Re: Cisco VPN config files converter
- From: Bastien Nocera <hadess hadess net>
- To: networkmanager list <networkmanager-list gnome org>
- Subject: Re: Cisco VPN config files converter
- Date: Wed, 25 May 2005 08:49:52 +0100
Hey Bill,
On Tue, 2005-05-24 at 15:45 -0400, Bill Moss wrote:
> Not all Cisco VPN profiles (*.pcf) files will converter. Clemson uses a
> profile with an encrypted Group password (Secret). The encryption is
> suppose to provide extra security but due to a bug in an early version
> of the Cisco VPN client, it is easy to decode the Group password and
> obtain the Secret. Cisco will eventually plug this hole but this will
> also break backwards compatibility of Cisco VPN clients. Cisco doesn't
> seem to be moving too fast on this issue. Since the Secret is kind of a
> joke now, many schools just publish their Secret and depend on username
> and password.
>
> My point is for NM users at Clemson, import of a Cisco VPN profile will
> have to be followed by a manual edit of the Secret. If the user is not
> aware that he has to do this, then his first attempt at a VPN connection
> may fail. So the question is how to inform the user. Should the
> converter inform the reader that the Secret was not available?
Check out the converter again, it will either use the non-encrypted
secret, or use a script on vpnc's home page to get the clear-text secret
key from the encrypted secret key.
We might have to ask Maurice if we can move the script somewhere else if
a lot of people are going to use it, but it certainly did work in my
lame tests.
Cheers
--
Bastien Nocera <hadess hadess net>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
