Feature request: add "auth-user-pass" option in .ovpn file [withdrawn/solved]



  • Currently, when I export the client files for OpenVPN, the user has to import that ovpn file and then manually type their username/password into their client program.  It would be easy, with a minor edit to the ovpn file, to have the username/password detected automatically so the user does not have to ever know what it is.

    I would like the exported zip file to include a "auth-user-pass UserCredentials.txt" line in the ovpn file, and a text file called "UserCredentials.txt" containing the user's username/password.  It should be optional in case some admins do not want the credentials to be included in plaintext like that.

    Thoughts?


  • Rebel Alliance Developer Netgate

    The user's password is not stored in the clear on the firewall so what you're asking is not possible.

    Furthermore, storing user credentials is not recommended and not something we'll likely encourage. If you will store the user/pass you may as well not require it, leaving it only to have certificates for authentication (e.g. change mode from SSL/TLS + User Auth to only SSL/TLS)



  • @jimp:

    The user's password is not stored in the clear on the firewall so what you're asking is not possible.

    Furthermore, storing user credentials is not recommended and not something we'll likely encourage. If you will store the user/pass you may as well not require it, leaving it only to have certificates for authentication (e.g. change mode from SSL/TLS + User Auth to only SSL/TLS)

    Good reply.  I didn't know I could just disable the password requirement and I appreciate that the passwords are not stored in plaintext on the firewall.  Thank you.


Log in to reply