auth-user-pass not working with client key authentication

tasket / Qubes-vpn-support

VPN configuration in Qubes OS

GNU General Public License v3.0

126 stars 28 forks source link

auth-user-pass not working with client key authentication #22

Closed tasket closed 6 years ago

tasket commented 6 years ago

The openvpn --auth-user-pass option prevents successful connection when the VPN provider & client are configured to authenticate the client using only a certificate (note: this is not the same as connecting with a server cert, which is very common).

Both password and cert auth types should be supported for openvpn clients. Implementing this should not add extra user prompts, if possible.

tasket commented 6 years ago

Suggested short-term workaround:

If your openvpn service provider doesn't use username+password (i.e. the cert and key options are specified in your config file) then the --auth-user-pass filename.txt option can be removed from the qubes-vpn-handler.service or qubes-tunnel.service file. Note: in v1.4beta4 the backslash on the preceding line should also be removed.

tasket commented 6 years ago

Fix allows user to enter blank lines for username + password, which creates a no-userpassword.txt file in ../vpn folder.