PIN Secret » History » Version 10
Tobias Brunner, 25.06.2014 18:03
| 1 | 2 | Martin Willi | h1. PIN Secret |
|---|---|---|---|
| 2 | 1 | Martin Willi | |
| 3 | 10 | Tobias Brunner | The daemon supports multiple PKCS#11 modules ([[PKCS11Plugin|configured in strongswan.conf]]) with the format <code>%smartcard[<slotnr>[@<module>]]:<keyid></code>, it always requires a keyid (CKA_ID) to uniquely select the correct key. |
| 4 | 1 | Martin Willi | |
| 5 | 8 | Tobias Brunner | Instead of specifying the pin code statically, _%prompt_ can be specified, which causes the daemon to ask the user for the pin code e.g. on [[ipseccommand#Reread-Commands|ipsec]] _rereadsecrets_. |
| 6 | 8 | Tobias Brunner | |
| 7 | 2 | Martin Willi | h2. Notation |
| 8 | 1 | Martin Willi | |
| 9 | 3 | Tobias Brunner | : PIN _<smartcard selector>_ _<pin code>_ | _%prompt_ |
| 10 | 2 | Martin Willi | |
| 11 | 1 | Martin Willi | h2. Examples |
| 12 | 1 | Martin Willi | |
| 13 | 7 | Tobias Brunner | <pre> |
| 14 | 6 | Tobias Brunner | : PIN %smartcard1:50 1234 |
| 15 | 6 | Tobias Brunner | |
| 16 | 9 | Tobias Brunner | : PIN %smartcard1@opensc:45 %prompt |
| 17 | 1 | Martin Willi | </pre> |
| 18 | 8 | Tobias Brunner | |
| 19 | 8 | Tobias Brunner | h2. Before [[5.0.0]] |
| 20 | 8 | Tobias Brunner | |
| 21 | 8 | Tobias Brunner | Before [[5.0.0]] the IKEv1 daemon pluto used the format @%smartcard[<slotnr>[:<keyid>]]@ to specify the smartcard selector. |