Authentication tokens are security enhancement eliminating client
need to cache passwords, and are indispensable at two factor
authentication methods, such as HOTP or TOTP.
The ">PASSWORD:Auth-Token" message was not mentioned anywhere in
the OpenVPN Management Interface Notes. This patch adds a simple use
case example, while the more detailed feature description remains
explained in the OpenVPN manual.
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20171011134530.6676-1-simon@rozman.si>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15599.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
... | ... |
@@ -317,6 +317,11 @@ COMMAND -- password and username |
317 | 317 |
|
318 | 318 |
>PASSWORD:Verification Failed: 'custom server-generated string' |
319 | 319 |
|
320 |
+ Example 6: If server pushes --auth-token to the client, the OpenVPN |
|
321 |
+ will produce a real-time PASSWORD message: |
|
322 |
+ |
|
323 |
+ >PASSWORD:Auth-Token:foobar |
|
324 |
+ |
|
320 | 325 |
COMMAND -- forget-passwords |
321 | 326 |
--------------------------- |
322 | 327 |
|