openvpn works fine with default user/password authentication.
are there instructions/samples for certificate based passwordless authentication?
creating user with "Individual Certificate Authentication" and including that certificate/private key into vpnserver generated sample opevpn file resulted in
AUTH: Received control message: AUTH_FAILED
passwordless openvpn client
-
thisjun
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: passwordless openvpn client
SoftEther VPN doesn't support certification auth on OpenVPN.
-
shorty1483
- Posts: 9
- Joined: Mon Jun 06, 2016 10:42 am
Re: passwordless openvpn client
thisjun wrote:
> SoftEther VPN doesn't support certification auth on OpenVPN.
Any mid term plans to change that m8?
> SoftEther VPN doesn't support certification auth on OpenVPN.
Any mid term plans to change that m8?
-
erkwok
- Posts: 7
- Joined: Wed Jun 08, 2016 6:20 am
Re: passwordless openvpn client
shorty1483 wrote:
> thisjun wrote:
> > SoftEther VPN doesn't support certification auth on OpenVPN.
>
> Any mid term plans to change that m8?
I saw this in 2014
We are considering to implement the certificate authenticaion on OpenVPN protocol in recent future.
https://github.com/SoftEtherVPN/SoftEtherVPN/issues/55
> thisjun wrote:
> > SoftEther VPN doesn't support certification auth on OpenVPN.
>
> Any mid term plans to change that m8?
I saw this in 2014
We are considering to implement the certificate authenticaion on OpenVPN protocol in recent future.
https://github.com/SoftEtherVPN/SoftEtherVPN/issues/55
-
shorty1483
- Posts: 9
- Joined: Mon Jun 06, 2016 10:42 am
Re: passwordless openvpn client
erkwok wrote:
> shorty1483 wrote:
> > thisjun wrote:
> > > SoftEther VPN doesn't support certification auth on OpenVPN.
> >
> > Any mid term plans to change that m8?
>
> I saw this in 2014
> We are considering to implement the certificate authenticaion on OpenVPN protocol in
> recent future.
>
> https://github.com/SoftEtherVPN/SoftEtherVPN/issues/55
It's a mess, because if the security mechanisms of softether would incorporate the actual values of OpenVPN, it would be a rock stable solution in combination with the great management of Softether.
- HMAC auth option (SHA256, SHA512)
- tls-cipher restriction
- tls-auth with static key
- upgrade in general to TLS 1.2
> shorty1483 wrote:
> > thisjun wrote:
> > > SoftEther VPN doesn't support certification auth on OpenVPN.
> >
> > Any mid term plans to change that m8?
>
> I saw this in 2014
> We are considering to implement the certificate authenticaion on OpenVPN protocol in
> recent future.
>
> https://github.com/SoftEtherVPN/SoftEtherVPN/issues/55
It's a mess, because if the security mechanisms of softether would incorporate the actual values of OpenVPN, it would be a rock stable solution in combination with the great management of Softether.
- HMAC auth option (SHA256, SHA512)
- tls-cipher restriction
- tls-auth with static key
- upgrade in general to TLS 1.2