|
|
Mathias Sundman wrote: > Yes, I just learned this one :-) --auth-user-pass REQUIRES --pull on the > client side. The user/pass authentication uses the push/pull channel. You > don't have to push any options though. > > What OpenVPN version are you using on the client side? 2.0_rc8 (2.0_rc7 > too, but with a bug!) reports this option error clearly. Client: OpenVPN GUI 1.0-beta26 (last stable release), not the 2.0_rc8 on Win2000. Is not a potential security hole ? I think, if the username/password authentication is fail, the connection must be drop by the server. For example somebody stole my files and try to connect to VPN, in this case, possible without known of my username and password. This is a problem on the server side not on the client Leslie ps: sorry my english ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |