summaryrefslogtreecommitdiff
path: root/openvpn/doc
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2012-05-01 15:33:00 +0200
committerArne Schwabe <arne@rfc2549.org>2012-05-01 15:33:00 +0200
commit3d54881bc78b893ab286681338dd7b9b69d871b3 (patch)
treea6e8e13bc598a4762c96312800451ddf0a8306e6 /openvpn/doc
parent61deb1b6598f2816125525c8621b08e047172768 (diff)
Support strange certificate + passsword authentication types
Diffstat (limited to 'openvpn/doc')
-rw-r--r--openvpn/doc/openvpn.814
1 files changed, 14 insertions, 0 deletions
diff --git a/openvpn/doc/openvpn.8 b/openvpn/doc/openvpn.8
index 53d6bdb2..ee46de62 100644
--- a/openvpn/doc/openvpn.8
+++ b/openvpn/doc/openvpn.8
@@ -3846,6 +3846,20 @@ space-saving optimization that uses the unique identifier for
datagram replay protection as the IV.
.\"*********************************************************
.TP
+.B \-\-use-prediction-resistance
+Enable prediction resistance on PolarSSL's RNG.
+
+Enabling prediction resistance causes the RNG to reseed in each
+call for random. Reseeding this often can quickly deplete the kernel
+entropy pool.
+
+If you need this option, please consider running a daemon that adds
+entropy to the kernel pool.
+
+Note that this option only works with PolarSSL versions greater
+than 1.1.
+.\"*********************************************************
+.TP
.B \-\-test-crypto
Do a self-test of OpenVPN's crypto options by encrypting and
decrypting test packets using the data channel encryption options