On 06/10/2017 03:25 PM, yreb-qusw wrote:
In this section:
Set up a ProxyVM as a VPN gateway using iptables and CLI scripts
Where it says this:
Lastly, the VPN client may not be able to prompt you for credentials
when connecting to the server: Creating a file in the ‘vpn’ folder with
your credentials and using a directive such as openvpn’s auth-user-pass
<filename> is recommended.
----
It seems like this file needs to be changed to be read-only, for the
appropriate ownership based on the complaints that pop up, when
testing in the terminal before one doesn't notice it later, when not
using the terminal to start the openvpn --config
File "is group or others accessible" is a common configuration "mistake"
on installations that are not multi-user, such as routers. A proxy VM is
basically a router, and its expected that you won't be running apps as
regular user in there. If that's the case you can disregard the warning.
OTOH, if you wish to satisfy the warning you can set privs like this:
chmod 600 /rw/config/vpn/filename.txt
--
Chris Laprise, [email protected]
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/5f2f1683-8dbe-3cd4-0fc9-acd25aab690f%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.
