[ previous ] [ next ] [ threads ]
 From:  Lee Azzarello <lee dot azzarello at ps dash solved dot com>
 To:  m0n0wall list <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] feature request (hidden and encrypted passwords/pre-sharde keys)
 Date:  Tue, 10 May 2005 10:06:48 -0400
On Sat, 2005-05-07 at 21:47 +0100, Paul Rae wrote:
> No all it would do is give a false sense of security. No matter how you encrypt / obfuscate it on
the box, it needs to be sent clear when its used.
> All it would take is a simple sniffer and you would get it.

To spark a little more conversation, to my knowledge using a
Diffe-Hellman key exchange for phase one of establishing an IPSec SA
doesn't transmit the pre-shared key in plain text. The only place the
shared secret is stored in plain text is in RAM while m0n0 is running
and on the CF card in the XML config. This means you should have good
physical security on your VPN endpoint and you should use HTTPS when
editing the configuration.

What would be cool is an interface wraped around a key management daemon
so IPSec tunnels could be certified, no pre-sharing necessary.