PIN Secret » History » Version 9
Version 8 (Tobias Brunner, 31.01.2013 11:30) → Version 9/10 (Tobias Brunner, 25.06.2014 18:01)
h1. PIN Secret
The daemon supports multiple modules (configured in [[PKCS11Plugin|strongswan.conf]]) with the format <code>%smartcard[<slotnr>[@<module>]]:<keyid></code>, it always requires a keyid (CKA_ID) to uniquely select the correct key.
Instead of specifying the pin code statically, _%prompt_ can be specified, which causes the daemon to ask the user for the pin code e.g. on [[ipseccommand#Reread-Commands|ipsec]] _rereadsecrets_.
h2. Notation
: PIN _<smartcard selector>_ _<pin code>_ | _%prompt_
h2. Examples
<pre>
: PIN %smartcard1:50 1234
: PIN %smartcard1@opensc:45 %smartcard@opensc:45 %prompt
</pre>
h2. Before [[5.0.0]]
Before [[5.0.0]] the IKEv1 daemon pluto used the format @%smartcard[<slotnr>[:<keyid>]]@ to specify the smartcard selector.
The daemon supports multiple modules (configured in [[PKCS11Plugin|strongswan.conf]]) with the format <code>%smartcard[<slotnr>[@<module>]]:<keyid></code>, it always requires a keyid (CKA_ID) to uniquely select the correct key.
Instead of specifying the pin code statically, _%prompt_ can be specified, which causes the daemon to ask the user for the pin code e.g. on [[ipseccommand#Reread-Commands|ipsec]] _rereadsecrets_.
h2. Notation
: PIN _<smartcard selector>_ _<pin code>_ | _%prompt_
h2. Examples
<pre>
: PIN %smartcard1:50 1234
: PIN %smartcard1@opensc:45 %smartcard@opensc:45 %prompt
</pre>
h2. Before [[5.0.0]]
Before [[5.0.0]] the IKEv1 daemon pluto used the format @%smartcard[<slotnr>[:<keyid>]]@ to specify the smartcard selector.