As previously mentioned, CIPE incorporates a secure combination of static link keys and encrypted traffic to create a secure tunnel over carrier networks such as the Internet. The use of static link keys provide a common point of reference for two CIPE-enabled networks to pass information securely. Therefore, it is imperative that both CIPE-enabled network gateways share the exact same key, or CIPE communication will not be possible.
Generating CIPE keys requires knowledge of what kind of keys are compatible. Random alphanumeric generators do not work. Static keys must be 128-bit, 32-character strings. These can be created by running the following command, which uses od to create a hexadecimal key using the /dev/random random number device:
od -N 16 /dev/random -t x4 | awk '{print $2 $3 $4 $5}' |
Place the output in the /etc/cipe/options.cipcb0 file for all CIPE servers and clients.