FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
415 views 1 comments
by anonymous

Hi,

discovered two issues regarding OpenVPN-Client Private key decryption password:

1) WebUI: can't save password - will always be empty after saving;

2) No password configured, but system log shows:

Wed Jan 20 10:29:35 2021 daemon.notice openvpn(636C69656E745F726173706932)[13065]: OpenVPN 2.4.5 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Wed Jan 20 10:29:35 2021 daemon.notice openvpn(636C69656E745F726173706932)[13065]: library versions: OpenSSL 1.0.2r  26 Feb 2019, LZO 2.10
Wed Jan 20 10:29:35 2021 daemon.warn openvpn(636C69656E745F726173706932)[13065]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Wed Jan 20 10:29:35 2021 daemon.err openvpn(636C69656E745F726173706932)[13065]: Error: private key password verification failed
Wed Jan 20 10:29:35 2021 daemon.notice openvpn(636C69656E745F726173706932)[13065]: Exiting due to fatal error


but config-file says  option key_encrypted '0'

etc\config\openvpn:

config webui 'webui'
    option _auth 'tls'

config openvpn '636C69656E745F726173706932'
    option persist_key '1'
    option proto 'udp'
    option persist_tun '1'
    option name_is_hexed '1'
    option verb '5'
    option nobind '1'
    option dev 'tun_c_raspi2'
    option port '31194'
    option remote 'xxxxxxxxxxxxxxxx'
    option resolv_retry 'infinite'
    option keepalive '10 120'
    option key_encrypted '0'
    list _extra '  '
    option _auth 'tls'
    option cipher 'AES-256-GCM'
    option auth 'sha256'
    option _tls_auth '0'
    option ca '/lib/uci/upload/cbid.openvpn.636C69656E745F726173706932.ca'
    option cert '/lib/uci/upload/cbid.openvpn.636C69656E745F726173706932.cert'
    option key '/lib/uci/upload/cbid.openvpn.636C69656E745F726173706932.key'
    option _tls_cipher 'all'
    option client '1'
    option _route '192.168.178.1'

by anonymous

Private key password won't be saved.

1 Answer

0 votes
by anonymous
Hi,

I've reported this issue to RnD.

Thank you for your feedback.

EB.