From a294cd65f6c61d41e1b7584b07295aba73aeb4cb Mon Sep 17 00:00:00 2001
From: Simon Rozman <simon@rozman.si>
Date: Wed, 11 Oct 2017 15:45:30 +0200
Subject: [PATCH] Document ">PASSWORD:Auth-Token" real-time message

Authentication tokens are security enhancement eliminating client
need to cache passwords, and are indispensable at two factor
authentication methods, such as HOTP or TOTP.

The ">PASSWORD:Auth-Token" message was not mentioned anywhere in
the OpenVPN Management Interface Notes. This patch adds a simple use
case example, while the more detailed feature description remains
explained in the OpenVPN manual.
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20171011134530.6676-1-simon@rozman.si>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15599.html

Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
 doc/management-notes.txt | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/doc/management-notes.txt b/doc/management-notes.txt
index 29c3aadf2..373ab7c70 100644
--- a/doc/management-notes.txt
+++ b/doc/management-notes.txt
@@ -317,6 +317,11 @@ COMMAND -- password and username
 
     >PASSWORD:Verification Failed: 'custom server-generated string'
 
+  Example 6: If server pushes --auth-token to the client, the OpenVPN
+  will produce a real-time PASSWORD message:
+
+    >PASSWORD:Auth-Token:foobar
+
 COMMAND -- forget-passwords
 ---------------------------
 
-- 
2.47.2