upstream/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2026-06-10 01:11:08 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
openvpn/doc/man-sections
History
Arne Schwabe ebd433bd1e Implement override-username 
This allow the server to set and override the username that is assumed
for the client for interaction with the client after the authentication.

This is especially intended to allow the of use auth-gen-token in
scenarios where the clients use certificates and multi-factor
authentication.

It allows a client to successfully roam to a different server and have
a correct username and auth-token that can be accepted by that server as
fully authenticated user without requiring MFA again.

The scenario that this feature is probably most useful
when --management-client-auth is in use as in this mode the OpenVPN
server can accept clients without username/password but still use
--auth-gen-token with username and password to accept auth-token as
alternative authentication. A client without a username will also not
use the pushed auth-token. So setting/pushing an auth-token-user
will ensure that the client has a username.

Github: OpenVPN/openvpn#299

Change-Id: Ia4095518d5e4447992a2974e0d7a159d79ba6b6f
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20250311155904.4446-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg31091.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
2025-03-11 18:58:19 +01:00
..
advanced-options.rst options: add IPv4 support to '--show-gateway <arg>' 2025-01-29 20:23:50 +01:00
cipher-negotiation.rst documentation: make section levels consistent 2024-03-25 16:24:32 +01:00
client-options.rst Rename aead-tag-at-end to aead-epoch 2025-01-10 08:18:22 +01:00
connection-profiles.rst Various typo fixes 2024-11-28 13:32:59 +01:00
encryption-options.rst documentation: make section levels consistent 2024-03-25 16:24:32 +01:00
example-fingerprint.rst Improve peer fingerprint documentation 2025-01-14 16:56:38 +01:00
examples.rst doc: run rst2* with --strict to catch warnings 2023-04-11 16:46:57 +02:00
generic-options.rst Http-proxy: fix bug preventing proxy credentials caching 2024-06-25 22:22:48 +02:00
inline-files.rst Document that auth-user-pass may be inlined 2024-02-23 12:42:03 +01:00
link-options.rst Add support for simultaneous use of UDP and TCP sockets 2025-03-06 11:53:39 +01:00
log-options.rst Remove inetd support from OpenVPN 2021-01-30 11:03:40 +01:00
management-options.rst Allow management client to announce pss padding support 2022-01-20 16:29:45 +01:00
network-config.rst doc/man: Documentation for --bind-dev / VRFs on Linux 2020-07-17 12:58:58 +02:00
pkcs11-options.rst documentation: make section levels consistent 2024-03-25 16:24:32 +01:00
plugin-options.rst plug-ins: Disallow multiple deferred authentication plug-ins 2022-03-15 17:51:48 +01:00
protocol-options.rst Allow DEFAULT in data-ciphers and report both expanded and user set option 2024-12-31 17:42:52 +01:00
proxy-options.rst NTLM: when NTLMv1 is requested, try NTLMv2 instead 2024-01-18 18:07:06 +01:00
renegotiation.rst documentation: make section levels consistent 2024-03-25 16:24:32 +01:00
script-options.rst script-options.rst: Update ifconfig_* variables 2024-03-26 14:19:45 +01:00
server-options.rst Implement override-username 2025-03-11 18:58:19 +01:00
signals.rst Persist-key: enable persist-key option by default 2024-03-07 15:06:36 +01:00
tls-options.rst Remove x509-username-fields uppercasing 2025-02-20 10:55:41 +01:00
unsupported-options.rst Persist-key: enable persist-key option by default 2024-03-07 15:06:36 +01:00
virtual-routing-and-forwarding.rst doc: run rst2* with --strict to catch warnings 2023-04-11 16:46:57 +02:00
vpn-network-options.rst man: extend --persist-tun section 2025-01-29 17:51:17 +01:00
windows-options.rst Implement Windows CA template match for Crypto-API selector 2024-06-06 13:19:17 +02:00