diff options
| author | Yves-Alexis Perez <corsac@corsac.net> | 2012-06-28 21:16:07 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@corsac.net> | 2012-06-28 21:16:07 +0200 |
| commit | b34738ed08c2227300d554b139e2495ca5da97d6 (patch) | |
| tree | 62f33b52820f2e49f0e53c0f8c636312037c8054 /man/ipsec.secrets.5 | |
| parent | 0a9d51a49042a68daa15b0c74a2b7f152f52606b (diff) | |
| download | vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.tar.gz vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.zip | |
Imported Upstream version 4.6.4
Diffstat (limited to 'man/ipsec.secrets.5')
| -rw-r--r-- | man/ipsec.secrets.5 | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/man/ipsec.secrets.5 b/man/ipsec.secrets.5 index 993b2ad10..c7c092502 100644 --- a/man/ipsec.secrets.5 +++ b/man/ipsec.secrets.5 @@ -1,4 +1,4 @@ -.TH IPSEC.SECRETS 5 "2010-05-30" "4.5.2" "strongSwan" +.TH IPSEC.SECRETS 5 "2011-12-14" "4.6.2dr3" "strongSwan" .SH NAME ipsec.secrets \- secrets for IKE/IPsec authentication .SH DESCRIPTION @@ -124,12 +124,17 @@ whitespace). .SS TYPES OF SECRETS .TP .B [ <selectors> ] : PSK <secret> -A preshared secret is most conveniently represented as a sequence of -characters, delimited by double-quote characters (\fB"\fP). -The sequence cannot contain a newline or double-quote. -Strictly speaking, the secret is actually the sequence -of bytes that is used in the file to represent the sequence of -characters (excluding the delimiters). +A preshared \fIsecret\fP is most conveniently represented as a sequence of +characters, which is delimited by double-quote characters (\fB"\fP). +The sequence cannot contain newline or double-quote characters. +.br +Alternatively, preshared secrets can be represented as hexadecimal or Base64 +encoded binary values. A character sequence beginning with +.B 0x +is interpreted as sequence of hexadecimal digits. +Similarly, a character sequence beginning with +.B 0s +is interpreted as Base64 encoded binary data. .TP .B [ <selectors> ] : RSA <private key file> [ <passphrase> | %prompt ] .TQ @@ -142,12 +147,12 @@ can be used which then causes the daemons to ask the user for the password whenever it is required to decrypt the key. .TP .B <user id> : EAP <secret> -As with \fBPSK\fP secrets the \fIsecret\fP is a sequence of characters, -delimited by double-quote characters (\fB"\fP). +The format of \fIsecret\fP is the same as that of \fBPSK\fP secrets. .br \fBEAP\fP secrets are IKEv2 only. .TP .B [ <servername> ] <username> : XAUTH <password> +The format of \fIpassword\fP is the same as that of \fBPSK\fP secrets. \fBXAUTH\fP secrets are IKEv1 only. .TP .B : PIN <smartcard selector> <pin code> | %prompt |