -L -d /etc/ipsec.d | ||
| + | *Now certificates are imported into nss db in /etc/ipsec.d. Now we should | ||
| + | configure openswan to use the nss database: | ||
| + | |||
| + | |||
| + | *create file /etc/ipsec.d/nss.certs with the following: | ||
| + | @fqdn: RSA "name of certificate in nss db" "" | ||
Version vom 21. August 2013, 10:42 Uhr
Interface Konfiguration
vi /etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE="eth0"
- Gibt den Namen der Schnittstelle an
- HWADDR="08:00:27:35:E9:2B"
- Gibt die MAC-Adresse an
- ONBOOT="yes"
- Gibt an ob die Schnittstelle beim booten gestartet werden soll
- IPADDR="192.168.0.100"
- Gibt die IP-Adresse der Schnittstelle an
- NETMASK="255.255.255.0"
- Gibt die Netzmaske der Schnittstelle an
- GATEWAY="192.168.0.1"
- Gibt den default Router an
Hostname ändern
ssh enablen
chkconfig sshd on
=openswan
nss zertifikate
- to use sql format of nss db which fedora's openswan expects
export NSS_DEFAULT_DB_TYPE="sql"
- Create a new certificate database(use empty passwords)
certutil -N -d /etc/ipsec.d
- P12 import
pk12util -i certkey.p12 -d /etc/ipsec.d
- find the name of certificate in nss db
certutil -L -d /etc/ipsec.d
- Now certificates are imported into nss db in /etc/ipsec.d. Now we should
configure openswan to use the nss database:
- create file /etc/ipsec.d/nss.certs with the following:
@fqdn: RSA "name of certificate in nss db" ""