authby=pubkey is now the default authentication4.3.2

author: Andreas Steffen <andreas@strongswan.org> 2009-06-19 10:41:38 +0200
committer: Andreas Steffen <andreas@strongswan.org> 2009-06-19 10:41:38 +0200
commit: c7f76958d7017fa7595c64e7142c765887b58407 (patch)
tree: 28dabb63ee4d7918675ab16936906b64f452b52e /src/starter/ipsec.conf.5
parent: 1694e82c7c7524d4bac99b40bbc35f4dae933524 (diff)
download: strongswan-c7f76958d7017fa7595c64e7142c765887b58407.tar.bz2
strongswan-c7f76958d7017fa7595c64e7142c765887b58407.tar.xz
1 files changed, 8 insertions, 5 deletions
diff --git a/src/starter/ipsec.conf.5 b/src/starter/ipsec.conf.5
index ee830bff3..31e676324 100644
--- a/src/starter/ipsec.conf.5
+++ b/src/starter/ipsec.conf.5
@@ -238,13 +238,16 @@ acceptable values are
 .B secret
 or
 .B psk
-for shared secrets,
+for pre-shared secrets,
+.B pubkey
+(the default) for public key signatures as well as the synonyms
 .B rsasig
-for RSA digital signatures (the default),
-.B secret|rsasig
-for either, and
+for RSA digital signatures and
+.B ecdsasig
+for Elliptic Curve DSA signatures.
 .B never
-if negotiation is never to be attempted or accepted (useful for shunt-only conns).
+can be used if negotiation is never to be attempted or accepted (useful for
+shunt-only conns).
 Digital signatures are superior in every way to shared secrets. 
 IKEv1 additionally supports the values
 .B xauthpsk
author	Andreas Steffen <andreas@strongswan.org>	2009-06-19 10:41:38 +0200
committer	Andreas Steffen <andreas@strongswan.org>	2009-06-19 10:41:38 +0200
commit	c7f76958d7017fa7595c64e7142c765887b58407 (patch)
tree	28dabb63ee4d7918675ab16936906b64f452b52e /src/starter/ipsec.conf.5
parent	1694e82c7c7524d4bac99b40bbc35f4dae933524 (diff)
download	strongswan-c7f76958d7017fa7595c64e7142c765887b58407.tar.bz2 strongswan-c7f76958d7017fa7595c64e7142c765887b58407.tar.xz