Hi,
On Mon, Mar 30, 2020 at 11:12 AM Selva Nair <selva.n...@gmail.com> wrote:
> Jonathan K. Bullard <jkbull...@gmail.com> wrote:
> >
> > If the OS X command line user was using --management-query-passwords
> > (as Tunnelblick does), they wouldn't see the password prompt on
> > /dev/tty, would they?
>
> In case of auth-file missing password, they would see it on /dev/tty
> on linux, and I would guess on OSX as well, but I've not checked.
The password prompt appears on /dev/tty on OS X only if --daemon is not used.
If --daemon and --management-query-passwords are used but --askpass is
not (whether or not --auth-nocache is also used), which is typical for
a Tunnelblick configuration on OS X, the following appears in the log:
neither stdin nor stderr are a tty device and you have neither a
controlling tty nor systemd - can't ask for 'Enter Auth Password:'.
If you used --daemon, you need to use --askpass to make
passphrase-protected keys work, and you can not use
--auth-nocache.
Exiting due to fatal error
if --daemon, --management-query-passwords, and --askpass are all used
(whether or not --auth-nocache is used), you get:
Need password(s) from management interface, waiting...
If Windows GUI uses --daemon, that could be an additional requirement
that would work for Tunnelblick and OS X, which would mean one less
incompatibility between Windows and OS X.
Or it could test for Windows || (OS X && --daemon).
Best regards,
Jon Bullard
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
