IKE Administration Command
You can use the ikeadm command to do the following:
-
View aspects of the IKE daemon process
-
Change the parameters that are passed to the IKE daemon
-
Display statistics
-
Debug IKE processes
See the ikeadm(1M) man page for examples and a full description of its options. The privilege level of the running IKE daemon determines what aspects of the IKE daemon can be viewed and be modified. You can choose from three levels of privilege.
- 0x0, or base level
-
At the base level of privilege, you cannot view keying material. You also cannot modify the material. The base level is the default level at which the in.iked daemon runs.
- 0x1, or modkeys level
-
At the modkeys level of privilege, you can remove, change, and add pre-shared keys.
- 0x2, or keymat level
-
At the keymat level of privilege, you can view the actual keying material with the ikeadm command.
The security considerations for the ikeadm command are similar to the considerations for the ipseckey command. See Security Considerations for ipseckey for details.
- © 2010, Oracle Corporation and/or its affiliates