FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
352 views 7 comments
by anonymous
Hello All,

Recently, I started configuring two RUT955s for a project.

For the first one, I did all the configuration before setting up the OpenVPN, shortly after I noticed that the OpenVPN kept giving the same error “error reading password from Private Key Authfile: /etc/openvp/askpass_colfont2”. After not finding the problem after a while, I decided to configure the second Rut955. This time I kept the firmware from out of the box, 6.08.xx. First thing I decided to test was the OpenVPN connection, and for some reason this one did connect with the same files and everything was working fine.

So now comes the fun part, after upgrading the RUT955 with working OpenVPN to 7.04.03 I did not run into any issues as it kept the configuration. Because I could not find the issue regarding the OpenVPN, I decided to delete the configuration from this unit, and now I am running into the same issue on this unit too.

Is this a known issue with firmware 7.04.03?

 I'll also attach the logread in case it helps

LOGS:

Wed Jun 21 14:07:18 2023 daemon.err uhttpd[2541]: vuci: accepted login for admin from 10.208.30.10
Wed Jun 21 14:10:22 2023 kern.info kernel: openvpn configuration has been changed
Wed Jun 21 14:10:22 2023 kern.info kernel: firewall configuration has been changed
Wed Jun 21 14:10:24 2023 daemon.notice openvpn(Colfont2)[5979]: OpenVPN 2.5.3 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Wed Jun 21 14:10:24 2023 daemon.notice openvpn(Colfont2)[5979]: library versions: OpenSSL 1.1.1t  7 Feb 2023, LZO 2.10
Wed Jun 21 14:10:24 2023 daemon.err openvpn(Colfont2)[5979]: Error reading password from Private Key authfile: /etc/openvpn/askpass_Colfont2
Wed Jun 21 14:10:24 2023 daemon.notice openvpn(Colfont2)[5979]: Exiting due to fatal error
Wed Jun 21 14:10:24 2023 daemon.info procd: Instance openvpn::Colfont2 s in a crash loop 7 crashes, 0 seconds since last crash
Wed Jun 21 14:10:56 2023 kern.info kernel: openvpn configuration has been changed
Wed Jun 21 14:10:58 2023 daemon.notice openvpn(Colfont2)[6323]: OpenVPN 2.5.3 mips-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Wed Jun 21 14:10:58 2023 daemon.notice openvpn(Colfont2)[6323]: library versions: OpenSSL 1.1.1t  7 Feb 2023, LZO 2.10
Wed Jun 21 14:10:58 2023 daemon.err openvpn(Colfont2)[6323]: Error reading password from Private Key authfile: /etc/openvpn/askpass_Colfont2
Wed Jun 21 14:10:58 2023 daemon.notice openvpn(Colfont2)[6323]: Exiting due to fatal error
Wed Jun 21 14:10:58 2023 daemon.info procd: Instance openvpn::Colfont2 s in a crash loop 8 crashes, 0 seconds since last crash
 

If anyone has any tips/advice that would be greatly appreciated.

1 Answer

0 votes
by anonymous
Hi,

It seems that there is something wrong with your private key file. Please make sure the file is in correct format and not saved in Windows format, as that has different new line symbols that are unsupported by Unix systems
Best answer
by anonymous
Hey PauliusRug,

Firstly, thank you for responding.
How can I check if the file in the correct format?

Currently, I'm exporting the bundled configuration archive from client export on PFsense.
by anonymous
Hi,

I am not really aware in what exact format the file is generated by pfSense, could you attach the key file and I would go over it to see if there is anything wrong with it?
by anonymous

Hi,

 
This is what the TLS-Key would look like, If you need any extra files do let me know.
https://community.teltonika-networks.com/?qa=blob&qa_blobid=13444916954886185087

by anonymous

Hey, if the key file isn't protected by a password then it might be related to file path. Could you try to do cat /etc/openvpn/askpass_Colfont2 via CLI and see if you get any sort of output? If OS says that there's no such file/directory then try to run this command:

find / | grep <key_file_name>

and check if your key file resides in a different directory.

If there's some sort of output - do you remember if the key file you exported was protected with a password? If yes then it might be worth to try exporting key file without any password.

by anonymous
Hi,

As suspected, the key file is in Windows CR LF format for new line.

I suggest you use notepad++ and change it from Windows to Unix, save the file and try again

To change it in notepad++ click on the Windows (CR LF) twice and selec the Unix format
by anonymous
Hello PauliusRug,

Thank you very much for taking your time to help with this issue.
by anonymous
You're welcome