I have asus rt-n16 with k26 cpu2 release 52 vpn version. I've setup the vpn client with tap using settings that work on another router but when i click start it just greys out for a while before saying start again. How can I get it to start vpn client.
Here is the log file
Oct 27 00:01:06 nor daemon.notice openvpn[1078]: OpenVPN 2.1.1 mipsel-unknown-linux-gnu [SSL] [LZO2] [EPOLL] built on Oct 15 2010
Oct 27 00:01:06 nor daemon.warn openvpn[1078]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Oct 27 00:01:06 nor daemon.warn openvpn[1078]: NOTE: OpenVPN 2.1 requires '—script-security 2' or higher to call user-defined scripts or executables
Oct 27 00:01:06 nor daemon.warn openvpn[1078]: WARNING: this configuration may cache passwords in memory — use the auth-nocache option to prevent this
Oct 27 00:01:06 nor daemon.warn openvpn[1078]: Cannot load private key file client.key: error:0906A068:PEM routines:PEM_do_header:bad password read: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:missing asn1 eos
Oct 27 00:01:06 nor daemon.err openvpn[1078]: Error: private key password verification failed
It would rather defeat the point of using an encrypted key if the key and the plaintext password are kept on the same device, no?
Rodney
My Tomato utilities site: http://multics.minidns.net/blog/articles/tomato_utilities
There's nowhere to effectively store it other than NVRAM, the same place the certificate is stored.
The point of a password is that it should be human-entered…if you're going to script/automate it, and the password and key are on the same device, you've completely negated the security offered by the additional authentication step to begin with.
If I steal your laptop, I have your certificate and password, and thus have open access to your VPN.
Rodney
My Tomato utilities site: http://multics.minidns.net/blog/articles/tomato_utilities