1) Is there a "more secure" way to store the per-user psk password in swanctl.conf file? Reading your swanctl.conf guide https://wiki.strongswan.org/projects/strongswan/wiki/Swanctlconf#secrets-section
"It is not recommended to define any private key decryption passphrases, as then there is no real security benefit in having encrypted keys. Either store the key unencrypted or enter the keys manually when loading credentials." Maybe I'm misreading that sentence. I just have the plain password. 2) In the pools section, is there a way to define the default localdomain-search variable? Thank you
