Our man page was missing the information that the life time of the auth-token also depends on the reneg-sec --- doc/openvpn.8 | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/doc/openvpn.8 b/doc/openvpn.8 index 864f94e8..f890e7a2 100644 --- a/doc/openvpn.8 +++ b/doc/openvpn.8 @@ -3741,6 +3741,12 @@ argument defines how long the generated token is valid. The lifetime is defined in seconds. If lifetime is not set or it is set to 0, the token will never expire. +The token will expire either after the lifetime of the token or after +not being renewed for 2 * +.B reneg\-sec +seconds. Clients are being send renewed tokens on every +TLS renogiation to keep the client's token updated. + This feature is useful for environments which is configured to use One Time Passwords (OTP) as part of the user/password authentications and that authentication mechanism does not -- 2.26.0 _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
