1
18.7 Legacy Series / openvpn client how to enter password
« on: November 11, 2018, 10:19:24 am »
Hi all.
I cannot get my opnsensebox to connect to a private vpn service (nordvpn) so I am a client.
If I configure the client through the web interface my credentials are stored in /var/etc/openvpn/client1.up, and in client1.conf I see
"auth-user-pass /var/etc/openvpn/client1.up"
But the connection always failes with an error like "private key password verification failed" and with higher verbosity : neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Private Key Password:'
If I copy the original ovpn from nordvpn to /var/etc/openvpn and name it client1.conf I can do in a terminal:
root@OPNsense:/home/CXtrd # openvpn --verb 3 --config /var/etc/openvpn/client1.conf
and then it asks for my username/password and connects fine. (initialization sequence completed)
In the web interface however the system is unaware of this connection, and routing and rules are not evaluated.
This has been asked before, (https://forum.opnsense.org/index.php?topic=3021.msg9336#msg9336) but the solution was to make the private key passwordless. Don't know why exactly, but that doesn' t feel quite comfortable.
"auth-user-pass /var/etc/openvpn/client1.up" in client1.conf suggests to me it is ment to be working this way. I am new to opnsense, and lack the knowledge to figure this out.
I use OPNsense 18.1.13_1-amd64
I cannot get my opnsensebox to connect to a private vpn service (nordvpn) so I am a client.
If I configure the client through the web interface my credentials are stored in /var/etc/openvpn/client1.up, and in client1.conf I see
"auth-user-pass /var/etc/openvpn/client1.up"
But the connection always failes with an error like "private key password verification failed" and with higher verbosity : neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Private Key Password:'
If I copy the original ovpn from nordvpn to /var/etc/openvpn and name it client1.conf I can do in a terminal:
root@OPNsense:/home/CXtrd # openvpn --verb 3 --config /var/etc/openvpn/client1.conf
and then it asks for my username/password and connects fine. (initialization sequence completed)
In the web interface however the system is unaware of this connection, and routing and rules are not evaluated.
This has been asked before, (https://forum.opnsense.org/index.php?topic=3021.msg9336#msg9336) but the solution was to make the private key passwordless. Don't know why exactly, but that doesn' t feel quite comfortable.
"auth-user-pass /var/etc/openvpn/client1.up" in client1.conf suggests to me it is ment to be working this way. I am new to opnsense, and lack the knowledge to figure this out.
I use OPNsense 18.1.13_1-amd64