Using an 'auth-user-pass-verify' script
Next
to certificates and private keys, OpenVPN also offers the option to use a username and password mechanism for verifying client access. In this recipe, we will demonstrate how to set up an auth-user-pass-verify
script, which is executed on the server side when a client connects. This script can be used to look up a user in a database or file and can also be used to verify that the right password was specified.
Getting ready
Install OpenVPN 2.1 or higher on two computers. Make sure the computers are connected over a network. Set up the client and server certificates using the first recipe from Chapter 2. For this recipe, the server computer was running CentOS 5 Linux and OpenVPN 2.1.1. The client was running Fedora 12 Linux and OpenVPN 2.1.1. Keep the server configuration file example6-1-server.conf
from the recipe Using a Client-side up/down script at hand.
How to do it...
Append a line to the server configuration file
example6-1-server.conf
:script...