Remove obsolete pluto smartcard syntax in ipsec.secrets.5
This commit is contained in:
parent
f6d8fb3687
commit
cd844e1c97
|
@ -155,14 +155,11 @@ The format of \fIsecret\fP is the same as that of \fBPSK\fP secrets.
|
|||
The format of \fIpassword\fP is the same as that of \fBPSK\fP secrets.
|
||||
\fBXAUTH\fP secrets are IKEv1 only.
|
||||
.TP
|
||||
.B : PIN <smartcard selector> <pin code> | %prompt
|
||||
IKEv1 uses the format
|
||||
.B "%smartcard[<slot nr>[:<key id>]]"
|
||||
to specify the smartcard selector (e.g. %smartcard1:50).
|
||||
The IKEv2 daemon supports multiple modules with the format
|
||||
.B "%smartcard[<slot nr>[@<module>]]:<keyid>"
|
||||
, but always requires a keyid to uniquely select the correct key. Instead of
|
||||
specifying the pin code statically,
|
||||
.B : PIN %smartcard[<slot nr>[@<module>]]:<keyid> <pin code> | %prompt
|
||||
The smartcard selector always requires a keyid to uniquely select the correct
|
||||
key. The slot number defines the slot on the token, the module name refers to
|
||||
the module name defined in strongswan.conf(5).
|
||||
Instead of specifying the pin code statically,
|
||||
.B %prompt
|
||||
can be specified, which causes the daemons to ask the user for the pin code.
|
||||
.LP
|
||||
|
|
Loading…
Reference in New Issue