Score:1

How to disallow second OpenVPN client with the same key?

cz flag

I've setup my openvpn server, but I have this problem:

Clients connects in this order:

  1. client_A connects succesfully to server using it's own key.
  2. client_B connects to server using client_A's key and gets same ip as client_A.

When I try to ping client_A packets goes to client_B instead of client_A.

I don't have duplicate-cn in my server config.

How can I prevent this behavior? I want to kick client_B immediately and keep only client_A.

Score:0
gf flag

I guess you can't.

What is wrong in your scenario is client_B connects to server using client_A's key that should never happen.

it's like if you'd says "what wrong ? I just published my login/password, and someone else used it ... !,"

clients keys is like their email login/password. they don't publish it, they dont communicate it, they don't exchange it, or it may be a professional misconduct.

you can just revoke the keys, and provide some news one with a private password, or make them sign a conduct agreement to not share their keys.

if you can't, use 2fa instead.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.