Re: OpenVPN plugin and private key password
- From: "Ethy H. Brito" <ethy brito inexo com br>
- To: Jirka Klimes <jklimes redhat com>
- Cc: networkmanager-list gnome org
- Subject: Re: OpenVPN plugin and private key password
- Date: Mon, 9 Nov 2015 17:51:26 -0200
On Mon, 9 Nov 2015 13:11:24 +0100
Jirka Klimes <jklimes redhat com> wrote:
On Sat, 7 Nov 2015 13:55:39 -0200
"Ethy H. Brito" <ethy brito inexo com br> wrote:
Hi All
I am not certain if here is the right place to ask this. Forgive me
if it is not.
Why, if I have a password protected private key, the OpenVPN plug-in
demands me to enter the password to enable the save button?
I think this is not right. I don't want my password hanging around.
If, for instance, my laptop gets stolen, the thief has access to my
private data. Saving a password, completely overrides the purpose of
a password protected key!
How to make Networkmanager ask for the password when activating the
VPN?
Am I doing something wrong here? Missing something perhaps?
Regards
Ethy
It depends on the GUI you use.
In recent nm-connection-editor, all password entries have an icon
attached that allows setting password as "always ask".
See
https://bugzilla.gnome.org/show_bug.cgi?id=731891
Jirka
Tested with "cert-pass-flags=2" and got:
The VPN connection 'XXX' failed
because there were no valid VPN secrets.
No window opened to ask the password. Should it?
Any hints?
The config file is like this:
...
[vpn]
service-type=org.freedesktop.NetworkManager.openvpn
tap-dev=yes
ca=ca.crt
connection-type=tls
cert=client.crt
key=client.password.key
remote=IP.IP.IP.IP
cert-pass-flags=2
[vpn-secrets]
no-secret=true
...
But if I use "cert-pass-flags=0" and enter the passphrase at NM,
the VPN is established.
Regards
Ethy
--
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
