AH man page on Solaris

Man page or keyword search:  
man Server   20652 pages
apropos Keyword Search (all sections)
Output format
Solaris logo
[printable version]

ipsecah(7P)			   Protocols			   ipsecah(7P)

NAME
       ipsecah, AH - IPsec Authentication Header

SYNOPSIS
       drv/ipsecah

DESCRIPTION
       The ipsecah module (AH) provides strong integrity,  authentication, and
       partial sequence integrity (replay protection) to IP datagrams. AH pro‐
       tects  the parts of the IP datagram that can be predicted by the sender
       as it will be received by the receiver. For example, the IP  TTL	 field
       is not a predictable field, and is not protected by AH.

       AH  is  inserted	 between  the  IP header and the transport header. The
       transport header can be	TCP,  UDP, ICMP, or another IP header, if tun‐
       nels are	 being used. See tun(7M).

   AH Device
       AH  is  implemented  as	a module that is auto-pushed on top of IP. The
       entry /dev/ipsecah is used for tuning AH with ndd(1M).

   Authentication Algorithms
       Current authentication algorithms supported include HMAC-MD5 and	 HMAC-
       SHA-1.  Each authentication algorithm has its own key size and key for‐
       mat properties. You can obtain a list of authentication algorithms  and
       their  properties  by using the ipsecalgs(1M) command. You can also use
       the functions described in  the	getipsecalgbyname(3NSL)	 man  page  to
       retrieve the properties of algorithms.

   Security Considerations
       Without	replay protection enabled, AH is vulnerable to replay attacks.
       AH does not protect against eavesdropping. Data protected with  AH  can
       still be seen by an adversary.

ATTRIBUTES
       See attributes(5)  for descriptions of the following attributes:

       ┌─────────────────────────────┬─────────────────────────────┐
       │      ATTRIBUTE TYPE	     │	    ATTRIBUTE VALUE	   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Availability		     │SUNWcsr			   │
       │Interface Stability	     │Evolving			   │
       └─────────────────────────────┴─────────────────────────────┘

SEE ALSO
       ipsecalgs(1M),  ipsecconf(1M),  ndd(1M),	 attributes(5), getipsecalgby‐
       name(3NSL), tun(7M), ip(7P), ipsec(7P), ipsecesp(7P)

       Kent, S. and Atkinson, R.RFC 2402, IP Authentication Header, The Inter‐
       net Society, 1998.

SunOS 5.10			  20 May2003			   ipsecah(7P)
[top]

List of man pages available for Solaris

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net