On Saturday 03 July 2004 23:01, James Yonan wrote: > management 127.0.0.1 20001 > > This will cause OpenVPN to listen on 127.0.0.1:20001 as its management > interface port. > > It's important, of course, that the management port always be local, since > we are using it to potentially pass passwords and other sensitive data that > should never actually touch a real network interface. > > Thinking ahead, the challenge/response sequence for passing authentication > info should be open-ended to provide for future implementation of > alternative authentication methods such as Radius, LDAP, NT Auth, etc.
Please don't do too much of that. I've seen this auth featuritis creeping in ntp and ups tools(!). Results ain't pretty... Reconfiguration of openvpn can always be done by editing config file and restarting openvpn daemon. Simple. Elegant. No additional coding - no risk of introducing bugs. This can be done via systray app, too. -- vda
