Hi Selva, Selva Nair wrote: > Hi, > > As discussed in the IRC meeting, here is a client config that connects > to a test server I run for static and dynamic challenge. Just run it as > > sudo openvpn --config cr-client.conf > > Respond with some arbitrary strings at the username, password and > static-challenge prompts and the server will send back the strings you > typed plus a dynamic challenge question. The connection will succeed > after the server verifies the response to the dynamic challenge. There > may be a 5 seconds restart pause between the two exchanges. > > Note that the password and static-challenge response are sent by the > client to the server base64 encoded, but my server-side script sends > them back decoded, along with the dynamic challenge. This is done so > that the correctness of the first round exchange can be tested at the > client side. The response to the dynamic challenge is verified at the > server side and a successful connection indicates that the > verification passed. > > To do this using your own server, I'll post the script doing the > client-auth at the server side and the server config later today. In > the mean time please test this against my server.
thanks for your config files! I've just tested this against your server, and got a successful login on the second attempt. The challenge please answer this : 1+1 = failed with a message: Wrong answer to dynamic response or invalid format (2.000 23.000) but the second challenge worked fine. Next, I'll play with your server config. cheers, JJK ------------------------------------------------------------------------------ _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
