[strongSwan] Two questions about swanctl.conf
Tobias Brunner
tobias at strongswan.org
Mon May 13 14:18:26 CEST 2019
Hi,
> Can swanctl ask interactively for the password if not inserted in the conf file?
It does prompt for passwords for private keys if they are not found in
the config. But it can't load shared secrets that way.
> Does this guide apply to swanctl too? Cause currently I'm root-only
>
> https://wiki.strongswan.org/projects/strongswan/wiki/ReducedPrivileges
Not directly, but if the daemon doesn't run as root (which e.g. changes
the ownership of the VICI UNIX socket), then this has to be considered
when using swanctl.
Regards,
Tobias
More information about the Users
mailing list