Git Product home page Git Product logo

Comments (6)

dsommers avatar dsommers commented on August 31, 2024

OpenVPN 3 Linux does not support --auth-user-pass with saved credentials like OpenVPN 2.x. I have not yet decided if we should support it in this way, or use a different approach for it. Storing user credentials is generally not recommended.

You should be able to achieve what you want using the openvpn3-autoload utility which will be able to handle this scenario. This approach saves the credentials only for the session startup in the OpenVPN 3 backend services. You need to save the OpenVPN configuration profile in it's own directory (for example: client.conf) and have a autoload configuration file in the same directory (client.autoload). The contents of this additonal file is documented in the openvpn3-autload(8) man page. You need to set "autostart": true for this to work. With this configured, you can start the configuration using openvpn3-autoload --directory /path/to/openvpn/profile.

from openvpn3-linux.

dsommers avatar dsommers commented on August 31, 2024

We have just released a workaround document on this feature: https://openvpn.net/openvpn-3-linux-and-auth-user-pass/

from openvpn3-linux.

fazalmf avatar fazalmf commented on August 31, 2024

Good to know . thank you

from openvpn3-linux.

MaxWS avatar MaxWS commented on August 31, 2024

Thanks

from openvpn3-linux.

bipinmdr07 avatar bipinmdr07 commented on August 31, 2024

Sadly but couldn't find any documentation on configuring the autoload with ovpn file which has static-challenge in it for MFA. Anything we can do with this @dsommers ?

from openvpn3-linux.

dsommers avatar dsommers commented on August 31, 2024

@bipinmdr07 Nope. That' defeats the purpose of a the static-challenge. That is typically used with OTP tokens, so that value is not static thus not much useful to put into a configuration.

That said, it is possible to write your own script doing this magic for you. The OpenVPN 3 Linux project ships with a Python module which is used by openvpn2, openvpn3-autoload and openvpn3-systemd. But built-in support for automated OTP codes is not something we consider for inclusion into this project. Hosts requiring automatic connection without user interaction should normally use certificate-only authentication, which is already a very strong authentication method.

from openvpn3-linux.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.