[Swan] IKEv2 PAM auth failure - how it's done properly?

Manfred mx2927 at gmail.com
Fri Jan 21 15:52:23 EET 2022

On 1/20/2022 10:08 AM, Mirsad Goran Todorovac wrote:
> Hello,
> I have installed the IKEv2 VPN connection at my colleague's laptop and 
> he disappointingly noticed that there is no password authentication in 
> addition to certificate.
> This is also akward because we would have to change all certificates if 
> i.e. one laptop configured for the Faculty VPN was lost or stolen. :-(

I don't think this is right. The certificate system (in general, not 
libreswan's specifically) is explicitly designed so that you don't have 
to do that.
Ref CRL (Certificate Revocation List).

More information about the Swan mailing list