On Thu, 17 Aug 2023 12:12:13 +0000 (UTC), Jason Long via Openvpn-users <openvpn-users@lists.sourceforge.net> wrote:
>Hello Jochen,Thanks again. >Your words are true and I had asked such a question before. It is even better >if each server has its own separate keys. If the clients all use the same >keys, then we can block any client based on the IP address. It is true? > >1- Is there a tool to facilitate key generation for a large number of clients? > >2- I've heard that OpenVPN can be configured to work with username and password >instead of key-based authentication. Is this possible and recommended? >3- About the CN name, if I forget it, then if I open the "ca.crt" file and >click > on the Details tab and check the Issuer section, then this is the name that I > have entered during generating the key? >4- If CN's name is Server, then I must change the ccd directory to Server? Am >I right? >In which part of the document is this said? Absolutely NOT!!!!!!! You can use any dir name of your liking as the ccd dir, it is simply entered into the server's conf file: client-config-dir /etc/openvpn/ccdw I use a different dir for each server instance so I have another too and it is entered into that server's conf file: client-config-dir /etc/openvpn/ccdl >https://community.openvpn.net/openvpn/wiki/HOWTO > >Maybe I didn't pay attention! I believe so :-( By the questions you are asking it seems like you are not caring to actually read the documentation and instead rely on some dubious googled websites that are not even up-to-date... -- Bo Berglund Developer in Sweden _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
