setenv ALLOW_PASSWORD_SAVE 0

[Sjors]

Putting "setenv ALLOW_PASSWORD_SAVE 0" into the OVPN-file doesn't seem to alter the behaviour of the Save password button in "OpenVPN 1.0 build 47 (iOS)" although in "More Help..." it says it should do so.

I like to disable the Save password button because I don't have a password set on my iOS device.

[jamesyonan]

Has anyone else seen this? It works fine for me. The "Save" switch will still be shown, but it should be greyed-out and locked in the off position.

James

[Sjors]

More details:
- Tested on: iPhone5 (iOS 6.0.1) & iPad mini (? iOS 6.0.1 ?) & iPad Gen 3 (iOS 6.0.1).
- Could it be the "persist-key" option ? => No, tested by removing it.

Here is my (CENSORED) OVPN file:

Code: Select all

# Disable password save
setenv ALLOW_PASSWORD_SAVE 0

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
dev tun

# Are we connecting to a TCP or
# UDP server?  Use the same setting as
# on the server.
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote server.name.com 1194

# Most clients don't need to bind to
# a specific local port number.
nobind

# SSL/TLS parms.
# See the server config file for more
# description.
<ca>
-----BEGIN CERTIFICATE-----
CENSORED
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
CENSORED
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
CENSORED
-----END RSA PRIVATE KEY-----
</key>
persist-key
persist-tun

# If a tls-auth key is used on the server
# then every client must also have the key.
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
CENSORED
-----END OpenVPN Static key V1-----
</tls-auth>

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
cipher AES-256-CBC

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo

# Set log file verbosity.
verb 1

# Route all traffic via OpenVPN
redirect-gateway

[jamesyonan]

I think I see the problem -- are you are talking about the private key password, not the authentication password?

In 1.0.0, only the authentication password can be disabled with "setenv ALLOW_PASSWORD_SAVE 0".

[Sjors]

Indeed the private key password.

How do I set an authentication password ?

I guess an authentication password is probably better as it is stored on the server and the user cannot alter it ?

I think I have to dive into the documentation again (it's been a while ago).

Thank you for the help James