Closed tasket closed 6 years ago
Suggested short-term workaround:
If your openvpn service provider doesn't use username+password (i.e. the cert
and key
options are specified in your config file) then the --auth-user-pass filename.txt
option can be removed from the qubes-vpn-handler.service or qubes-tunnel.service file. Note: in v1.4beta4 the backslash on the preceding line should also be removed.
Fix allows user to enter blank lines for username + password, which creates a no-userpassword.txt file in ../vpn folder.
The openvpn
--auth-user-pass
option prevents successful connection when the VPN provider & client are configured to authenticate the client using only a certificate (note: this is not the same as connecting with a server cert, which is very common).Both password and cert auth types should be supported for openvpn clients. Implementing this should not add extra user prompts, if possible.