I'm currently using StrongSwan for my iOS devices to connect. I was wondering if there is a way to use an external program for XAUTH? I currently have the following configuration:
: RSA server.pem
test : XAUTH "thisisatestpassword"
What I want to do, is let an external program decide if the credentials are ok. Is that possible? and if so, does somebody know how?
You could maybe try the xauth-pam plugin, which delegates the authentication to PAM, combined with pam_script (see this answer on Stack Overflow for an example).
Another option is to write a custom plugin for strongSwan that e.g. calls an external program to authenticate the users. There already exist several XAuth plugins that you could have a look at for ideas.
XAuth credentials that can be used by the xauth-generic plugin can also be provided from databases (using the sql plugin), or from custom plugins.
