diff options
author | Arne Schwabe <arne@rfc2549.org> | 2012-05-01 15:33:00 +0200 |
---|---|---|
committer | Arne Schwabe <arne@rfc2549.org> | 2012-05-01 15:33:00 +0200 |
commit | 3d54881bc78b893ab286681338dd7b9b69d871b3 (patch) | |
tree | a6e8e13bc598a4762c96312800451ddf0a8306e6 /openvpn/doc | |
parent | 61deb1b6598f2816125525c8621b08e047172768 (diff) |
Support strange certificate + passsword authentication types
Diffstat (limited to 'openvpn/doc')
-rw-r--r-- | openvpn/doc/openvpn.8 | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/openvpn/doc/openvpn.8 b/openvpn/doc/openvpn.8 index 53d6bdb2..ee46de62 100644 --- a/openvpn/doc/openvpn.8 +++ b/openvpn/doc/openvpn.8 @@ -3846,6 +3846,20 @@ space-saving optimization that uses the unique identifier for datagram replay protection as the IV. .\"********************************************************* .TP +.B \-\-use-prediction-resistance +Enable prediction resistance on PolarSSL's RNG. + +Enabling prediction resistance causes the RNG to reseed in each +call for random. Reseeding this often can quickly deplete the kernel +entropy pool. + +If you need this option, please consider running a daemon that adds +entropy to the kernel pool. + +Note that this option only works with PolarSSL versions greater +than 1.1. +.\"********************************************************* +.TP .B \-\-test-crypto Do a self-test of OpenVPN's crypto options by encrypting and decrypting test packets using the data channel encryption options |