Hi, As discussed in the IRC meeting, here is a client config that connects to a test server I run for static and dynamic challenge. Just run it as
sudo openvpn --config cr-client.conf Respond with some arbitrary strings at the username, password and static-challenge prompts and the server will send back the strings you typed plus a dynamic challenge question. The connection will succeed after the server verifies the response to the dynamic challenge. There may be a 5 seconds restart pause between the two exchanges. Note that the password and static-challenge response are sent by the client to the server base64 encoded, but my server-side script sends them back decoded, along with the dynamic challenge. This is done so that the correctness of the first round exchange can be tested at the client side. The response to the dynamic challenge is verified at the server side and a successful connection indicates that the verification passed. To do this using your own server, I'll post the script doing the client-auth at the server side and the server config later today. In the mean time please test this against my server. Selva
cr-test.conf
Description: Binary data
------------------------------------------------------------------------------
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
