The typical usage of.B --test-cryptowould be something like this:.B openvpn --test-crypto --secret keyor.B openvpn --test-crypto --secret key --verb 8This option is very useful to test OpenVPN after it has been ported toa new platform, or to isolate problems in the compiler, OpenSSLcrypto library, or OpenVPN's crypto code.  Since it is a self-test mode,problems with encryption and authentication can be debugged independentlyof network and tunnel issues..SS TLS Mode Options:TLS mode is the most powerful mode of OpenVPN in both security and flexibility.TLS mode works by establishing control anddata channels which are multiplexed over a single UDP port.  OpenVPN initiatesa TLS session over the control channel and uses it to exchange cipherand HMAC keys to protect the data channel.  TLS mode uses a robust reliabilitylayer over the UDP connection for all control channel communication, whilethe data channel, over which encrypted tunnel data passes, is forwarded withoutany mediation.  The result is the best of both worlds: a fast data channelthat forwards over UDP with only the overhead of encrypt,decrypt, and HMAC functions,and a control channel that provides all of the security features of TLS,including certificate-based authentication and perfect forward security.To use TLS mode, each peer that runs OpenVPN should have its own localcertificate/key pair (.B --certand.B --key), signed by the root certificate which is specifiedin.B --ca.When two OpenVPN peers connect, each presents its local certificate to theother.  Each peer will then check that its partner peer presented acertificate which was signed by the master root certificate as specified in.B --ca.If that check on both peers succeeds, then the TLS negotiation will succeed, both OpenVPNpeers will exchange temporary session keys, and the tunnel will beginpassing data.The OpenVPN distribution contains a set of scripts for managing RSA certificates & keys,located in the.I easy-rsasubdirectory.The easy-rsa package is also rendered in web form here:.I http://openvpn.sourceforge.net/easyrsa.html.TP.B --tls-serverEnable TLS and assume server role during TLS handshake.  Note thatOpenVPN is designed as a peer-to-peer application.  The designationof client or server is only for the purpose of negotiating the TLScontrol channel..TP.B --tls-clientEnable TLS and assume client role during TLS handshake..TP.B --ca fileCertificate authority (CA) file in .pem format, also referred to as the.I rootcertificate.  This file can have multiplecertificates in .pem format, concatenated together.  You can construct your owncertificate authority certificate and private key by using a command such as:.B openssl req -nodes -new -x509 -keyout tmp-ca.key -out tmp-ca.crtThen edit your openssl.cnf file and edit the.B certificatevariable to point to your new root certificate.B tmp-ca.crt.For testing purposes only, the OpenVPN distribution includes a sampleCA certificate (tmp-ca.crt).Of course you should never usethe test certificates and test keys distributed with OpenVPN in aproduction environment, since by virtue of the fact thatthey are distributed with OpenVPN, they are totally insecure..TP.B --dh fileFile containing Diffie Hellman parametersin .pem format (required for.B --tls-serveronly). Use.B openssl dhparam -out dh1024.pem 1024to generate your own, or use the existing dh1024.pem fileincluded with the OpenVPN distribution.  Diffie Hellman parametersmay be considered public..TP.B --cert fileLocal peer's signed certificate in .pem format -- must be signedby a certificate authority whose certificate is in.B --ca file.Each peer in an OpenVPN link running in TLS mode should have its owncertificate and private key file.  In addition, each certificate shouldhave been signed by the key of a certificateauthority whose public key resides in the.B --cacertificate authority file.You can easily make your own certificate authority (see above) or pay moneyto use a commercial service such as thawte.com (in which case you will behelping to finance the world's second space tourist :).To generate a certificate,you can use a command such as:.B openssl req -nodes -new -keyout mycert.key -out mycert.csrIf your certificate authority private key lives on another machine, copythe certificate signing request (mycert.csr) to this other machine (this canbe done over an insecure channel such as email).  