# /usr/local/sbin/ipsec showhostkey --left
-------------------------
# /usr/local/sbin/ipsec newhostkey --output - >> /etc/ipsec.secrets
-------------------------
# /usr/local/sbin/ipsec showhostkey --txt @colossus.nnc
; RSA 2192 bits   colossus   Mon Jul 13     03:02:07 2004
        IN      TXT     "X-IPsec-Server(10)=@colossus.nnc" " 
AQOR7rM7ZMBXu2ej/1vtzhNnMayZO1jwVHUyAIubTKpd/
PyTMogJBAdbb3I0xzGLaxadPGfiqPN2AQn76zLIsYFMJnoMbBTDY/2xK1X/
pWFRUUIHzJUqCBIijVWEMLNrIhdZbei1s5/
MgYIPaX20UL+yAdxV4RUU3JJQhV7adVzQqEmdaNUnCjZOvZG6m4zv6dGROrVEZmJFP54v6WhckYf
qSkQu3zkctfFgzJ/rMTB6Y38yObyBg2HuWZMtWI" 
"8VrTQqi7IGGHK+mWk+wSoXer3iFD7JxRTzPOxLk6ihAJMibtKna3j7QP9ZHG0nm7NZ/
L5M9VpK+Rfe+evUUMUTfAtSdlpus2BIeXGWcPfz6rw305H9"
-------------------------
include /etc/ipsec.d/examples/no_oe.conf
-------------------------
# /usr/local/sbin/ipsec verify
Checking your system to see if IPsec got installed and started correctly
Version check and ipsec on-path                             [OK]
Checking for KLIPS support in kernel                        [OK]
Checking for RSA private key (/etc/ipsec.secrets)           [OK]
Checking that pluto is running                              [OK]
DNS checks. 
Looking for TXT in forward map: colossus                    [OK]
Does the machine have at least one non-private address      [OK]
-------------------------
# /etc/init.d/ipsec restart
-------------------------
# ipsec showhostkey --txt 192.168.0.64
; RSA 2192 bits   colossus   Tue Jan 13 03:02:07 2004
        IN      TXT     "X-IPsec-Server(10)=192.168.0.64" " 
AQOR7rM7ZMBXu2ej/1vtzhNnMayZO1jwVHUyAIubTKpd/
PyTMogJBAdbb3I0xzGLaxadPGfiqPN2AQn76zLIsYFMJnoMbBTDY/2xK1X/
pWFRUUIHzJUqCBIijVWEMLNrIhdZbei1s5/
MgYIPaX20UL+yAdxV4RUU3JJQhV7adVzQqEmdaNUnCjZOvZG6m4zv6dGROrVEZmJFP54v6WhckYf
qSkQu3zkctfFgzJ/rMTB6Y38yObyBg2HuWZMtWI"
"8VrTQqi7IGGHK+mWk+wSoXer3iFD7JxRTzPOxLk6ihAJMibtKna3j7QP9ZHG0nm7NZ/
L5M9VpK+Rfe+evUUMUTfAtSdlpus2BIeXGWcPfz6rw305H9"
