Tobias Heider <tobias.heider@stusta.de> wrote:
> On Wed, Mar 01, 2023 at 01:38:24PM +0000, Stuart Henderson wrote:
> > On 2023/03/01 14:21, Tobias Heider wrote:
> > > On Wed, Mar 01, 2023 at 09:24:50AM -0000, Stuart Henderson wrote:
> > > > On 2023-03-01, J Doe <general@nativemethods.com> wrote:
> > > > > Hello,
> > > > >
> > > > > I have a question regarding authentication options in OpenIKED on
> > > > > OpenBSD 7.2
> > > > >
> > > > > On my test lab I have one OpenBSD 7.2 machine with OpenIKED configured
> > > > > to use PSK and a macOS 13.2.1 client that can connect to it.
> > > > >
> > > > > I read in: man iked.conf that PSK should not be used, so I am now
> > > >
> > > > I don't see that in the iked.conf manual. There is some reference to not
> > > > using psk in /etc/examples/iked.conf but it's not clear whether that's
> > > > because of the need to share a single psk with all endpoints connecting
> > > > via the same iked.conf configuration line (certainly a problem when
> > > > you have multiple users from unknown IPs but perhaps not if used for
> > > > separately-configured lan-to-lan tunnels with strong randomly generated
> > > > psks) or whether it's something else.
> > >
> > > We should probably remove that comment.
> >
> > Wondering if we should actually remove the whole examples/iked.conf
> > file, it doesn't seem hugely useful..
> >
>
> I don't think I have ever used it. ok with me if no one objects.
There are no lessons or hints about format of the file found in there,
are there? Everyorne reads the manual page and starts from scratch?
I was also trying to read the iked manual page, and I got confused.
Delete it at the same time?
How about we delete the entire examples directory? And for every one
of these commands remove this educational piece and force people to
start from first principles as described in the respective manual pages?
I want to point out: Of course you never used it. I never used it either.
The file doesn't exist for you or I.
No comments:
Post a Comment