easy-openvpn-server icon indicating copy to clipboard operation
easy-openvpn-server copied to clipboard
verified publisher icon IBCNServices

password protection

Open gruz123 opened this issue 4 years ago • 3 comments

Hi, it's greate! thanks! How can assing password protection?

gruz123 avatar Nov 25 '21 17:11 gruz123

Hi @gruz123! This is currently not possible. Why do you want to use password protection?

The default protection using SSL certificates and private key cryptography is more secure than passwords. Each user has a separate .ovpn config file which includes a (user-specific) private key, an SSL certificate and a shared secret. If you give each users their separate .ovpn config file, there is no need for additional protection using passwords.

merlijn-sebrechts avatar Nov 25 '21 18:11 merlijn-sebrechts

Hi @gruz123! This is currently not possible. Why do you want to use password protection?

The default protection using SSL certificates and private key cryptography is more secure than passwords. Each user has a separate .ovpn config file which includes a (user-specific) private key, an SSL certificate and a shared secret. If you give each users their separate .ovpn config file, there is no need for additional protection using passwords.

in my case it's very important. Some pc use several diferent .ovpn config for several servers, also incase if someone get access to pc, it get access to network.

gruz123 avatar Nov 25 '21 21:11 gruz123

I think the best way to solve this issue is to implement PAM or LDAP authentication. I currently don't have time to implement this, but I'll put it on the wishlist.

For reference, if anyone wants to implement this: https://openvpn.net/community-resources/using-alternative-authentication-methods/

merlijn-sebrechts avatar Nov 29 '21 10:11 merlijn-sebrechts