Whenever attempting to set up the VPN, I reveieve an error:
Failed to generate key : /usr/sbin/ipsec: unknown IPsec command newhostkey' (ipsec --help' for list)
newhostkey' (
I cannot do it via SSH either
See the changelog that "newhostkey" was removed in strongswan version 2.6.0.
Is there a replacement for the newhostkey command?
newhostkey
So whats the solution?
I have seen endless need for this answer because folks trying to use Strongswan from within Webmin, has an issue. I have been using Webmin since v 0.75, and the VPN module is the first module that has never worked.
Here's Andreas' reply ten years ago: https://users.strongswan.narkive.com/IMUCTU8H/generating-rsa-digital-signature-for-ipsec-secrets I quote Andreas (the developer), "Hello Mohit, strongSwan does not actively support this clumsy FreeS/WAN / Openswan raw RSA key format anymore. You can achieve the same with self-signed locally-imported certificates.
Here's is the Digital Ocean Tutorial for setting up Strongswan VPN, which has current and accurate details for creating the host keys and certs required, using the commands Andreas suggested but gave no examples of. https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-18-04-2
Once I added the keys and certs as outlined, the VPN module still doesn't recogize there is now content (key) in /etc/ipsec.secrets
Will this ever be resolved? Still having the same issue in (late) 2020.
Will this ever be resolved? Still having the same issue in (late) 2023.
Will this ever be resolved? Still having the same issue in 2024.
Log in to post a comment.
See the changelog that "newhostkey" was removed in strongswan version 2.6.0.
Is there a replacement for the
newhostkey
command?So whats the solution?
I have seen endless need for this answer because folks trying to use Strongswan from within Webmin, has an issue. I have been using Webmin since v 0.75, and the VPN module is the first module that has never worked.
Here's Andreas' reply ten years ago:
https://users.strongswan.narkive.com/IMUCTU8H/generating-rsa-digital-signature-for-ipsec-secrets
I quote Andreas (the developer),
"Hello Mohit,
strongSwan does not actively support this clumsy FreeS/WAN / Openswan
raw RSA key format anymore. You can achieve the same with self-signed
locally-imported certificates.
Here's is the Digital Ocean Tutorial for setting up Strongswan VPN, which has current and accurate details for creating the host keys and certs required, using the commands Andreas suggested but gave no examples of.
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-18-04-2
Once I added the keys and certs as outlined, the VPN module still doesn't recogize there is now content (key) in /etc/ipsec.secrets
Will this ever be resolved? Still having the same issue in (late) 2020.
Will this ever be resolved? Still having the same issue in (late) 2023.
Will this ever be resolved? Still having the same issue in 2024.