if you are tired of using racoon, you may want to try it.
(may not work as expected due to PF_KEY differences)
---
This is isakmpd, a BSD-licensed ISAKMP/Oakley (a.k.a. IKE)
implementation. It's written by Niklas Hallqvist and Niels Provos,
funded by Ericsson Radio Systems AB. Currently it is work in
progress, although it can be used for real setups. There are
releases, but this distribution is not a release and is not named with
ordinary version numbers. When you got the source, hopefully the
archive was named with a date which reflects when it was created.
These archives are also known as snapshots and will be created at
irregular intervals and put up on ftp.gsnig.net and ftp.appli.se in
/pub/isakmpd. From Nov 14, 1998 isakmpd is also available in the
OpenBSD main source tree under src/sbin/isakmpd, though slightly
modified because I don't want to carry support files for other OSes in
that distribution. Look at http://www.openbsd.org/ for details on how
to get OpenBSD source.
security/ssh6: IPv4/v6 ready, socks unavailable, kerberos available (not tested)
security/ssh: IPv4 onlyready, socks available, kerberos available (not tested)
should be integrated into one whenever socks support becomes aware of
getaddrinfo/getnameinfo. two directories with tons of patches/patch-* is
a maintenance headache.
file integrity, into the NetBSD packages collection.
It creates a database from the regular expression rules that it finds
from the config file. Once this database is initialized it can be
used to verify the integrity of the files. It has several message
digest algorithms (md5,sha1,rmd160,tiger,haval,etc.) that are used to
check the integrity of the file. More algorithms can be added with
relative ease. All of the usual file attributes can also be checked
for inconsistencies. It can read databases from older or newer
versions. See the manual pages within the distribution for further
info. There is also a beginning of a manual at
http://www.cs.tut.fi/~rammer/aide/manual.html
This package is very similar to tripwire, but without its licen[cs]e
constraints.
Takahiro Kambe <taca@sky.yamashina.kyoto.jp> in pkg/9477.
Changes since 1.0.0:
* New command --verify-files. New option --fast-list-mode.
* $http_proxy is now used when --honor-http-proxy is set.
* Fixed some minor bugs and the problem with conventional encrypted
packets which did use the gpg v3 partial length headers.
* Add Indonesian and Portugese translations.
* Fixed a bug with symmetric-only encryption using the non-default 3DES.
The option --emulate-3des-s2k-bug may be used to decrypt documents
which have been encrypted this way; this should be done immediately
as this workaround will be remove in 1.1
* Can now handle (but not display) PGP's photo IDs. I don't know the
format of that packet but after stripping a few bytes from the start
it looks like a JPEG (at least my test data). Handling of this
package is required because otherwise it would mix up the
self signatures and you can't import those keys.
* Passing non-ascii user IDs on the commandline should now work in all
cases.
* New keys are now generated with an additional preference to Blowfish.
* Removed the GNU Privacy Handbook from the distribution as it will go
into a separate one.
