I have configured OpenVPN and it works great. It is super awesome... with one little problem. I can run OpenVPN from a shell as "openvpn <config file>" and it does not prompt me for a username and password. I can run OpenVPN from a shell as "openvpn --daemon --writepid /var/run/openvpn/this.pid --config server.conf --cd /etc/openvpn" and it does not prompt me for a username and password. I copied this from the init script.
However, when I type "service openvpn start" I am asked for an "Auth Username" and "Auth Password" and OpenVPN will not start unless I provide appropriate credentials. If I do provide them, it works. This is a problem because I would like OpenVPN to come up automatically if the server is restarted, and I will not always be there at a console to enter the username and password.
(I suppose for some reason it may work when run as part of the normal startup process, and only because I am manually typing "service openvpn start" does it ask for credentials. However I can't test this now, and it would make no sense to me anyway.)
I am not using client certificates, but rather the PAM module "/usr/share/openvpn/plugin/lib/openvpn-auth-pam.so" . Perhaps this has something to do with it, but again I don't understand why I can run it as a daemon from a shell with no problem, and only experience undesired behavior when using the init script.
Clients can connect just fine with usernames and passwords. I am also using the tls-auth key. None of the private keys require passwords to access them. I have administered several certificate authorities using OpenSSL and I am confident this is not the problem.
So..... what's the deal? I am usually one of those "never ask for directions" guys but this has me stumped. Thanks for any help you can provide.
