Hello everyone.
Please tell me, do I have to make changes (attached screenshot) to the configuration file that I received from the VPN provider? I mean the login from the provider and the fictitious password that I write below.
I wanted to clarify because even without these changes, everything works well.
If I don't, how will it affect my work?
The username and password are in a separate file. The first line of that file is the username and the second line is the password.
Many VPN services use certificate authentication only, because OpenVPN's password feature adds little security.
Thanks for your answer.
Yes, I realized that the first line is the user name in the personal account of the VPN provider and the second line is any password.
I tried two options and they both work, I wanted to clarify what the difference is.
I also noticed that the path to this file may be different on the host not the same as in a configuration file, for example:
auth-user-pass /etc/openvpn/client
or
auth-user-pass /etc/openvpn/server
or
auth-user-pass /etc/openvpn/italia.auth
You could store the file anywhere as long as the .ovpn file points to it with a full path. I usually create an /etc/config/openvpnfiles directory for such files as everything in or under /etc/config/ will be saved during a sysupgrade.
If you are using 24.10 which comes with OpenVPN 2.6, it is easier to add password and username inline so in the OpenVPN config add:
<auth-user-pass>
username
password
</auth-user-pass>
Of course remove the line with:
auth-user-pass /etc/openvpn/client
@mk24 @egc Thank you for your answers.
I understand correctly that if I see auth-user-pass in the configuration file, it means that the VPN provider requires me to specify a login (when creating an account) and a made up password ?
All I see in my configuration file now is auth-nocache and auth sha512
Not all providers work with username/password some use keys instead so it is perfectly possible you do not have auth-user-pass.
thank you so much for your reply and help.
I realized that when I saw that there was no auth-user-pass in the config file.