Can I generate files while adding a new user for ikev2 with encryption algorithm ed448 or ed25519?

hwdsl2 / setup-ipsec-vpn

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

Other

24.9k stars 6.28k forks source link

Can I generate files while adding a new user for ikev2 with encryption algorithm ed448 or ed25519? #1544

Closed algoritmsystems closed 5 months ago

algoritmsystems commented 5 months ago

Can I generate files while adding a new user for ikev2 with encryption algorithm ed448 or ed25519? Which algorithm types are supported and how to configure it?

hwdsl2 commented 5 months ago

@algoritmsystems Hello! This is not currently supported. Currently, the IKEv2 script generates certificates with RSA signatures and 3072-bit keys by default. See ikev2setup.sh or /opt/src/ikev2.sh on your server. You may be able to customize the certutil commands to use curve25519, but there may be some bugs that prevent it from working.