Now sign the certificatewith a command such as:.B openssl ca -out mycert.crt -in mycert.csrNow copy the certificate (mycert.crt)back to the peer which initially generated the .csr file (thiscan be over a public medium).Note that the.B openssl cacommand reads the location of the certificate authority key from itsconfiguration file such as.B /usr/share/ssl/openssl.cnf-- note alsothat for certificate authority functions, you must set up the files.B index.txt(may be empty) and.B serial(initialize to.B 01)..TP.B --key fileLocal peer's private key in .pem format.  Use the private key which was generatedwhen you built your peer's certificate (see.B -cert fileabove)..TP.B --tls-cipher lA list l of allowable TLS ciphers separated by.B |(optional).  If you require a high level of security,you may want to set this parameter manually, to prevent aversion rollback attack where a man-in-the-middle attacker triesto force two peers to negotiate to the lowest levelof security they both support.Use.B --show-tlsto see a list of supported TLS ciphers..TP.B --tls-timeout nPacket retransmit timeout on TLS control channelif no acknowledgment from remote within.B nseconds (default=5).  When OpenVPN sends a controlpacket to its peer, it will expect to receive anacknowledgement within.B nseconds or it will retransmit the packet.  This parameteronly applies to control channel packets.  Data channelpackets (which carry encrypted tunnel data) are neveracknowledged, sequenced, or retransmitted by OpenVPN becausethe higher level network protocols running on top of the tunnelsuch as TCP expect this role to be left to them..TP.B --reneg-bytes nRenegotiate data channel key after.B nbytes sent or received (disabled by default).OpenVPN allows the lifetime of a keyto expressed as a number of bytes encrypted/decrypted, a number of packets, ora number of seconds.  A key renegotiation will be forcedif any of these three criteria are met by either peer..TP.B --reneg-pkts nRenegotiate data channel key after.B npackets sent and received (disabled by default)..TP.B --reneg-sec nRenegotiate data channel key after.B nseconds (default=3600)..TP.B --hand-window nHandshake Window -- the TLS-based key exchange must finalize within.B nsecondsof handshake initiation by any peer (default = 60 seconds).If the handshake failswe will attempt to reset our connection with our peer and try again.Even in the event of handshake failure we will still useour expiring key for up to.B --tran-windowseconds to maintain continuity of transmission of tunneldata..TP.B --tran-window nTransition window -- our old key can live this many secondsafter new a key renegotiation begins (default = 3600 seconds).This is a powerful feature that contributes to the robustnessof the OpenVPN key negotiation protocol.  Even during periodsof extremely poor network connectivity between peers, withsignificant dropped packets, OpenVPNwill never let the failure of a key exchange handshake interfere withthe continuing transmission of tunnel data..TP.B --single-sessionAfter initially connecting to a remote peer, disallow any new connections.Using thisoption means that a remote peer cannot connect, disconnect, and thenreconnect.If the daemon is reset by a signal or.B --ping-restart,it will allow one new connection..B --single-sessioncan be used with.B --ping-exitor.B --inactiveto create a single dynamic session that will exit when finished..TP.B --tls-auth fAdd an additional layer of authentication on top of the TLScontrol channel to protect against DoS attacks..B f(required) is a shared-secret passphrase file..B --tls-authis recommended when you are running OpenVPN in a mode whereit is listening for packets from any IP address such as when.B --remoteis not specified, or.B --remoteis specified with.B --float.The rationale forthis feature is as follows.  TLS requires a multi-packet exchangebefore it is able to authenticate a peer.  During this timebefore authentication, OpenVPN is allocating resources (memoryand CPU) to this potential peer.  The potential peer is alsoexposing many parts of OpenVPN and the OpenSSL library to the packetsit is sending.  Most successful network attacks today seekto either exploit bugs in programs (such as buffer overflow attacks) orforce a program to consume so many resources that it becomes unusable.Of course the first line of defense is always to produce clean,well-audited code.  