Like in English. [juri:fia] would probably be the closest. 'eu' makes the [ju] sound (like in 'you' or 'eu' in 'Europe') and 'ph' becomes [f] (like in 'Phillip')

Yes, there is a lot of solutions to choose between, and a lot of good products. But if you do not need a commercially supported IPSec based VPN solution, why then to pay for it? To implement a secure VPN solution is difficult, and IPSec and its brothers and sisters are not too easy to configure correctly. OpenVPN provides a much simpler approach, but yet powerful and secure. And OpenVPN has proved over time to be rock solid as well. In addition, OpenVPN works on a broad variety of platforms as well. So if you just want a secure VPN solution, which is easily implemented, OpenVPN is a very good option.

To enhance the security on OpenVPN connections even more. To make the access more fine-grained and get to better control over each user which has an access. Without this plug-in, you can only limit user access by either scratching all certificates, or by using CRL (Certificate Revocation List) in OpenVPN. With this plug-in, you can more easily and quickly disable or enable accounts on the fly. With eurephia you can also be sure that the VPN user will authenticate her-/himself with a secure password.

The SSL keys OpenVPN users must have, do not provide a good regime for controlling that passwords do exists or that the password complexity is good enough. This is because the password is for opening the SSL keys are locally stored and managed on the client. The server is never involved on password change for SSL keys.

With the eurephia plug-in, the user must also use a user name and a password, both which is managed on the OpenVPN server side. When the user wants to change the login password, this must be done against the password change application on the server. In such a regime, you can easily make sure that empty passwords or too simple passwords are not used.

Other reasons to use eurephia, is of course that IP addresses, certificates and user accounts will be blocked automatically if too many failed attempts are registered. In addition, you will also be able to have per-user firewall rules, to limit each users network access over the VPN connection.

This plug-in is heavily tested on Linux and there are some reports that it seems to work on FreeBSD. It should work on other platforms as well. If it compiles, it most probably will work. What will not work out-of-the-box on other platforms is firewall updates, since eurephia now only includes an interface for iptables.

As the question above, it is not tested. But if you manage to compile it, it might work quite well. But remember, firewall suport will not work without writing a new firewall implementation.

When we reach the release version, starting with version 1.0, it should be considered to be stable. Before we reach the final version, it will have been through a lot of tests, including both short term sessions (less than 1 minutte) and long term sessions (being connected for more than 48 hours). If any issues are found, they will be fixed ASAP. The release version will always have a high attention if new bugs are found.

OpenVPN do not send over one important information to the plug-ins, the SHA1 fingerprint (digest) of the certificate being used. This is needed to match a unique certificate up against a specific user account in eurephia.

You have also a few options when it comes to implement eurephia. You can use the pre-patched OpenVPN verison available here, you can download the official version from OpenVPN (http://openvpn.net/index.php/downloads.html) and patch it yourself with the available patch from the download pages. You can also use the openvpn-testing version, available via the OpenVPN Community pages.

It is on the way. The patch is included in the openvpn-testing.git tree for OpenVPN. This is one of the stages patches now go through before it hits the official stable tree. The OpenVPN developers are careful about implementing new things into OpenVPN, to make sure patches don't cause OpenVPN to become unstable.

Have a look on the eurephia wiki pages. You will find compiling instructions described here.

You need to install eurephia on your OpenVPN server. The OpenVPN configuration file needs to extended with the 'plugin' and option. You also need to setup some configuration parameters in the database which eurephia will use. For more info, have a look at the wiki pages

You will need to add the 'auth-user-pass' option in the OpenVPN client configuration. For more info, have a look at the wiki pages

Check mailing lists and bug tracker on sourceforge.net. If you cannot find your answer here, please send an email to the mailing list:

Great! First, check the bug tracker if this is reported already or not. If you can't find it, please report it here!

Yes, please! Any contribution will be very much appreciated! Write patches, write new modules, help write documentation, package it for your favourite OS, or whatever else. Even graphic work will be appreciated. If you want to help out with the source code, please pull down the latest source code via git and let git produce the patch files. Please upload the patches to the patch tracker (Under Feedback, Contributed patches, in the web site menu). Please make sure you have checked out the right branch for the release if you are fixing bugs.

eurephia uses git for SCM. For more info about git: http://git.or.cz/

$> git clone git://eurephia.git.sourceforge.net/gitroot/eurephia/eurephia.git

By calling this command, you will download the latest development source tree. When you have a cloned git tree locally, you can call the following command to update the source tree with the latests versions available

$> git fetch

This will download changes to the origin branches in git. To merge them with your local branches, you need to call

$> git merge origin/master

For more information about merging and working with remote branches, please have a look on the official documentation. It will provide you with much better information.

All versions of eurephia are tagged. You need to checkout a tag to get the correct version. Use this command to list all available tags

$> git tag -l

To checkout a specific release to a local working branch, use the following command:

$> git checkout -b <release name> <tag name>

Yes, you can commit to your own local tree, and this is very fine! I encourage you to do local commits. But you cannot commit to the remote tree. If you do local commits, they can easily be "converted" to patches which again can be uploaded to the patch tracker at sourceforge.net.

To produce good patches quickly and easily, use the following command:

$> git format-patch -s <commitish>

Please give your commits a good commit message, not just a one-liner. It will help implementing your patches more quickly when it is easier to understand what your patch does. If we do not understand what you try to solve, your patch will be sent back to you for further enhancements.

Use the git help arguments (-h|--help), check the git home page at http://git.or.cz/, http://progit.org/book/ (very good resource!) and you will also find a lot of good help by googling for git.