[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] "--askpass file" is evil!

  • Subject: Re: [Openvpn-users] "--askpass file" is evil!
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Sat, 4 Dec 2004 09:31:11 +0100 (CET)

On Sat, 4 Dec 2004, Jason Haar wrote:

I don't understand why it's needed. I assume "--askpass file" only refers to certs? If so, if you have a valid reason to have a cert without a passphrase, then you'd simply use the "--nodes" option in openssl to "strip" the password out - i.e make your cert not have a password.

There is no reason to have an extra option to grab a cert password from somewhere else.

I can't see any use for it either -- but just because you and I can't see any use for it, it doesn't mean that nobody else can.

That's why I okay with leaving the option, but as a default disabled option, that has to be turned on at build-time.

Mathias Sundman                  (^)   ASCII Ribbon Campaign
OpenVPN GUI for Windows           X    NO HTML/RTF in e-mail
http://www.nilings.se/openvpn    / \   NO Word docs in e-mail

Openvpn-users mailing list