O'Reilly logo

Mastering OpenVPN by Jan Just Keijser, Eric F Crist

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Using LDAP as a backend authentication mechanism

Normally, the security of a VPN is based on a X.509 certificate / private key pair, which all users of the VPN must possess in order to gain access. The security of your VPN can be further increased by requiring users to also supply a username and password when they connect to the OpenVPN server.

On the server side, the verification of the username and password can be done using several mechanisms:

  • Using a server-side password file that contains the username and their hashed passwords.
  • Using PAM (short for Pluggable Authentication Module), which is normally included in all Linux/UNIX operating systems.
  • Using a central directory server based on Lightweight Directory Access Protocol (LDAP). Note that ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required