Support AuthUserPass? #165
Comments
|
Just want to clarify. --auth-user-pass in the config file is supported, but it must point to a disk file which is read for user name and password. What does not work is having the option without pointing to a disk file because that tells OpenVPN to read the information from stdin. Want to make sure I understand correctly. You'd like the option to have CMST prompt for the user name and password then provide those to to OpenVPN via stdin - therefore bypassing the user/pass file? If that is you are after I'll certainly look into it, but I'm not sure it is possible since CMST only interfaces with ConnMan. It is ConnMan which interfaces with OpenVPN, and if I recall correctly I put in the user/pass file and removed the plain --auth-user-pass option because there was no way to send the data via stdin with ConnMan. |
|
Hi Andrew, thanks for your quick answer! Yes, I need a user / pass prompt because I have to use google authenticator (OTP added to password). So I can't work with a "static" file. Regards |
|
We do have the vpn-agent, but not sure why it is not asking for user name and password. I will look into this, but want to let you know that it is not going to be quick. It actually gives me a good feature for the next release, but I have a lot on my plate at the moment and I don't want to get your hopes up that it will be coming in the next month or so. [edit] - thought at first we didn't have a vpn-agent, but we do. Now need to find out why it is not asking for information in this case. |
|
Thanks for feedback, @andrew-bibb |
|
Any plans / progress here? |
|
Sorry. I did look and our vpn-agent implements what ConnMan supports and does start properly. To try and work around the limitation of requiring input from STDIN I am going to need to hack something. Getting to the time of year where weather dictates I'll be at my computer a bit more. However I don't want to get your hopes up as because of family reasons I'm finding that I'm spending about 2 weekends every month driving from one side of New England to the other (and back again). Since about March of this year my free time has been almost non-existent. |
|
Sorry about the long delay, in addition to the weather starting to cooperate things on the personal end seem to be (temporarily at least) somewhat more stable. I was looking at this and am wondering if the OpenVPN.AskPass option might work. In the VPN provisioning editor I had that as a yes/no which was incorrect. Just changed the code to be a file selector and uploaded it a few minutes ago. I have found a bug report online about OpenVPN not working if askpass is set to stdin. It seems old and is marked "fixed". The file selector won't let you type in something that does not exist, for instance stdin, but that can be worked around or just type in the line manually. Thing is I don't know if ConnMan can deal with it set to stdin, nor do I know if that is what you actually need. |
|
Have you successfully tested it with stdin / askpass? If it works it should be fine for me. Because of the OneTimePass I need to type the password (password + otp) during vpn connect. The otp changes every 60 seconds. For testing I tried to save the current pass+otp to a auth file, which should work, but isn't fine for every day use. g |
Hi,
I read the wiki article about vpn and also that AuthUserPass isn't supported, but I need to add an OTP to the password. So I can't use cmst :(
Is there a chance to add a (simple) dialog to enter user / pass?
The text was updated successfully, but these errors were encountered: