When you create preshared keys manually, the keys are stored in files in the /etc/inet/secret directory. The ike.preshared file contains the preshared keys for the Phase 1 exchange when you configure a rule in the ike/config to use preshared keys. The ipseckeys file contains the preshared keys that are used to protect IP packets. The files are protected at 0600. The secret directory is protected at 0700.
Because the preshared keys are used to authenticate the Phase 1 exchange, the file must be valid before the in.iked daemon starts.
For examples of manually managing IPsec keys, see How to Manually Create IPsec Keys.