On Feb 7, 2008 11:09 AM, Christian Weisgerber <[EMAIL PROTECTED]> wrote: > Jason Crawford <[EMAIL PROTECTED]> wrote: > > > While I was reading through the man pages for ipsec.conf and > > ipsecctl, I noticed that for automatic keying there is no way to > > specify any type of key size. I was wondering if anyone know of a way > > to do that, because I am very interested in setting up strong crypto > > ipsec tunnels using AES with 256bit keys, > > You currently can't do this. > Somebody sent a patch for isakmpd to tech@ as a first step towards > adding AES-192 and AES-256 support in ipsecctl, but that hasn't > been picked up yet. >
The person who posted that patch has gotten back to me in private. I currently do not have a test bed for this, but I will see what I can do in the future as I would love to see this commited.
