[strongSwan] Two questions about swanctl.conf
xalloc
xalloc at protonmail.com
Mon May 13 09:33:42 CEST 2019
1) Is there a "more secure" way to store the per-user psk password in swanctl.conf file?
Reading your swanctl.conf guide https://wiki.strongswan.org/projects/strongswan/wiki/Swanctlconf#secrets-section
"It is not recommended to define any private key decryption passphrases, as then there is no real security benefit in having encrypted keys. Either store the key unencrypted or enter the keys manually when loading credentials."
Maybe I'm misreading that sentence. I just have the plain password.
2) In the pools section, is there a way to define the default localdomain-search variable?
Thank you
More information about the Users
mailing list