IKE (ISAKMP/Oakley) key management daemon
Syntax:
racoon [-BdFLv46] [-f configfile] [-l logfile] [-p isakmp-port]
[-P isakmp-natt-port]
Options:
- -4 or -6
- Specify the default address family for the sockets.
- -B
- Install security association(s) from the file that is specified in
/etc/racoon/racoon.conf.
- -d
- Increase the debug level. Each additional d increases the debug level.
- -F
- Run racoon in the foreground.
- -f configfile
- Use configfile as the configuration file instead of the default.
The default configuration file is /etc/racoon/racoon.conf.
- -L
- Include file_name:line_number:function_name
in all messages.
- -l logfile
- Use logfile as the logging file instead of syslogd.
- -P isakmp-natt-port
- Use isakmp-natt-port for NAT-Traversal port-floating.
The default is 4500.
- -p isakmp-port
- Listen to ISAKMP key exchange on port isakmp-port instead of the
default port number, 500.
- -v
- Cause the packet dump to be more verbose, with a higher debugging level.
Description:
The racoon daemon speaks IKE (ISAKMP/Oakley) key management
protocol, to establish security association with other hosts.
The SPD (Security Policy Database) in the kernel usually triggers to start racoon.
Note: This utility is PAM-aware and supported by the PAM framework. This utility parses its
configuration files before PAM does and requires additional configuration to enable PAM. For
more information about how QNX Neutrino uses the OpenPAM framework, see the
Security Developer's Guide.
Files:
- /etc/racoon/racoon.conf
- Default configuration file for racoon.
Exit status:
- 0
- Success.
- > 0
- An error occurred.
Contributing author:
OpenSSL Project
License:
This utility is based on OpenSSL Project software;
for licensing information, see
Licensing information
in Typographical Conventions, Support, and Licensing.