auth-user-pass in client openvpn file
Posted: Thu Feb 07, 2019 9:19 pm
Hello,
I am in the process of transitioning from passwordless to password-based authentication
using MFA. I have been able to successfully get everything done, but I would like to avoid
having to change everyone's client files and send them out again.
Is there anyway for openvpn server to let the client know that password authentication
is needed, so that the user-password dialog box is prompted on the client side, even if
"auth-user-pass" directive is missing the the client.ovpn file?
If not, I am just wondering why something like this was not included in the implementation,
during initial handshake. If the server needs password authentication, then let the client
know so it can display the dialog box. If not, needed it proceeds as usual. Why should there
be a dependency on the client side to have the "auth-user-pass" directive in it?
I would appreciate if someone knows about this and let me know.
Thanks,
--Harman
I am in the process of transitioning from passwordless to password-based authentication
using MFA. I have been able to successfully get everything done, but I would like to avoid
having to change everyone's client files and send them out again.
Is there anyway for openvpn server to let the client know that password authentication
is needed, so that the user-password dialog box is prompted on the client side, even if
"auth-user-pass" directive is missing the the client.ovpn file?
If not, I am just wondering why something like this was not included in the implementation,
during initial handshake. If the server needs password authentication, then let the client
know so it can display the dialog box. If not, needed it proceeds as usual. Why should there
be a dependency on the client side to have the "auth-user-pass" directive in it?
I would appreciate if someone knows about this and let me know.
Thanks,
--Harman