Very Computer

As mentioned several weeks ago ipseckey refuses to add an esp key. Here's
an explanation from SUN but where to I get the packages from living outside
the U.S.?

Thomas
P.S. please mail me a copy of follow-up since I'll be on vacation for some
     time

This is not documented anywhere.

The problem is you don't have the DES/3DES encryption packages installed.
The authentication modules are part of Solaris 8, the encryption modules are
not. They will be on a separate CD. You need SUNWcry/SUNWcryx package.

You can use ndd command to verify this:

  # ndd /dev/ipsecesp ipsecesp_status
  ESP status
  ----------
  Authentication algorithms           =   2
  Encryption Algorithms               =   3 <--- This will be 1 without ESP

...

====== PGP fingerprint B1 EE D2 39 2C 82 26 DA  A5 4D E0 50 35 75 9E ED ======

        Thought you got rid of all year 2k bugs and problems?
        Here's a new one: Windows 2000

Quote:> As mentioned several weeks ago ipseckey refuses to add an esp key. Here's
> an explanation from SUN but where to I get the packages from living
outside
> the U.S.?

> Thomas
> P.S. please mail me a copy of follow-up since I'll be on vacation for some
>      time

> This is not documented anywhere.

> The problem is you don't have the DES/3DES encryption packages installed.
> The authentication modules are part of Solaris 8, the encryption modules
are
> not. They will be on a separate CD. You need SUNWcry/SUNWcryx package.

> You can use ndd command to verify this:

>   # ndd /dev/ipsecesp ipsecesp_status
>   ESP status
>   ----------
>   Authentication algorithms           =   2
>   Encryption Algorithms               =   3 <--- This will be 1 without
ESP

> ...

> ====== PGP fingerprint B1 EE D2 39 2C 82 26 DA  A5 4D E0 50 35 75 9E ED
======

> Thought you got rid of all year 2k bugs and problems?
> Here's a new one: Windows 2000

I have exactly the same problem, but in documentation is mentioned, that the
encryption modules will not be available outside the USA.
Now I want to write my own encryption module, but nobody knows the
interface.
Ideas? - please contact me!

Hendrik

According to SUN Germany the approval (US export regs) is on it's way
and the Solaris CDs should be ordered by your sales rep.

Thomas

====== PGP fingerprint B1 EE D2 39 2C 82 26 DA  A5 4D E0 50 35 75 9E ED ======

        Thought you got rid of all year 2k bugs and problems?
        Here's a new one: Windows 2000

You can already order the supplement CD. However,
nobody yet knows when the approval finally will
arrive. This seems to be like, say, getting building
regulations clearance in Germany.

Thomas

|> According to SUN Germany the approval (US export regs) is on it's way
|> and the Solaris CDs should be ordered by your sales rep.
|
| You can already order the supplement CD. However,
| nobody yet knows when the approval finally will
| arrive. This seems to be like, say, getting building
| regulations clearance in Germany.

According to a call from SUN on wednesday the approval arrived on tuesday
so it's just a matter of months till SUN ships them :-/

Thomas

====== PGP fingerprint B1 EE D2 39 2C 82 26 DA  A5 4D E0 50 35 75 9E ED ======

        Thought you got rid of all year 2k bugs and problems?
        Here's a new one: Windows 2000

Here's what I got yesterday (SUN Germany):

- you may order the crypto package with order-number SOLZ9-080N9999
- the cost is around $150  
- it's not part of the Solaris contracts if you have some
- no shipping date known

Thomas

====== PGP fingerprint B1 EE D2 39 2C 82 26 DA  A5 4D E0 50 35 75 9E ED ======

        Thought you got rid of all year 2k bugs and problems?
        Here's a new one: Windows 2000