sshd vs openvpn

Elan Ruusamäe glen at pld-linux.org
Tue Oct 7 11:59:16 CEST 2008


On Tuesday 07 October 2008 11:14:22 Przemyslaw Iskra wrote:
> On Tue, Oct 07, 2008 at 04:57:48AM +0300, Elan Ruusamäe wrote:
> > hi
> >
> > we had suffered one incident when one server did not came "up" because
> > openvpn had server certificate which was protected by password and
> > therefore it was waiting for password input and no other service (sshd
> > was crucial) was not brought up until someone pressed enter.
>
> how about supplying --askpass /dev/null in default args ? or add some
> --no-interactive option to openvpn code.
i wonder, is it possible to check that the status is "initial bootup seqence". 
check for /dev/fd/0, or check for runlevel, or sth?

> I think startup scripts should never wait for user input, and that
> would co it.

i would agree, but how then you start openvpn if you intentionally want to 
have passphrase on the keyfile? (same goes for apache,...)

-- 
glen


More information about the pld-devel-en mailing list