OpenVPN 2.1 : auth-user-pass

[TheJanitor]

so there was a time when was able to use openvpn with the parameter, --auth-user-pass /path/to/credentials and i could establish a connection without a credentials prompt, now it seems i cannot.

is there a specific reason for this? has this feature been removed? can servers block this behaviour?


i simply get an authentication error when i attempt to do so.

any ideas? thanks.

[TheJanitor]

bump thanks.


i have read the manual.

--auth-user-pass [up]
Authenticate with server using username/password. up is a file containing username/password on 2 lines (Note: OpenVPN will only read passwords from a file if it has been built with the --enable-password-save configure option, or on Windows by defining ENABLE_PASSWORD_SAVE in config-win32.h).

If up is omitted, username/password will be prompted from the console.

The server configuration must specify an --auth-user-pass-verify script to verify the username/password provided by the client

i have tried 3 things.

both authorizations files like so.

#1
user foo
pass bar

#2
foo
bar


i have also tried compiling it from source with the ./configure --enable-password-save, noting seems to work. i had it working before on a different vpn, i think that was version 2.0.

i wonder if this is significant? https://community.openvpn.net/openvpn/ticket/60

[TheJanitor]

hmmm, i am not entirely sure what the problem was, but i was able to get it working by compiling 2.1 from source with..

./configure --enable-password-save

some headers were required.

i then specified auth-user-pass /path/to/credentials/file in the client configuration file.
the credentials file itself just consisted of a username on the first line and a password on the second, nothing else.

also make sure to check permissions of the client config file. afaik it needs execute permissions.

i hope this helps someone, this was not an easy problem to dig up on google.