svc:/network/ipsec/ike
|
The SMF service that manages IKE.
|
smf(5)
|
/usr/lib/inet/in.iked daemon
|
Internet Key Exchange (IKE) daemon. Activates
automated key management when the ike service
is enabled.
|
in.iked(1M)
|
/usr/sbin/ikeadm command
|
IKE administration command
for viewing and modifying the IKE policy.
|
ikeadm(1M)
|
/usr/sbin/ikecert command
|
Certificate database management
command for manipulating local databases that hold public key certificates.
The databases can also be stored on an attached Sun Crypto Accelerator 4000 board.
|
ikecert(1M)
|
/etc/inet/ike/config file
|
Default configuration file for the IKE policy in the /etc/inet directory.
Contains the site's rules for matching inbound IKE requests and preparing
outbound IKE requests.
If this
file exists, the in.iked daemon starts when the ike service
is enabled. The location of this file can be changed by the svccfg command.
|
ike.config(4)
|
ike.preshared file
|
Preshared keys file in the /etc/inet/secret directory. Contains secret keying material for authentication
in the Phase 1 exchange. Used when configuring IKE with preshared keys.
|
ike.preshared(4)
|
ike.privatekeys directory
|
Private keys directory
in the /etc/inet/secret directory.
Contains the private keys that are part of a public-private key pair.
|
ikecert(1M)
|
publickeys directory
|
Directory in the /etc/inet/ike directory
that holds public keys and certificate files. Contains the public key part
of a public-private key pair.
|
ikecert(1M)
|
crls directory
|
Directory in the /etc/inet/ike directory that holds revocation
lists for public keys and certificate files.
|
ikecert(1M)
|
Sun Crypto Accelerator 1000 board
|
Hardware that accelerates public key operations by offloading the operations
from the operating system.
|
ikecert(1M)
|
Sun Crypto Accelerator 4000 board
|
Hardware that accelerates public key operations by offloading the operations
from the operating system. The board also stores public keys, private keys,
and public key certificates.
|
ikecert(1M)
|