By default, the ikeadm command prevents you from viewing the actual keys in a dump of a Phase 1 SA. Viewing the keys is useful during debugging.
To view the actual keys, you must increase the privilege level of the daemon. For a description of the privilege levels, see IKE Administration Command.
IKE is configured and the ike service is running.
View the IKE preshared keys.
# ikeadm ikeadm> dump preshared |
If you get an error, increase the privilege level of the in.iked daemon.
Increase the privilege level of the in.iked daemon in the SMF repository.
# svcprop -p config/admin_privilege ike base # svccfg -s ike setprop config/admin_privilege=keymat |
Increase the privilege level of the running in.iked daemon.
# svcadm refresh ike ; svcadm restart ike |
(Optional) Confirm that the privilege level is keymat.
# svcprop -p config/admin_privilege ike keymat |
View the keys by running Step 1 again.
Return the IKE daemon to the base privilege level.