OpenBSD Releases Openiked 7.3 for IKEV2 Protocol Implementation
OpenBSD published the production of the project openked 7.3, which focuses on developing the implementation of the IKEV2 protocol. Previously a part of the OpenBSD IPSEC stack, the IKEV2 components have been allocated into a separate transferred package, allowing them to be used in other operating systems as well. Openiked has been tested in FreeBSD, NetBSD, MacOS, and various Linux distributions, including Arch, Debian, Fedora, and Ubuntu. The code is written in the si language and is distributed under the ISC license.
Openiked enables the creation of virtual private networks based on IPSEC. The IPSEC stack comprises two main protocols: the key exchange protocol (IKE) and the encrypted traffic transmission protocol (ESP). Openiked implements authentication, security policy settings, and the ESP traffic encryption protocol used by most systems. It supports several authentication methods, including pre-installed keys, EAP MSCHAPV2 with X.509 certificates, and RSA and ECDSA open keys.
The new version of Openiked, 7.3, includes several enhancements and improvements:
| Enhancement | Details |
|---|---|
| Added tunnels support | Support for tunnels has been added, allowing the routing of IPSEC traffic via the SEC network interface in OpenBSD. This eliminates the need to rely on SPD (IPSEC SECURITY POLICY DATABASE rules) when creating VPN endpoints. For more information, see the OpenBSD man page and the article |