Hi Gerald, Martin, >> What I would like to have, is that the user gets ask for username _and_ >> password (maybe with some default username already filled in). Is it >> possible to supply the username via the credential manager or can it >> only be changed in the config, so I have to do it upfront? > > Usually the different identities are part of the configuration. When you > use configurations from ipsec.conf, you currently can't change them > dynamically.
That's not entirely true. There is a (slightly hackish) feature of stroke that allows you to set username and password for configs that are configured for EAP or XAuth (only with [1] or the upcoming 5.0.1) authentication (e.g. with leftauth=eap): ipsec stroke user-creds <conn> <username> [<password>] If the password is not given on the command line the user is prompted for it. The username is not optional, so you'd have to prompt the user yourself to get that (and since it uses the stroke socket, root permission is required to execute this command). And it only works if executed before the connection is started with ipsec up <conn>. Regards, Tobias [1] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=8c19323c _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
