On 2023/03/01 14:21, Tobias Heider wrote: > On Wed, Mar 01, 2023 at 09:24:50AM -0000, Stuart Henderson wrote: > > On 2023-03-01, J Doe <[email protected]> wrote: > > > Hello, > > > > > > I have a question regarding authentication options in OpenIKED on > > > OpenBSD 7.2 > > > > > > On my test lab I have one OpenBSD 7.2 machine with OpenIKED configured > > > to use PSK and a macOS 13.2.1 client that can connect to it. > > > > > > I read in: man iked.conf that PSK should not be used, so I am now > > > > I don't see that in the iked.conf manual. There is some reference to not > > using psk in /etc/examples/iked.conf but it's not clear whether that's > > because of the need to share a single psk with all endpoints connecting > > via the same iked.conf configuration line (certainly a problem when > > you have multiple users from unknown IPs but perhaps not if used for > > separately-configured lan-to-lan tunnels with strong randomly generated > > psks) or whether it's something else. > > We should probably remove that comment.
Wondering if we should actually remove the whole examples/iked.conf file, it doesn't seem hugely useful..
