The code treats a password of <configdir>/nsspassword as special: it signifies that the password should come from that file.
That was undocumented in rsasigkey(8), so I've fixed that. But I think that this is very odd. Probably a mistake. - it uses inband signalling, really dumb in security contexts - the signal is awkward to type and depends on knowing the <configdir> Surely it would be better to have a different flag for this purpose. Perhaps --passwordfile. _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
