OpenSolaris

Printable Version Enter a New Search
Bug ID 6219638
Synopsis in.iked(1m) should not have to read PKCS#11 pins off-disk
State 10-Fix Delivered (Fix available in build)
Category:Subcategory network:ipsec
Keywords punchin
Responsible Engineer Paul Wernau
Reported Against
Duplicate Of
Introduced In
Commit to Fix snv_108
Fixed In snv_108
Release Fixed solaris_nevada(snv_108) , solaris_10u8(s10u8_02) (Bug ID:2174846)
Related Bugs 6779306 , 6780866 , 6782288 , 6794856 , 6795173 , 6795174 , 6795175 , 6797489 , 6829651 , 6874983
Submit Date 20-January-2005
Last Update Date 2-April-2009
Description 
Right now, PKCS#11 objects have their PIN stored on-disk in /etc/inet.

This RFE is to allow ikeadm(1m) to feed in the PIN to a running in.iked, so
a PIN does NOT need to be stored on-disk.  This will probably involve a new
ikeadm(1m) sub-command, as well as an ikecert(1m) change, and the obvious
replumbing of in.iked(1m).
 xxxxx@xxxxx.com 2005-1-20 18:30:01 GMT
This bug tracks:

PSARC 2008/525 ikeadm token login
Work Around 
N/A
Comments 
N/A