OpenVPN Support Forum

Hi.

I would like our clients to authenticate using:

1. Certificate
2. username/password (LDAP)
3. Radius (for one time password)

Is this possible? Is there a good HOWTO on how to do this? Server is Ubuntu Lucid. I would prefer multiple prompts (for 2 and 3) rather than concatenating the passwords.

thank you
dan

[07:23] <vpnHelper> krzie: "authpass" is (#1) please see --auth-user-pass-verify in the manual to learn how to force clients to use passwords in addition to certs, or (#2) or to ONLY use passwords (no certs, highly NOT recommended) also use --client-cert-not-required, or (#3) and if you want the login name to be used as the common-name for things like ccd entries, use --username-as-common-name

I am not sure if clients properly handle asking the user for passwords 2x, but if they do there is no reason your script could not prompt for it 2x.
if you do whip up some code for that, i would be interested in hearing how it goes.