SIGTERM [Soft,auth-failure]

swoopstaswoopsta
edited September 2017 in Linux VPN Setup
I'm checking to see if any other OpenVPN users are logging authentication failures upon reconnects before I slap my server with a sock full of nickles. Logs show successful connections. Disconnects. Then on reconnect SIGTERM[soft,auth-failure]

Comments

  • doaksdoaks
    Hi swoopsta,

    I'm really sorry for the trouble! Can I please ask you to try adding this line to your OpenVPN configuration file:
    auth-nocache
    Let me know if having the above gives you any better results.

    Regards,
  • swoopstaswoopsta
    Nope. I had it enabled in the first place then commented it out. Re-enabled it. 
    Thu Jul 13 21:39:55 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jul 13 21:39:55 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]172.98.67.93:1198
Thu Jul 13 21:39:55 2017 UDP link local: (not bound)
Thu Jul 13 21:39:55 2017 UDP link remote: [AF_INET]172.98.67.93:1198
Thu Jul 13 21:39:55 2017 [2af46f5c059ee3d03726456db9356b93] Peer Connection Initiated with [AF_INET]172.98.67.93:1198
Thu Jul 13 21:39:56 2017 AUTH: Received control message: AUTH_FAILED
Thu Jul 13 21:39:56 2017 /sbin/ip addr del dev tun0 local 10.49.10.6 peer 10.49.10.5
Thu Jul 13 21:39:56 2017 /etc/openvpn/update-resolv-conf tun0 1500 1622 10.49.10.6 10.49.10.5 init
Thu Jul 13 21:39:56 2017 SIGTERM[soft,auth-failure] received, process exiting
  • martoufmartouf
    that's the tail end of the log .. not as helpful for trying to figure out what is going on without starting at the beginning with the handshaking and the crypto negotiation after openvpn starts up and reads the config file.
  • PiaVipperPiaVipper
    Looks like your user/pass combo is wrong somewhere, Try cutting and pasting from the email PIA sent you when you signed up.
  • swoopstaswoopsta
    Passwords match. Interesting though that it's worked fine for a year. This just started a few weeks ago. I changed permissions on my login file for testing.
    Fri Jul 14 20:37:44 2017 WARNING: file 'login.txt' is group or others accessible
Fri Jul 14 20:37:44 2017 OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 20 2017
Fri Jul 14 20:37:44 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Fri Jul 14 20:37:44 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Jul 14 20:37:44 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]172.98.67.117:1198
Fri Jul 14 20:37:44 2017 UDP link local: (not bound)
Fri Jul 14 20:37:44 2017 UDP link remote: [AF_INET]172.98.67.117:1198
Fri Jul 14 20:37:45 2017 [13c4ee72bd42ed94bae56e9a1c1562fc] Peer Connection Initiated with [AF_INET]172.98.67.117:1198
Fri Jul 14 20:37:46 2017 auth-token received, disabling auth-nocache for the authentication token
Fri Jul 14 20:37:46 2017 TUN/TAP device tun0 opened
Fri Jul 14 20:37:46 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Jul 14 20:37:46 2017 /sbin/ip link set dev tun0 up mtu 1500
Fri Jul 14 20:37:46 2017 /sbin/ip addr add dev tun0 local 10.64.10.6 peer 10.64.10.5
Fri Jul 14 20:37:46 2017 /etc/openvpn/update-resolv-conf tun0 1500 1558 10.64.10.6 10.64.10.5 init
dhcp-option DNS 209.222.18.222
dhcp-option DNS 209.222.18.218
dhcp-option DNS 8.8.8.8
Fri Jul 14 20:37:46 2017 Initialization Sequence Completed
Fri Jul 14 20:48:33 2017 [13c4ee72bd42ed94bae56e9a1c1562fc] Inactivity timeout (--ping-restart), restarting
Fri Jul 14 20:48:33 2017 SIGUSR1[soft,ping-restart] received, process restarting
Fri Jul 14 20:48:38 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Jul 14 20:48:38 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]172.98.67.117:1198
Fri Jul 14 20:48:38 2017 UDP link local: (not bound)
Fri Jul 14 20:48:38 2017 UDP link remote: [AF_INET]172.98.67.117:1198
Fri Jul 14 20:48:38 2017 [13c4ee72bd42ed94bae56e9a1c1562fc] Peer Connection Initiated with [AF_INET]172.98.67.117:1198
Fri Jul 14 20:48:39 2017 AUTH: Received control message: AUTH_FAILED
Fri Jul 14 20:48:39 2017 /sbin/ip addr del dev tun0 local 10.64.10.6 peer 10.64.10.5
Fri Jul 14 20:48:39 2017 /etc/openvpn/update-resolv-conf tun0 1500 1622 10.64.10.6 10.64.10.5 init
Fri Jul 14 20:48:40 2017 SIGTERM[soft,auth-failure] received, process exiting
  • martoufmartouf
    interesting. a log line says auth-nocache being overridden.

    but ping-restart should be 0. there never should be a timeout.
  • saponacesaponace
    Hi, I experience exactly the same issue.
    @swoopsta, have you solved the issue ?

    Cheers,
  • PiaVipperPiaVipper
    Does this help:
    https://www.privateinternetaccess.com/forum/discussion/24089/inactivity-timeout-ping-restart#latest

  • saponacesaponace
    Yes, the
    pull-filter ignore "auth-token"
    did the trick. Thanks for the tip, it helped me :)
Sign In or Register to comment.