JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: IP Services     Oracle Solaris 10 8/11 Information Library
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Part I Introducing System Administration: IP Services

1.  Oracle Solaris TCP/IP Protocol Suite (Overview)

Part II TCP/IP Administration

2.  Planning Your TCP/IP Network (Tasks)

3.  Introducing IPv6 (Overview)

4.  Planning an IPv6 Network (Tasks)

5.  Configuring TCP/IP Network Services and IPv4 Addressing (Tasks)

6.  Administering Network Interfaces (Tasks)

7.  Configuring an IPv6 Network (Tasks)

8.  Administering a TCP/IP Network (Tasks)

9.  Troubleshooting Network Problems (Tasks)

10.  TCP/IP and IPv4 in Depth (Reference)

11.  IPv6 in Depth (Reference)

Part III DHCP

12.  About DHCP (Overview)

13.  Planning for DHCP Service (Tasks)

14.  Configuring the DHCP Service (Tasks)

15.  Administering DHCP (Tasks)

16.  Configuring and Administering the DHCP Client

17.  Troubleshooting DHCP (Reference)

18.  DHCP Commands and Files (Reference)

Part IV IP Security

19.  IP Security Architecture (Overview)

20.  Configuring IPsec (Tasks)

21.  IP Security Architecture (Reference)

22.  Internet Key Exchange (Overview)

What's New in IKE?

Key Management With IKE

IKE Key Negotiation

IKE Key Terminology

IKE Phase 1 Exchange

IKE Phase 2 Exchange

IKE Configuration Choices

IKE With Preshared Keys

IKE With Public Key Certificates

IKE and Hardware Acceleration

IKE and Hardware Storage

IKE Utilities and Files

Changes to IKE for the Solaris 10 Release

23.  Configuring IKE (Tasks)

24.  Internet Key Exchange (Reference)

25.  IP Filter in Oracle Solaris (Overview)

26.  IP Filter (Tasks)

Part V Mobile IP

27.  Mobile IP (Overview)

28.  Administering Mobile IP (Tasks)

29.  Mobile IP Files and Commands (Reference)

Part VI IPMP

30.  Introducing IPMP (Overview)

31.  Administering IPMP (Tasks)

Part VII IP Quality of Service (IPQoS)

32.  Introducing IPQoS (Overview)

33.  Planning for an IPQoS-Enabled Network (Tasks)

34.  Creating the IPQoS Configuration File (Tasks)

35.  Starting and Maintaining IPQoS (Tasks)

36.  Using Flow Accounting and Statistics Gathering (Tasks)

37.  IPQoS in Detail (Reference)

Glossary

Index

IKE Utilities and Files

The following table summarizes the configuration files for IKE policy, the storage locations for IKE keys, and the various commands and services that implement IKE. For more about services, see Chapter 5, Managing Services (Overview), in Oracle Solaris Administration: Common Tasks.

Table 22-2 IKE Configuration Files, Key Storage Locations, Commands, and Services

File, Location, Command, or Service
Description
For More Information
svc:/network/ipsec/ike
In the current release, the SMF service that manages IKE.
smf(5)
/usr/lib/inet/in.iked daemon
Internet Key Exchange (IKE) daemon. Activates automated key management. In the current release, the ike service enables this daemon. In earlier releases, the in.iked command is used.
in.iked(1M)
/usr/sbin/ikeadm command
IKE administration command for viewing and modifying the IKE policy.
ikeadm(1M)
/usr/sbin/ikecert command
Certificate database management command for manipulating local databases that hold public key certificates. The databases can also be stored on an attached Sun Crypto Accelerator 4000 board.
ikecert(1M)
/etc/inet/ike/config file
Default configuration file for the IKE policy in the /etc/inet directory. Contains the site's rules for matching inbound IKE requests and preparing outbound IKE requests.

In the current release, if this file exists, the in.iked daemon starts when the ike service is enabled. The location of this file can be changed by the svccfg command.
ike.config(4)
ike.preshared file
Preshared keys file in the /etc/inet/secret directory. Contains secret keying material for authentication in the Phase 1 exchange. Used when configuring IKE with preshared keys.
ike.preshared(4)
ike.privatekeys directory
Private keys directory in the /etc/inet/secret directory. Contains the private keys that are part of a public-private key pair.
ikecert(1M)
publickeys directory
Directory in the /etc/inet/ike directory that holds public keys and certificate files. Contains the public key part of a public-private key pair.
ikecert(1M)
crls directory
Directory in the /etc/inet/ike directory that holds revocation lists for public keys and certificate files.
ikecert(1M)
Sun Crypto Accelerator 1000 board
Hardware that accelerates public key operations by offloading the operations from the operating system.
ikecert(1M)
Sun Crypto Accelerator 4000 board
Hardware that accelerates public key operations by offloading the operations from the operating system. The board also stores public keys, private keys, and public key certificates.
ikecert(1M)
Copyright © 1999, 2010, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next