Ability to hide pk password from command line

OpenVPN / openvpn3

OpenVPN 3 is a C++ class library that implements the functionality of an OpenVPN client, and is protocol-compatible with the OpenVPN 2.x branch.

https://openvpn.net

Other

999 stars 401 forks source link

Open scruel opened 8 months ago

scruel commented 8 months ago

Currently we can see pliantext of pk password via command line, and --cache-password won't work for caching --pk_password.

Just make:

ovpncli client.ovpn --pk-password $(/etc/openvpn/client.pass)

To:

ovpncli client.ovpn --pk-password-file /etc/openvpn/client.pass

Or:

export OVPN_PK_PASSWORK_FILE=/etc/openvpn/client.pass
ovpncli client.ovpn

Will be fine enough.