Key Management
A security association contains the following information:
-
Material for keys for encryption and authentication
-
The algorithms that can be used
-
The identities of the endpoints
-
Other parameters that are used by the system
SAs require keying material for authentication and encryption. The managing of keying material that SAs require is called key management. The Internet Key Exchange (IKE) protocol handles key management automatically. You can also manage keys manually with the ipseckey command. SAs on IPv4 and IPv6 packets can use automatic key management.
See IKE Overview, for how IKE manages cryptographic keys automatically. See Keying Utilities, for how you can manually manage the cryptographic keys by using the ipseckey command. The ipseckey(1M) man page provides a detailed description of the command options.
- © 2010, Oracle Corporation and/or its affiliates