VPN Client wont start

Fold

alexhaj 27 Oct 2010 04:18

I have asus rt-n16 with k26 cpu2 release 52 vpn version. I've setup the vpn client with tap using settings that work on another router but when i click start it just greys out for a while before saying start again. How can I get it to start vpn client.

Options

Unfold VPN Client wont start by

alexhaj, 27 Oct 2010 04:18

Fold

Re: VPN Client wont start

alexhaj 27 Oct 2010 05:42

Here is the log file

Oct 27 00:01:06 nor daemon.notice openvpn[1078]: OpenVPN 2.1.1 mipsel-unknown-linux-gnu [SSL] [LZO2] [EPOLL] built on Oct 15 2010
Oct 27 00:01:06 nor daemon.warn openvpn[1078]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Oct 27 00:01:06 nor daemon.warn openvpn[1078]: NOTE: OpenVPN 2.1 requires '—script-security 2' or higher to call user-defined scripts or executables
Oct 27 00:01:06 nor daemon.warn openvpn[1078]: WARNING: this configuration may cache passwords in memory — use the auth-nocache option to prevent this
Oct 27 00:01:06 nor daemon.warn openvpn[1078]: Cannot load private key file client.key: error:0906A068:PEM routines:PEM_do_header:bad password read: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:missing asn1 eos
Oct 27 00:01:06 nor daemon.err openvpn[1078]: Error: private key password verification failed

Options

Unfold Re: VPN Client wont start by

alexhaj, 27 Oct 2010 05:42

Fold

Re: VPN Client wont start

alexhaj 27 Oct 2010 05:51

Nevermind, the key I was using was encrypted, can we use encrypted keys? Where would I put the password?

Options

Unfold Re: VPN Client wont start by

alexhaj, 27 Oct 2010 05:51

Fold

Re: VPN Client wont start

Rodney Hester 27 Oct 2010 11:44

It would rather defeat the point of using an encrypted key if the key and the plaintext password are kept on the same device, no?

Rodney

My Tomato utilities site: http://multics.minidns.net/blog/articles/tomato_utilities

Options

Unfold Re: VPN Client wont start by

Rodney Hester, 27 Oct 2010 11:44

Fold

Re: VPN Client wont start

alexhaj 27 Oct 2010 13:56

Not necessarily, it depends where the key is stored, its how openvpn works on my laptop.

Options

Unfold Re: VPN Client wont start by

alexhaj, 27 Oct 2010 13:56

Fold

Re: VPN Client wont start

Rodney Hester 27 Oct 2010 13:58

There's nowhere to effectively store it other than NVRAM, the same place the certificate is stored.

The point of a password is that it should be human-entered…if you're going to script/automate it, and the password and key are on the same device, you've completely negated the security offered by the additional authentication step to begin with.

If I steal your laptop, I have your certificate and password, and thus have open access to your VPN.

Rodney

My Tomato utilities site: http://multics.minidns.net/blog/articles/tomato_utilities

Options

Unfold Re: VPN Client wont start by

Rodney Hester, 27 Oct 2010 13:58

Fold

Re: VPN Client wont start