i've installed a VPN server on my router following teh istructions on https://openwrt.org/docs/guide-user/services/vpn/openvpn/server and all work correctly. Now i ask you if is possible to add at least a password to access into a vpn. I've read it's necessary to modify both server.conf (for server config) and client.ovpn (for client config). Unfortunately there's several post and each one say different things and it's not clear for me what can i do. So the answers are :
What line/string or other must be added on server.conf and client.ovpn in orde to ask a password to use a VPN connection?
Eventually what line must added in the client to save the password (once inserted) ?
No. On the client using automatic login (such as OpenWrt) the username and password are stored in a separate file.
The only real security gain of putting user-pass on top of certificate authentication is when the password is not saved, but entered by the user each time.
I opened file server.conf and added line auth-user-pass login.conf
I created file login.confin the same folder of server.conf
I opened file login.conf and added:
"user as you want" in the first line
"password as yout want" in the second line
For client side:
I opened file client.ovpn and I added line auth-user-pass (this enable user/password option and must be filled - optional to save password is also avaiable . See image attached)
Deleted old profile in the Openvpn app and re-imported client.ovpn with user/pass enable.