Hi,
On 04/05/20 14:49, Dajka Tamás wrote:
Hi,
is it possible to disable „auth-nocache” in the client by a PUSH
message? I mean, if the „auth-nocache” is SET in the client.conf to
„reenable” credentials caching. What’s the logic behind? When we
deployed the clients we did set ’auth-nocache’ as a security
measurement. However, we want to use auth-token now beside OTP, but
changing all the clients will take some (unneeded) time.
no that is not possible; there is no "auth-yescache" option and there's
no code in openvpn to "undo" what ssl_set_auth_nocache() does
Secondly, is it allowed/possible to set „reneg-sec” by a PUSH message?
(reneg-sec is not set currently in the client.conf, has the default
value of 3600)
should be possible , yes. I see no logic restricting this
HTH,
JJK
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
