OpenVPN Support Forum

I don't have a server that I can run special authentication methods on. I'm looking to add a password and username to my current configuration using a windows 7 machine.

I know about the client and server auth commands and how to make it check via a file.

What I don't know is how to write a batch or script to check the client's entered credentials and authenticate them against what I want them to be stored as on the server. Any help with writing this script/batch?

this is slightly off-topic for this forum and is far too dependent on how you want to store the credentials on the (windows based?) server side. A simple batch job which does a would do what you request, but I hardly think it is what you want.

Look into Windows Powershell programming for more advanced shell scripting on windows.

Which forum would you suggest I turn to with help in this? I'm in school, so still learning, atm and I'm not a programmer by any means. I don't write scripts or batches nor is it in my degree. However, I'm trying to learn because I know how much easier life in IT can be if you know how to do these. I'm not even sure of syntax to use in a simple batch file and lookup process let alone a powershell script.

Tried posting in a better area and have not received any help there so let me go into some more detail about what I have.

I have a Windows 7 x64 based pc that is running OpenVPN as a server. Right now my only form of Authentication is Certificates. I understand the basis of adding a UN and PW authentication in addition to certificates by adding a user-auth-pass-verify command to the server conf and a user-auth-pass to the client conf. I understand this prompts openvpn client to enter a UN and PW and submits them to the server for authentication.

However, I do not know what authenciations I have without running an AD/Shadow Key/or *nix box OS to authenticate with something like PAM or radius. I'm also unskilled at writing scripts as I do not know syntax as I'm not a programmer by any means.

I figure a somewhat secure way to store my UN and PW are in two seperate files on different locations on my hard drive. I do not know how to write a script that will reference this and authenticate with a 0 for success or a 1 for failure. I took your advice and tried using powershell and came up with this after about 5 hours.

$username = gc "c:\Program Files (x86)\OpenVPN\config\Usernamefile.txt"
$username = gc
$password = gc "c:\Program Files (x86)\OpenVPN\config\Passwordfile.txt"
$password1 = gc
if (($username -ceq $username1) -and ($password -ceq $password1)) {0}
elseif (($username -cne $username1) -or ($password -cne $password1)) {1}
else {1}

My issue is two things with this script.

A) I do not know how to reference the file in which openvpn stores, even through via-file or via-env commands.
B) When the script runs OpenVPN on the server returns an error in the log stating that / is used as something else (idr i'm not at the server atm) and for windows directories it needs to be //. Understand same with conf files. However, upon changing it in the Powershell script the script no longer runs.

Assistance is greatly appreciated. Just trying to get a dual factor authentication going. Something easy atm, not necessarily super secure for now.