After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 725174 - OpenVPN plugin stores password in plaintext
OpenVPN plugin stores password in plaintext
Status: RESOLVED DUPLICATE of bug 731891
Product: NetworkManager
Classification: Platform
Component: VPN: openvpn
0.9.x
Other Linux
: Normal major
: ---
Assigned To: NetworkManager maintainer(s)
NetworkManager maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2014-02-25 21:58 UTC by Michael Monreal
Modified: 2014-06-27 13:26 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Michael Monreal 2014-02-25 21:58:23 UTC 
I configured VPNs using most of the plugins and noticed that accounts using OpenVPN store the password in plaintext in the [vpn-secrets] section in /etc/NetworkManager/system-connections/<filename> while others use the keyring.

Is there a technical problem that prevents usage of the keyring here?

Tested on Fedora 20 with NetworkManager-openvpn-0.9.9.0-0.1.git20140128.fc20.x86_64
Comment 1 Dan Williams 2014-04-22 22:13:09 UTC 
Setting this is the responsibility of whatever creates the connection, so in a GNOME desktop that would be NM-openvpn's GTK UI plugin.  In KDE, I'm not sure what will do it, but I'd assume whatever code they have there for the Plasma network widget.  In XFCE or LXDE, nm-connection-editor loads the NM-oepnvpn GTK UI too.  With direct nmcli, the user must set that option.

Which way did you create the connection?
Comment 2 Michael Monreal 2014-04-23 05:49:37 UTC 
I used the GNOME 3.10.x network panel.
Comment 3 Thomas Haller 2014-06-27 13:26:23 UTC 
closing as duplicate of bug 731891 (which is newer then this bug, but has more information)

*** This bug has been marked as a duplicate of bug 731891 ***