[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] invalidate username/password setting via management interface

  • Subject: Re: [Openvpn-users] invalidate username/password setting via management interface
  • From: Wilhelm Meier <wilhelm.meier@xxxxxxxx>
  • Date: Fri, 18 Jan 2008 07:14:21 +0100

Am Donnerstag, 17. Januar 2008 schrieb Alon Bar-Lev:
> On 1/17/08, Wilhelm Meier <wilhelm.meier@xxxxxxxx> wrote:
> > Do I need a newer version of openvpn on the client-side (the
> > server is 2.0.9)?
> If you wish to use newer features, then yes.

I found that I have to use the actual svn. The debian testing 
(2.1-rc4) and the gentoo-testing (2.1-rc4) are too old. The 
forget-passwords  command is only included in the svn.

> But I just thought... Why don't you allow users to start/stop the
> daemon using sudo command?
> This way you can start the daemon during login and stop it during
> logout...

I wrote a simple pam-openvpn module, that now provides the openvpn 
client with username/password at login and sends forget-passwords and 
SIGUSR1 at logout. 
This is simple and works now very well. And I think, this is the right 
way to do it.

If anyone is interested in the pam-openvpn module, please contact me.
OpenVPN mailing lists