OpenVPN 2.3.8 and Auth files

User147963User147963
edited March 2016 in Linux VPN Setup
Hi all,

I'm looking to use an auth.txt file but with my OpenVPN version it appears it doesn't work. I get the following error.

Thu Mar 17 05:00:00 2016 OpenVPN 2.3.8 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Sep 30 2015
Thu Mar 17 05:00:00 2016 library versions: OpenSSL 1.0.1e 11 Feb 2013, LZO 2.06
Thu Mar 17 05:00:00 2016 Sorry, 'Auth' password cannot be read from a file
Thu Mar 17 05:00:00 2016 Exiting due to fatal error


Googling around the issue gives the following: https://forums.openvpn.net/topic9918.html

Pretty much says: "you will need to recompile the OpenVPN client to support reading passwords from a file". and (sic) build OpenVPN using
"./configure --enable-password-save"

So build it myself I will. However; this causes "configure: WARNING: unrecognized options: --enable-password-save" Head meet keyboard time.

Just wondering if anyone can assist me to stop chasing my tail.

Comments

  • KharizKhariz
    edited March 2016
    Here's how you do that:

    add "login.conf" to your openvpn config files (.ovpn files)  at the following line. 

    auth-user-pass login.conf

    create new file named login.conf  in the text editor of your choice and then add your username and password on two separate lines.

    username
    password

    Save the file.  Make sure it's just named login.conf with no other extension.  Then, any .ovpn file you modify to contain "auth-user-pass login.conf" will use that file for the credentials.

    Edit:  Oh, and the login.conf goes in the same folder as the .ovpn configuration files. The configs folder under the OpenVPN directory.
  • User147963User147963
    edited March 2016
    Thanks for the response.

    My sincere apologies as I didn't word it well, but that's the problem I'm having. I can't use an auth.txt/login.conf/whatever.wtf file, as it gives the error "Sorry, 'Auth' password cannot be read from a file".
  • KharizKhariz
    edited March 2016
    There must be some kind of extra character going on there. Make sure you use a really base-level text editor, like notepad or something.  Put the username on line one and the password on line two.  The OpenVPN parser has to understand that there is a line break between the two.  They have to cleanly be on their own line.
  • User147963User147963
    I was using nano, you don't get much more text based. :)

    It's due to the way it's compiled. When you do "openvpn --version | grep password" ensure that "enable_password_save=yes" else auth.txt won't work, regardless of what you put there.
  • OttoturboOttoturbo
    It doesn't work with all files. They are exactly a like, apart from the server address. Some files ends in an error saying "can't connect" when trying to connect to the server.
  • mamphpmamphp
    The same issue here :-) 
    openvpn Switzerland.ovpn 
Mon Jan  1 19:34:49 2018 OpenVPN 2.2.1 arm-linux [SSL] [LZO2] [EPOLL] [eurephia] built on Jun 23 2014
Mon Jan  1 19:34:49 2018 Sorry, 'Auth' password cannot be read from a file
Mon Jan  1 19:34:49 2018 Exiting
  • d4rkcatd4rkcat
    edited January 2018
    @mamphp You could try my script: https://github.com/d4rkcat/pia

    EDIT: Also your version of OpenVPN is very old. This is mine:
    OpenVPN 2.4.4 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017


  • mamphpmamphp
    d4rkcat said:
    @mamphp You could try my script: https://github.com/d4rkcat/pia

    EDIT: Also your version of OpenVPN is very old. This is mine:
    OpenVPN 2.4.4 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 26 2017


    Thanks, your script is strange, no installation step nothing about it.
  • mamphpmamphp
    I dont want to compile or run script on my server, which is not from PIA self. I pay for this service, if they can't do a small fix or script. i'll cancel my order and never again.

  • martoufmartouf
    interesting.  the OpenVPN build for OpenSUSE Leap 42.3 has enable_password_save=yes but the OpenVPN build for Ubuntu 17.10 does not. the minor revision levels are different for both distros, but they are entirely up-to-date.

    seems to me the thing to do is teach NetworkManager to manage the VPN for you or you'll have to script with expect to accomplish programmatically what you do manually.
  • Max-PMax-P
    I'm not having any issue with OpenVPN and authentication files on Ubuntu 17.10. I don't think enable_password_save is even needed for this as the authentication just needs to use a two line text file passed to the auth-user-pass option.

    @mamphp Can you show what your OpenVPN configuration file look like?
Sign In or Register to comment.