Package: network-manager-openvpn Version: 0.3.2svn2855-1.1 Severity: important
I am trying to connect using the X509 certificates method. I broke my pkcs12 to the three certs required (although I believe the gui should support directly pkcs12 files but that's another story) and filled the three fields. The key file is of course protected with a PEM passphrase. The problem is that the gui fails because it cannot unlock the key file, naturally because it never asks for the passphrase. Here's what I get on syslog: Nov 7 23:54:28 mordor NetworkManager: <info> Will activate VPN connection 'noc', service 'org.freedesktop.NetworkManager.openvpn', user_name 'gpall', vpn_data 'connection-type / x509 / remote / 155.207.212.10 / port / 53 / ca / /home/gpall/various/openvpn-certs/userca.pem / cert / /home/gpall/various/openvpn-certs/usercert.pem / key / /home/gpall/various/openvpn-certs/userkey.pem / cipher / DESX-CBC / comp-lzo / yes / shared-key / / username / [EMAIL PROTECTED] / local-ip / / remote-ip / / dev / tap / proto / udp / ta-dir / none', route ''. Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 1 of 4 (Connection Prepare) scheduled... Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 1 of 4 (Connection Prepare) ran VPN service daemon org.freedesktop.NetworkManager.openvpn (PID 16008) Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 1 of 4 (Connection Prepare) complete. Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 2 of 4 (Connection Prepare Wait) scheduled... Nov 7 23:54:28 mordor NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 1 -> 6. Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 2 of 4 (Connection Prepare Wait) waiting... Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 2 of 4 (Connection Prepare Wait) complete. Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 3 of 4 (Connect) scheduled... Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 3 of 4 (Connect) sending connect request. Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 3 of 4 (Connect) request sent, waiting for reply... Nov 7 23:54:28 mordor NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 6 -> 3. Nov 7 23:54:28 mordor nm-openvpn[16010]: OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008 Nov 7 23:54:28 mordor nm-openvpn[16010]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Nov 7 23:54:28 mordor nm-openvpn[16010]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 3 of 4 (Connect) reply received. Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 4 of 4 (IP Config Get) timeout scheduled... Nov 7 23:54:28 mordor NetworkManager: <info> VPN Activation (noc) Stage 3 of 4 (Connect) complete, waiting for IP configuration... Nov 7 23:54:43 mordor NetworkManager: <WARN> nm_vpn_service_process_signal(): VPN failed for service 'org.freedesktop.NetworkManager.openvpn', signal 'ConnectFailed', with message 'The VPN login failed because the VPN program could not connect to the VPN server.'. Nov 7 23:54:43 mordor nm-openvpn[16010]: ERROR: could not read Private Key username/password/ok/string from management interface Nov 7 23:54:43 mordor nm-openvpn[16010]: Exiting Nov 7 23:54:43 mordor NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 3 -> 5. Nov 7 23:54:43 mordor NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' signaled state change 5 -> 6. Nov 7 23:54:43 mordor NetworkManager: <WARN> nm_vpn_service_stop_connection(): (VPN Service org.freedesktop.NetworkManager.openvpn): could not stop connection 'noc' because service was 6. The same gui in Ubuntu Intrepid, for the same authentication method, has an extra field called Private Key password, and everything works fine there. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages network-manager-openvpn depends on: ii libc6 2.7-15 GNU C Library: Shared libraries ii libdbus-1-3 1.2.1-4 simple interprocess messaging syst ii libdbus-glib-1-2 0.76-1 simple interprocess messaging syst ii libglib2.0-0 2.16.6-1 The GLib library of C routines ii openvpn 2.1~rc11-1 virtual private network daemon network-manager-openvpn recommends no packages. network-manager-openvpn suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
