The length of pre-shared key is from 8 to 63 characters. Finding a key with random 20 characters by the brute force method is impossible at a convenient time unless the passphrase is in the dictionary. For the purpose of demonstration, we are going to brute force a passphrase with 9 characters.

  • Generate a pre shared key (PSK) for use in this VPN. PSK is really not a password, it's a key and you must make absolutely sure it is transferred to remote end in a secure way by using PGP/GPG or ssh. Secure PSK should be at. Chapter 11 IPsec VPN for FortiOS 5.0: Auto Key phase 1 parameters.
  • A pre-shared key setup allows you to login to the server (via SSH) without the need for a password and (optionally) only allows access to those users who can display the valid key to the server. They are as close to bulletproof as it gets for SSH. First, you will need a public/private key pair.
Pre

Generate Pre Shared Key Online

Generate pre shared key online loginGenerator

Generate Pre Shared Key Online Generator

  1. Go to Certificates > Certificates and click Add.
  2. For Action, select Generate self-signed certificate.
  3. Specify the certificate details.

    Name

    Description

    Name

    Enter a name.

    Valid until

    Specify the certificate’s validity period.

    Key type

    Select from the following:

    • RSA
    • Elliptic curve

    Key length

    If you’ve set the key type to RSA, select the key length. It's the number of bits used to construct the key.

    Larger keys offer greater security, but it takes longer to encrypt and decrypt data.

    Curve name

    If you’ve set the key type to Elliptic curve, select the curve name.

    Do not select secp521r1 for websites and the XG Firewall web admin console. A version of Google Chrome does not support the curve on certain operating systems.

    Secure hash

    Select the algorithm from the list.

    Key encryption

    Select key encryption if you want to encrypt the private key.

    Passphrase/PSK

    If you select key encryption, enter a passphrase or a pre-shared key and reconfirm.

    Certificate ID

    Select the type of certificate ID to identify the device and specify the ID.

    • DNS: Enter the domain name. The name must resolve to the IP address in the DNS records.
    • IP address: Use this if you want to use a public IP address that you own.
    • Email: Email address of the contact person.
    • DER ASN1 DN [X.509]: Use this if you want a digital certificate.

    Example certificate detail data is shown below, you will need to enter details for your own domain.

  4. Specify the following identification attributes:

    Name

    Description

    Country name

    Country in which the device is deployed.

    State

    The state within the country.

    Locality name

    Name of the city.

    Organization name

    Name of the certificate owner. Example: Sophos Group

    Organization unit name

    Name of the department to which the certificate will be assigned. Example: marketing

    Common name

    Common name or FQDN. Example: marketing.sophos.com

    Email address

    Contact person’s email address.

    Example ID attributes are shown below, you will need to enter details for your own organization.

  5. Select Save to generate the self-signed certificate.
Generate Pre Shared Key Online

Generate Pre Shared Key Online Games

Download this certificate and send it to the remote peer with whom you want to establish the connection.