Openvpn with username and password

authentication openvpn
17,220

There's a directive you can use in your server.conf, depending on your OpenVPN version.

  • client-cert-not-required:

    Makes your VPN a less secure as the cert is not required to authenticate (deprecated).

  • verify-client-cert none|optional|require:

    Using verify-client-cert none is the equivalent of the aforementioned option.

Source Link: Click here

Share:
17,220
Kamal Panhwar
Author by

Kamal Panhwar

I am Full Stack Ruby On Rails/NodeJS/Php Developer and A VoIP/DevOps Engineer experience having various technical skills Linux, Apache, Mysql, Postgres, MongoDB, NodeJS Deployment of Solutions, Security and Monitoring, Nagios, Monit, Opensips, Asterisk, AngularJS, ReactJS, React Native, Api development etc. I am a Strong believer in Open Source clean code development, focus in quality and reusability. I am a lover of Agile Principles, Test Driving Development and practices. Have been using Ruby on Rails, PHP and Javascript. I always try to be up-to-date in the IT World. I was always divided into programming and system administration, so have very strong skills in Linux systems with respect to security and VoIP telecommunications software. Specialties: Strong background in IT management, recruiting, policy making, Managing Mobile application development, Designing and optimisation database structure, software architecture experience in enterprise size environment, comfort with and understanding of version control and continuous integration, strong Object Oriented Design and Functional programming. Currently working on Ruby on Rails, ELixir/Phoenix Framework and PHP. Knowledge of SQLite, MySQL, MSSQL and other similar databases. Worked on different technologies PHP, Javascript, web technologies, Elixr, Phoenix and many frameworks. Web service expertise SOAP, REST, JSON, XML and wide exposure to third-party libraries and API integrations. Strong understanding of Unit Testing. Ability to build and guide the technology team and resolve any issue that arises. Mentoring juniors, code review, best practice, security policy implementations, helping juniors to code better, git code reviews. My Youtube Channel My linkedin Profile

Updated on June 24, 2022

Comments

  • Kamal Panhwar
    Kamal Panhwar almost 2 years

    I have configure OpenVPN it is working fine. But I always need to import configuration and it has ca certificate, I enabled username and password authentication. But still I need to add this certificate.

    How can I connect openvpn without certificate and configuration but only username and password.

    Server Configuration

    port 1194
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh.pem
auth SHA512
tls-auth /etc/openvpn/ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 94.237.127.99"
push "dhcp-option DNS 94.237.40.99"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 4
crl-verify /etc/openvpn/crl.pem
--verify-client-cert none
log-append /var/log/openvpn.log
script-security 2
auth-user-pass-verify /etc/openvpn/example.sh via-file

    client configuration

    client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote 94.237.88.154 1194
resolv-retry 5
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
setenv opt block-outside-dns
key-direction 1
verb 3
auth-user-pass
script-security 2

<ca>
-----BEGIN CERTIFICATE-----
###
###
-----END CERTIFICATE-------

    Now when I import this file and use my userid and password it connect, but I want to connect openvpn client without importing this client file and only providing username and password.

  • U. Windl
    U. Windl almost 5 years
    I think this answer is unrelated to the question.
  • Ivan Montilla Miralles
    Ivan Montilla Miralles almost 5 years
    With all due respect, I don't think it's unrelated. He's asking how to do username/password authentication without requiring certificate authentication. This setting allows exactly that. How is it unrelated?
  • josoler
    josoler almost 5 years
    I think the question here is how clients should connect to the VPN with no certificate
  • Ivan Montilla Miralles
    Ivan Montilla Miralles almost 5 years
    @josoler Yup, that's right. But if the server requires the certificate, there's nothing he can do, except applying my solution. So he must remove certificate validation/requirement on the server side, in order to achieve that.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to install PAM for OpenVPN server?
connect to openvpn using username and password
How to use Google Authenticator with OpenVPN server on Ubuntu 12.04
OpenVPN - Password Authentication Only
Possible? OpenVPN server requiring both certificate- AND password-based login (via Tomato router firmware)
OpenVPN certificate OR plugin-auth-pam authentication
OpenVPN AUTH failure, but login data is correct
Can't connect to VPN after upgrading to Ubuntu 22.04
flutter_web_auth doesn't redirect from WebView to the app after authorizing the access to my data in Flutter
Staying logged in when updating code on flutter web