Ubuntu – OpenVPN – Password Authentication Only

authenticationopenvpnpassword

When using the OpenVPN Client for Windows, I can log into the OpenVPN server with only a username and password. I can't figure out how to make the same thing happen in Ubuntu. It seems that some kind of cert is required.

Any idea how authenticate with an OpenVPN server with only a username and password?

Best Answer

You can authenticate using a username/password perfectly fine without a server/CA certificate. However, I highly recommend configuring it to verify it with your CA certificate to prevent Man-in-the-Middle attacks.

Without any server verification anyone can impersonate your OpenVPN server and just accept your username/password. Results:

The attacker can intercept all traffic. As you don't verify the server you're connecting to, anyone can claim to be your server in a public network (or private network controlled by the attacker).
The attacker knows your username/password combination. Very very bad in case you reuse the same password for other things as well.

In Network Manager, it works fine without CA Cert as shown below, but please don't use it like that! If you don't use any server/CA certificate on Windows, you're really vulnerable to the above attacks.

enter image description here

Best Answer

Related Solutions

Ubuntu – How to use Google Authenticator with OpenVPN server on Ubuntu 12.04

Ubuntu – Can’t access any remote network routes using OpenVPN client

Related Question