That's just the nature of storing secrets for later use. The only way to store a key in an encrypted form would require the user to then supply a decryption key, probably in the form of a password that would then be handed to a key derivation function. That only slightly moves the goalposts.
I'd expect that you should be able to delete that line or that section of the file to then be prompted for the password when establishing a connection; if so, that's probably the direction to take. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1825474 Title: Storing plain text private key password on the system (Security Issue) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1825474/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
