On 05.10.18 17:53, Konstantin Ryabitsev wrote: > But should the admin need to bring up the OpenVPN link
This may be a stupid question, but why do you need OpenVPN any more, if you have Wireguard? I'd set up a simple server-side login page that allows people to use their user+pass+TOTP to enable non-SSH traffic on "their" link for the next N minutes, with an easily-clickable Refresh button (and a browser-based notification that the timeout is imminent), plus a small (= easily-verified-to-be-correct) backend that enables/disables your link's iptables rules. Problem solved. -- -- Matthias Urlichs _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard