openvpn client how to enter password

[CXtrd]

Hi all.

I cannot get my opnsensebox to connect to a private vpn service (nordvpn) so I am a client.

If I configure the client through the web interface my credentials are stored in /var/etc/openvpn/client1.up, and in client1.conf I see
"auth-user-pass /var/etc/openvpn/client1.up"
But the connection always failes with an error like "private key password verification failed" and with higher verbosity : neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Private Key Password:'

If I copy the original ovpn from nordvpn to /var/etc/openvpn and name it client1.conf I can do in a terminal:

root@OPNsense:/home/CXtrd # openvpn --verb 3 --config /var/etc/openvpn/client1.conf

and then it asks for my username/password and connects fine. (initialization sequence completed)

In the web interface however the system is unaware of this connection, and routing and rules are not evaluated.

This has been asked before, (https://forum.opnsense.org/index.php?topic=3021.msg9336#msg9336) but the solution was to make the private key passwordless. Don't know why exactly, but that doesn' t feel quite comfortable.

"auth-user-pass /var/etc/openvpn/client1.up"  in client1.conf suggests to me it is ment to be working this way. I am new to opnsense, and lack the knowledge to figure this out.

I use OPNsense 18.1.13_1-amd64

[CXtrd]

Found out:
"auth-user-pass /var/etc/openvpn/client1.up"  in client1.conf suggests to me it is ment to be working this way.

This will only work if openvpn is compiled with the option to enable this. It seems to me that in opnsense this is not the case.

[Northguy]

Hi, I am running into the same situation while testing such a setup. What was your final workaround?

[Northguy]

Figured it out. Needed to clean up the advanced settings