OpenVPN has been written with buffer overflowattack prevention as a top priority.But as history has shown, many of the most widely usednetwork applications have, from time to time,fallen to buffer overflow attacks.So as a second line of defense, OpenVPN offersthis special layer of authentication on top of the TLS control channel so thatevery packet on the control channel is authenticated by anHMAC signature and a unique ID for replay protection.This signature will also help protect against DoS (Denial of Service) attacks.An important rule of thumb in reducing vulnerability to DoS attacks is tominimize the amount of resources a potential, but as yet unauthenticated,client is able to consume..B --tls-authdoes this by signing every TLS control channel packet with an HMAC signature,including packets which are sent before the TLS level has had a chanceto authenticate the peer.The result is that packets withoutthe correct signature can be dropped immediately upon reception,before they have a chance to consume additional system resourcessuch as by initiating a TLS handshake.It should be emphasized that this feature is optional and that thepassphrase file used with.B --tls-authgives a peer nothing more than the power to initiate a TLShandshake.  It is not used to encrypt or authenticate any tunnel data..TP.B --askpassGet PEM password from controlling tty before we daemonize.  For the extremelysecurity conscious, it is possible to protect your private key witha password.  Of course this means that every time the OpenVPNdaemon is started you must be there to type the password.  The.B --askpassoption allows you to start OpenVPN from the command line.  It willquery you for a password before it daemonizes.  To protect a privatekey with a password you should omit the.B -nodesoption when you use the.B opensslcommand line tool to manage certificates and private keys..TP.B --tls-verify cmdExecute shell command.B cmdto verify the X509 name of apending TLS connection that has otherwise passed all othertests of certification..B cmdshould return 0 to allow the TLS handshake to proceed, or 1 to fail..B cmdis executed as.B cmd certificate_depth X509_NAME_onelineCommas (',') may be used to separate multiple args in.B cmd.Before the command line is passed to the shell, all commaswill be converted to spaces.This feature is useful if the peer you want to trust has a certificatewhich was signed by a certificate authority who also signed a zillionother certificates.  In this case you want to be selective about whichpeer certificate you accept.  This feature allows you to write a scriptwhich will test the X509 name on a certificate and decide whether ornot it should be accepted.  For a simple perl script which will testthe common name field on the certificate, see the file.B verify-cnin the OpenVPN distribution..TP.B --disable-occDisable options compatibility check between peers.  This is designedto circumvent OpenVPN's normal options compatibility check inTLS mode.  Use of this option is discouraged, but is provided asa temporary fix in situations where a recent version of OpenVPN mustconnect to an old version..SS SSL Library information:.TP.B --show-ciphersShow all cipher algorithms to use with the.B --cipheroption..TP.B --show-digestsShow all message digest algorithms to use with the.B --authoption..TP.B --show-tlsShow all TLS ciphers (TLS used only as a control channel).  The TLSciphers will be sorted from highest preference (most secure) tolowest..SS Generate a random key:Used only for non-TLS static key encryption mode..TP.B --genkeyGenerate a random key to be used as a shared secret,for use with the.B --secretoption.  This file must be shared with thepeer over a pre-existing secure channel such as.BR scp (1)..TP.B --secret fileWrite key to.B file..SS TUN/TAP persistent tunnel config mode:Available with linux 2.4.7+.  These options comprise a standalone modeof OpenVPN which can be used to create and delete persistent tunnels..TP.B --mktunCreate a persistent tunnel.  Normally tun/tap tunnels exist only forthe period of time that an application has them open.  This optiontakes advantage of the tun/tap driver's ability to build persistenttunnels that live through multiple instantiations of OpenVPN and dieonly when they are deleted or the machine is rebooted.One of the advantages of persistent tunnels is that they eliminate theneed for separate.B --upand.B --downscripts to run the appropriate.BR ifconfig (8)and.BR route (8)commands.  These commands can be placed in the the same shell scriptwhich starts or terminates an OpenVPN session.Another advantage is that open connections through the tun/tap-based tunnelwill not be reset if the OpenVPN peer restarts.  This can be useful toprovide uninterrupted connectivity through the tunnel in the event of a DHCPreset of the peer's public IP address (see the.B --ipchangeoption above).One disadvantage of persistent tunnels is that it is harder to automaticallyconfigure their MTU value (see.B --udp-mtuand.B --tun-mtuabove)..TP.B --rmtunRemove a persistent tunnel..TP.B --dev tunX | tapXTUN/TAP device.SH SIGNALS