Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Feature request: add "auth-user-pass" option in .ovpn file [withdrawn/solved]

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jeremy11one
      last edited by

      Currently, when I export the client files for OpenVPN, the user has to import that ovpn file and then manually type their username/password into their client program.  It would be easy, with a minor edit to the ovpn file, to have the username/password detected automatically so the user does not have to ever know what it is.

      I would like the exported zip file to include a "auth-user-pass UserCredentials.txt" line in the ovpn file, and a text file called "UserCredentials.txt" containing the user's username/password.  It should be optional in case some admins do not want the credentials to be included in plaintext like that.

      Thoughts?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The user's password is not stored in the clear on the firewall so what you're asking is not possible.

        Furthermore, storing user credentials is not recommended and not something we'll likely encourage. If you will store the user/pass you may as well not require it, leaving it only to have certificates for authentication (e.g. change mode from SSL/TLS + User Auth to only SSL/TLS)

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          Jeremy11one
          last edited by

          @jimp:

          The user's password is not stored in the clear on the firewall so what you're asking is not possible.

          Furthermore, storing user credentials is not recommended and not something we'll likely encourage. If you will store the user/pass you may as well not require it, leaving it only to have certificates for authentication (e.g. change mode from SSL/TLS + User Auth to only SSL/TLS)

          Good reply.  I didn't know I could just disable the password requirement and I appreciate that the passwords are not stored in plaintext on the firewall.  Thank you.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.