【发布时间】:2016-08-22 17:02:20
【问题描述】:
无法确定 linux 内核 4.4 是否支持使用 AES GMAC 的 IPSEC AH 传输。
尝试各种“ip xfrm state”命令组合,但没有成功。这实现了吗?
Try 1 sudo ip xfrm state add src 192.168.0.1 dst 192.168.0.2 proto ah spi 100 mode transport auth "rfc4106(gcm(aes))" 0x010203047aeaca3f87d060a12f4a4487d5a5c335 RTNETLINK answers: Function not implemented
Try 2 sudo ip xfrm state add src 192.168.0.1 dst 192.168.0.2 proto ah spi 100 reqid 100 mode transport aead "rfc4543(gcm(aes))" 0x010203047aeaca3f87d060a12f4a4487d5a5c335 128 ALGO-TYPE values "enc", "aead", and "comp" are invalid with XFRM-PROTO value "ah"
【问题讨论】:
标签: linux cryptography ipsec