|
|
On Sun, 4 Dec 2005, arussos@xxxxxxxxxxxxxxxx wrote: .unfortunately i failed to explain correctly what i was meaning. First i create the .exe for the client; i encrypt it and send via e-mail to the client; then i call the client by phone and give him user/passwd ( obviously this is what my "boss" requires...). But how to be sure that .exe will not be installed also on other machines?? You can't. I've proposed adding some features to make OpenVPN include some info about the connecting machine like mac address, hostname, openvpn version and such in the data sent to the server while authenticating the client so that the server can verify this before accepting the client but there is nothing implemented todo this now. Even if it were implemented it would only add a basic protection against novice users. The smart, determined user that wants to circumvent the system will succeed anyway as you will always be able to recompile your own patched version of OpenVPN that supplies the creds the server is expecting. I agree with you that this is a problem, but I can´t see any good solutions other than policies about what people are allowed todo. -- _____________________________________________________________ Mathias Sundman (^) ASCII Ribbon Campaign OpenVPN GUI for Windows X NO HTML/RTF in e-mail http://openvpn.se/ / \ NO Word docs in e-mail Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-12/msg00057.html on line 199 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-12/msg00057.html on line 199 |