OpenVPN on Ubuntu 17.10 will not authenticate - SIGTERM[soft,auth-failure]

p9331638p9331638
in Linux VPN Setup
OpenVPN serive will not connect.  Here is the log:

Sat Jan 27 17:40:38 2018 WARNING: file '/etc/openvpn/login.txt' is group or others accessible
Sat Jan 27 17:40:38 2018 OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul  3 $
Sat Jan 27 17:40:38 2018 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Sat Jan 27 17:40:38 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sat Jan 27 17:40:44 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]209.205.122.194:1198
Sat Jan 27 17:40:44 2018 UDP link local: (not bound)
Sat Jan 27 17:40:44 2018 UDP link remote: [AF_INET]209.205.122.194:1198
Sat Jan 27 17:40:44 2018 [1b7db3b5e6b9282605edc646795be3b9] Peer Connection Initiated with [AF_INET]209.205.122.194:1198
Sat Jan 27 17:40:48 2018 AUTH: Received control message: AUTH_FAILED
Sat Jan 27 17:40:48 2018 SIGTERM[soft,auth-failure] received, process exiting

I have checked my username and password in the login.txt several times.  I can log into the website with the credentials and connect on my Windows PC also so that is not the issue.

Comments

  • martoufmartouf
    if you check the file details for your login.txt file ( sudo ls -l /etc/openvpn/login.txt ), it should look like
    -rwx------ 1 root root
    owned by root, group root, no permissions for anyone other than root.

    the contents of the file should be exactly two lines, nothing more. 1st line is the account name. 2nd line is the password.
    make sure your line termination characters are appropriate for your OS. use sudo cat -t -v /etc/openvpn/login.txt to make any extraneous control chars visible.

  • p9331638p9331638
    edited January 2018
    Permissions were:
    -rw-r--r-- 1 root root

    I just change to:

    [email protected]:~# chmod 700 /etc/openvpn/login.txt
    [email protected]:~# sudo ls -l /etc/openvpn/login.txt
    -rwx------ 1 root root 20 Jan 27 17:37 /etc/openvpn/login.txt

    sudo cat -t -v /etc/openvpn/login.txt retuns the following. (X's masking actual characters). I don't see any line termination characters or extraneous control chars.

    [email protected]:~$ sudo cat -t -v /etc/openvpn/login.txt
    pXXXXXXX
    XXXXXXXXXX

    After changing permissions I restarted the service
    systemctl restart openvpn.service

    Then checked the status and still active (exited)
    [email protected]:/etc/openvpn# sudo service openvpn status
    ● openvpn.service - OpenVPN service
       Loaded: loaded (/lib/systemd/system/openvpn.service; enabled; vendor preset:
       Active: active (exited) since Sun 2018-01-28 08:22:42 CST; 1min 0s ago
      Process: 15447 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
     Main PID: 15447 (code=exited, status=0/SUCCESS)

    Jan 28 08:22:42 Plex systemd[1]: Starting OpenVPN service...
    Jan 28 08:22:42 Plex systemd[1]: Started OpenVPN service.


    /var/log/openvpn.log shows the following:

    Sun Jan 28 08:22:42 2018 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
    Sun Jan 28 08:22:42 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Sun Jan 28 08:22:43 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]209.205.120.242:1198
    Sun Jan 28 08:22:43 2018 UDP link local: (not bound)
    Sun Jan 28 08:22:43 2018 UDP link remote: [AF_INET]209.205.120.242:1198
    Sun Jan 28 08:22:43 2018 [e31ddb5280e8c11fdb92205071057039] Peer Connection Initiated with [AF_INET]209.205.120.242:1198
    Sun Jan 28 08:22:44 2018 AUTH: Received control message: AUTH_FAILED
    Sun Jan 28 08:22:44 2018 SIGTERM[soft,auth-failure] received, process exiting





  • martoufmartouf
    okay... hmm, and you're absolutely sure those credentials work at the PIA website and when starting up OpenVPN manually? possible at all one of those password chars has a lookalike (1 vs l, for instance)?
  • p9331638p9331638
    edited January 2018
    martouf said:
    okay... hmm, and you're absolutely sure those credentials work at the PIA website and when starting up OpenVPN manually? possible at all one of those password chars has a lookalike (1 vs l, for instance)?
    So in trying different things to get it to work I changed the password from my main PIA password to the PPTP/L2TP/SOCKS Username and Password.  I switched it back and now I can connect.  

    Thank you
Sign In or Register to comment.