diff options
author | Gert Doering <gert@greenie.muc.de> | 2015-07-14 09:09:54 +0200 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2015-07-14 10:13:58 +0200 |
commit | dda40aedfb87d77afcef52376cd3e4778ba0370b (patch) | |
tree | 887c5a3fa8a82221e0bc4a5c47067cd2400d99f4 | |
parent | 4d093fff305a3054d88ae2c803665cf90d512c7e (diff) | |
download | openvpn-dda40aedfb87d77afcef52376cd3e4778ba0370b.tar.gz openvpn-dda40aedfb87d77afcef52376cd3e4778ba0370b.tar.xz openvpn-dda40aedfb87d77afcef52376cd3e4778ba0370b.zip |
Document --daemon changes and consequences (--askpass, --auth-nocache).
Trac #574, #576
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1436857794-29419-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9923
(cherry picked from commit b6ec7fbe96f4e200b8962ef6bb572bbb2228133e)
-rw-r--r-- | doc/openvpn.8 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/doc/openvpn.8 b/doc/openvpn.8 index 9db6409..203dd46 100644 --- a/doc/openvpn.8 +++ b/doc/openvpn.8 @@ -2198,6 +2198,22 @@ openvpn command for a fairly reliable indication of whether the command has correctly initialized and entered the packet forwarding event loop. In OpenVPN, the vast majority of errors which occur after initialization are non-fatal. + +Note: as soon as OpenVPN has daemonized, it can not ask for usernames, +passwords, or key pass phrases anymore. This has certain consequences, +namely that using a password-protected private key will fail unless the +.B \-\-askpass +option is used to tell OpenVPN to ask for the pass phrase (this +requirement is new in 2.3.7, and is a consequence of calling daemon() +before initializing the crypto layer). + +Further, using +.B \-\-daemon +together with +.B \-\-auth-user-pass +(entered on console) and +.B \-\-auth-nocache +will fail as soon as key renegotiation (and reauthentication) occurs. .\"********************************************************* .TP .B \-\-syslog [progname] |