Friday, November 17, 2017

OpenVPN - WARNING: "this configuration may cache passwords in memory"

OpenVPN Version: 2.4.3

When connecting via OpenVPN protocol, you might see the following line in the connection logs of the VPN client software:
WARNING: this configuration may cache passwords in memory -- 
use the auth-nocache option to prevent this

Basically this tells you that it would be theoretically possible that someone could hack into your compter/laptop and steal your OpenVPN password from your memory.

That is true, but should a hacker have access to your RAM or pagefile already, your VPN password is the last thing you should worry about.

You can fix this by add the line "auth-nocache" to the config file, then reconnect, this warning should not appear anymore.

No comments: