Document Information
Preface
Part I TCP/IP Administration
1. Solaris TCPIP Protocol Suite (Overview)
2. Planning an IPv4 Addressing Scheme (Tasks
3. Planning an IPv6 Addressing Scheme (Overview)
4. Planning an IPv6 Network (Tasks)
5. Configuring TCP/IP Network Services and IPv4 Addressing (Tasks)
6. Administering Network Interfaces (Tasks)
7. Enabling IPv6 on a Network (Tasks)
8. Administering a TCP/IP Network (Tasks)
9. Troubleshooting Network Problems (Tasks)
10. TCP/IP and IPv4 in Depth (Reference)
11. IPv6 in Depth (Reference)
Part II DHCP
12. About Solaris DHCP (Overview)
13. Planning for DHCP Service (Tasks)
14. Configuring the DHCP Service (Tasks)
15. Administering DHCP (Tasks)
16. Configuring and Administering DHCP Clients
17. Troubleshooting DHCP (Reference)
18. DHCP Commands and Files (Reference)
Part III IP Security
19. IP Security Architecture (Overview)
20. Configuring IPsec (Tasks)
21. IP Security Architecture (Reference)
22. Internet Key Exchange (Overview)
What's New in IKE?
Key Management With IKE
IKE Key Negotiation
IKE Configuration Choices
IKE and Hardware Acceleration
IKE and Hardware Storage
Changes to IKE for the Solaris 10 Release
23. Configuring IKE (Tasks)
24. Internet Key Exchange (Reference)
25. Solaris IP Filter (Overview)
26. Solaris IP Filter (Tasks)
Part IV Mobile IP
27. Mobile IP (Overview)
28. Administering Mobile IP (Tasks)
29. Mobile IP Files and Commands (Reference)
Part V IPMP
30. Introducing IPMP (Overview)
31. Administering IPMP (Tasks)
Part VI IP Quality of Service (IPQoS)
32. Introducing IPQoS (Overview)
33. Planning for an IPQoS-Enabled Network (Tasks)
34. Creating the IPQoS Configuration File (Tasks)
35. Starting and Maintaining IPQoS (Tasks)
36. Using Flow Accounting and Statistics Gathering (Tasks)
37. IPQoS in Detail (Reference)
Glossary
Index
|
IKE Utilities and Files
The following table summarizes the configuration files for IKE policy, the storage locations
for IKE keys, and the various commands that implement IKE. Table 22-2 IKE Configuration Files, Key Storage Locations, and CommandsFile, Command, or Location |
Description |
For
More Information |
|---|
/usr/lib/inet/in.iked daemon |
Internet Key Exchange (IKE) daemon. Activates automated key management. |
in.iked(1M) |
/usr/sbin/ikeadm command |
IKE
administration command for viewing and modifying the IKE policy. |
ikeadm(1M) |
/usr/sbin/ikecert command |
Certificate database management
command for manipulating local databases that hold public key certificates. The databases can
also be stored on an attached Sun Crypto Accelerator 4000 board. |
ikecert(1M) |
ike/config file |
Configuration file
for the IKE policy in the /etc/inet directory. Contains the site's rules for
matching inbound IKE requests and preparing outbound IKE requests. If this file exists,
the in.iked daemon starts automatically at boot time. |
ike.config(4) |
ike.preshared file |
Preshared keys file in the
/etc/inet/secret directory. Contains secret keying material for authentication in the Phase 1 exchange.
Used when configuring IKE with preshared keys. |
ike.preshared(4) |
ike.privatekeys directory |
Private keys directory in the
/etc/inet/secret directory. Contains the private keys that are part of a public-private key
pair. |
ikecert(1M) |
publickeys directory |
Directory in the /etc/inet/ike directory that holds public keys and certificate files.
Contains the public key part of a public-private key pair. |
ikecert(1M) |
crls directory |
Directory in the
/etc/inet/ike directory that holds revocation lists for public keys and certificate files. |
ikecert(1M) |
Sun Crypto
Accelerator 1000 board |
Hardware that accelerates public key operations by offloading the operations from
the operating system. |
ikecert(1M) |
Sun Crypto Accelerator 4000 board |
Hardware that accelerates public key operations
by offloading the operations from the operating system. The board also stores public
keys, private keys, and public key certificates. |
ikecert(1M) |
|