From 2fa276fb4231c640f522fabcc4fca60ffa5f7411 Mon Sep 17 00:00:00 2001
From: ClassOdUa <class.od.ua@gmail.com>
Date: Fri, 6 Aug 2021 19:57:58 +0300
Subject: [PATCH] Remove nopass option for extra security

It is better always to have one extra security level, if someone steal the .ovpn file (like senator's notebook stealled from US Senat for example). So let's create private key passwords by default option.
---
 openvpn-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 4df5783..de5c03e 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -454,7 +454,7 @@ else
 				client=$(sed 's/[^0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-]/_/g' <<< "$unsanitized_client")
 			done
 			cd /etc/openvpn/server/easy-rsa/
-			EASYRSA_CERT_EXPIRE=3650 ./easyrsa build-client-full "$client" nopass
+			EASYRSA_CERT_EXPIRE=3650 ./easyrsa build-client-full "$client"
 			# Generates the custom client.ovpn
 			new_client
 			echo