-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi,
Was it not yourself that asked people to stop top-posting ? Regardless, It behooves you to read the documentation for the tools you use. The EasyRSA 'nopass' option, obviously, creates private keys without password encryption. If you encrypt your private keys with a password then you must enter that password to use the keys in openvpn. You would add to your config files 'askpass'. Regards. Sent with Proton Mail secure email. ------- Original Message ------- On Monday, July 24th, 2023 at 12:57, Jason Long <hack3r...@yahoo.com> wrote: > Hello, > Thank you so much for your reply. > > In these command, why "nopass" ? > > # ./easyrsa build-ca nopass > > # ./easyrsa gen-req server nopass > > # ./easyrsa gen-req client nopass > > > If I entered a password, then where is this password used? > > > > > > On Monday, July 24, 2023 at 02:46:18 PM GMT+3:30, tincantech via > Openvpn-users openvpn-users@lists.sourceforge.net wrote: > > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Hi, > > ------- Original Message ------- > On Monday, July 24th, 2023 at 11:42, Jason Long via Openvpn-users > openvpn-users@lists.sourceforge.net wrote: > > > > > Hello, > > Thank you so much for your reply. > > Your answer raised another question in my mind. Can I use the same > > "ca.crt", "server.crt", "server.key" and "dh.pem" files for other servers? > > Or do I need to create one for each new server? > > > > The tutorial that I used to create the crypto files use the following > > command: > > > > # ./easyrsa build-ca nopass > > > > # ./easyrsa gen-req server nopass > > > > # ./easyrsa gen-req client nopass > > > You forgot the signing stage: easyrsa sign-req server server > etc.. > > > > I want when the client wants to connect to my OpenVPN server, enter the > > Username and Password. What changes should I make? > > > > To the client config add: auth-user-pass, which will prompt the client for > user/pass. > > To the server config add: auth-user-pass-verify <your-verification-tool> > <required-options> > > Consult the manual for full details of this directive. > There is also some help in the Howto: > https://community.openvpn.net/openvpn/wiki/HOWTO#Usingalternativeauthenticationmethods > > Regards. > -----BEGIN PGP SIGNATURE----- > Version: ProtonMail > > wsBzBAEBCAAnBYJkvlznCZBPl5z2a5C4nRYhBAm8PURno41yecVVVU+XnPZr > kLidAAADEggAoVZcVxtGDiPT9xMpnBMe7gVZx8gFAMVPDjQ1lU0Nr+W+w1qP > 5FqRlA7DAKvKcGsaxY12FMEoWY+WahaBmGmMv90pivlSMne8Kpqi4mrD9SnV > yrevVjyS7aJIKU5Kha1GZ1P8kQ4f0yHJDObJ1MT26kYNTIgYD7vvmi+Hd6wx > AMAGOMv2feK4RIki0IC4hm0vQlXQ/x75sMZmSYyTtP7JjLvw84EPFlDHyOe8 > yk7VN+te7hR5LrnqDT23Pxjk7H89gfxU9Hqdd/OZWyIX7WeNb/0yQGP8osPs > UZfUeCOMdL8zZCgg40n9iueKcEvhcpviU96o3qcM7cl7xjtgIFXrWA== > =GlCN > -----END PGP SIGNATURE----- > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users -----BEGIN PGP SIGNATURE----- Version: ProtonMail wsBzBAEBCAAnBYJkvmmRCZBPl5z2a5C4nRYhBAm8PURno41yecVVVU+XnPZr kLidAAA1Fwf/QB3kRXXDpt7gIQA/xt43QNBNaMIYAbIU5gt3VH5Kbbnu+tZh gSQ2Ybn9UeXcikKPKa72lsCZC3VvhYq3yrz1qt1DTSUSeumQ6DNhZKlfBwxV dZFVrZ8B5VPFybyCUvKTLFtbml0+sd+1rps6RbsSlCrnOfMLMuZyj3+V1EJ7 JG/QskrSxCxsLAf16t1IYK/CUwQTiPqgmDOfHH4grVuW9+PMxXb6bJov+90G L2/G5Swoqw+303gTqiU+0IvplEOfrqVLNCdSC3uGdstVg8ZbwaxNYUtyhzWm ByXgh0ixbok5+H79wZdU2o2+jjEc5KdL+NNf82QYzOd340lfMQ1WEQ== =9dzV -----END PGP SIGNATURE-----
publickey - tincantech@protonmail.com - 0x09BC3D44.asc
Description: application/pgp-keys
publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
