The eurephia openvpn authentication plug-in
The eurephia-auth.so is a plug-in for OpenVPN. It is loaded by providing the --plugin option in the OpenVPN configuration.
The syntax for OpenVPN and eurephia-auth is:
plugin eurephia-auth.so "<plugin args> -- <DB args>"
Please notice the quotes and the double dash. They are important markers so that the eurephia-auth module receives all arguments (the quotes) and that it knows when to pass on the rest of the arguments to the defined database driver, separated by the double dash. This manual page will only look at the <plugin args> options. For the <DB args> options, refer to the corresponding database driver you are using.
--log-destination | -l
This defines how eurephia will do its logging. It can take a filename to log to a file. If the string is openvpn: it will pass the log data over to OpenVPN, which will combine the OpenVPN and eurephia logs. You can also log via syslog, by indicating syslog:. The last possible special value is none: which will disable logging completely.
With syslog: you can also define which syslog facility the logging will go to. The default is to log to the user facility. Other supported facilities are authpriv, daemon and local0 to local7. To send log data to the daemon the --log-destination argument need to be
--log-level | -L
This defines how verbose the eurephia logging will be. The required argument to this option must be a numeric value, where 0 indicates as little logging as possible - only giving informative messages, or a high value like 50 to give really verbose logging. In general a log level less than 4 should be more than enough under normal circumstances.
NOTICE: The highest log level is 10, unless the eurephia-auth modules have been compiled with debug features.
--database-interface | -i
This argument must have a full path to the eurephia database driver module. This defines which database interface eurephia will use.
The only change the OpenVPN clients needs to do is to add
to their configuration file. This instructs the OpenVPN client to ask for user name and password when starting the connection.
Copyright (C) 2008-2012 David Sommerseth <[email protected]>