Am 11.06.21 um 02:41 schrieb Antonio Quartulli: > Hi, > > On 20/05/2021 17:11, Arne Schwabe wrote: >> When not using username and password (i.e. auth-user-pass) it can still make >> to provide the client with an auth-token, e.g. for allowing a session to >> continue after a reconnect without requiring 2FA again. >> >> However, without --auth-user-pass openvpn does not have a username and will >> ignore any pushed auth-token command. >> >> This patch adds support for auth-token-user to set the username that should >> be used for auth-token >> >> The spec of using auth-token-user base64-encoded-user are the ones that >> OpenVPN3 already implements. >> >> Patch V2: Improve style, fix comments and commit message >> >> Signed-off-by: Arne Schwabe <a...@rfc2549.org> > > This patch hasn't changed since the last time it was on the mailing list > (and I acked it), so the same goes for this copy. > > @Arne I have a new question though: what is expected to happen is the > --auth-token-user is specified in the global config? > > Is the same user supposed to be used with every client? > Or is it just ignored? > > I am testing this case and I don't see the user being pushed to the client. >
It is probably the same as with auth-token itself. OpenVPN will pick it up and use it but most times it is not every useful as auth-token should be pushed from the server. It is an artefact from how we parse things. Arne _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
