dn42 wiki / IPsec with public key authentication

dn42

IPsec with public key authentication

Stop using pre-shared keys!

Pre-shared keys suck, because reasons

Public keys are better

So why isn’t everyone using public keys already?

Public keys means certificates, right? Certificates are hard :(

Many IKE implementations support manually configuring trusted public keys, without having to create a CA, generate CSRs, sign certificates, or remember/look up the commands to do those things.

Keep in mind that certificates are just public keys wrapped with some extra metadata so that your router can automatically verify that it belongs to someone you trust. Certificates are useful for instances where there are so many peers that it’s infeasible to manually configure each one’s public key, such as a “road warrior” configuration or DMVPN. In those scenarios it makes sense to set up a Certificate Authority to handle it.

Ok fine, how do I public key?

Conversion tool

Different implementations use different formats to represent public keys, and it’s necessary to be able to convert between them. Here is a script for that purpose:

https://raw.githubusercontent.com/zeroae/pubkey-converter/master/pubkey-converter.pl

How-To examples

| Implementation | Key format | | :———————– | ————–: | | strongSwan >= 5.0.0 | PEM | | Cisco IOS | Hexadecimal DER | | Mikrotik RouterOS | PEM | | OpenBSD | PEM | | Racoon | Base64 RFC 3110 | | strongSwan < 5.0.0 | Base64 RFC 3110 | | VyOS/EdgeOS | Base64 RFC 3110 |

Notes

  1. Best practice is to generate the private key on the router itself, and not transfer it to another machine. This part should be kept secret!
  2. Generate a key of at least 2048 bits, preferably 4096 if both ends support it.
  3. Some implementations support more than one key format. The examples here only show how to use one of them (usually PEM) for brevity.
  4. RFC 3110 format is the same as that described in RFC 2537. The former obsoletes the latter.