-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 > Strange... I don't understand what is the difference between the > --show-pkcs11-* and the --askpass... > Just to make sure... --show-pkcs11-slots prompt for PIN??? Yes it pops up the PIN dialog window (GUI) from the safesign middleware so to speak. askpass shows a prompt on stdout and reads from stdin.
> But it does! > Use the management interface. > Put the following in your configuration file: > > management hold > management 127.0.0.1 8887 > management-query-passwords Yes, just what I thought :) After browsing through the beta4 source and manual pages 'n all I saw this one as well. It has potential but for it to be useful to a mere user (i.e. less computer literate people) a kind of GUI wrapper has to be written. I was thinking about this along the lines of combining it with something like: inactive 1800 ping 10 ping-exit 60 explicit-exit-notify tls-exit Then writing a script or such that starts the openvpn service, connects to the management interface, pops up a GUI dialog to ask the user for the PIN, then sending it through the management interface. Should be feasable. Thing is, i'm not a Windows programming-person but maybe I can think up something simpler. > Now start your service. > Insert your smartcard. > Run "telnet localhost 8887" > > Enter the following commands: > hold release > password "XXXX token" pin > I will write a simple perl script that does it for you soon... If I come up with a non-perl but GUI-y like solution i'll post it to the list as well. Albert -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDaNW4KltZixSsH2QRA+8PAKCN1F7QLHXThxvbpBe4f5MNZlYTawCgi8/y vvbSeYvC7AbnwofDnDtNNqQ= =6Lvn -----END PGP SIGNATURE-----
