Comments on: OpenVPN LDAP authentication https://backreference.org/2012/09/14/openvpn-ldap-authentication/ Proudly uncool and out of fashion Thu, 17 Mar 2016 16:02:57 +0000 hourly 1 https://wordpress.org/?v=5.8.2 By: waldner https://backreference.org/2012/09/14/openvpn-ldap-authentication/#comment-24838 Thu, 10 Jan 2013 13:48:02 +0000 http://backreference.org/?p=3381#comment-24838 In reply to Manu.

My version of ldapsearch doesn't have the -j option, however I see it does have a -y file option which I suppose will do something very similar.

However, since then ps -ef would show the name of the file where you stored the password, it should be made readable only by root or by the user running the openVPN script.

]]> By: Manu https://backreference.org/2012/09/14/openvpn-ldap-authentication/#comment-24837 Thu, 10 Jan 2013 13:28:49 +0000 http://backreference.org/?p=3381#comment-24837 with ldapsearch you may prefer to -j instead of -w :

-j file read bind passwd (for simple authentication)
-w passwd bind passwd (for simple authentication)

So no need to obfuscate anything and a simple :

ps -ef

don'l let people sharing with you the server discover your password

]]>