NetworkManager 1.2.4
NetworkManager-openvpn 1.2.6 and 1.2.8 (same problem in both)
$ nmcli --version
nmcli tool, version 1.2.4
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.10
Release: 16.10
Codename: yakkety
$ openvpn --version
OpenVPN 2.3.11 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH]
[IPv6] built on Jun 22 2016
library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sa...@openvpn.net>
Compile time defines: enable_crypto=yes enable_crypto_ofb_cfb=yes
enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no
enable_dlopen=unknown enable_dlopen_self=unknown
enable_dlopen_self_static=unknown enable_fast_install=yes enable_fragment=yes
enable_http_proxy=yes enable_iproute2=yes enable_libtool_lock=yes
enable_lzo=yes enable_lzo_stub=no enable_maintainer_mode=no
enable_management=yes enable_multi=yes enable_multihome=yes
enable_pam_dlopen=no enable_password_save=yes enable_pedantic=no enable_pf=yes
enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes
enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes
enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no
enable_small=no enable_socks=yes enable_ssl=yes enable_static=yes
enable_strict=no enable_strict_options=no enable_systemd=yes
enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix
with_crypto_library=openssl with_gnu_ld=yes wit
h_mem_check=no with_plugindir='${prefix}/lib/openvpn' with_sysroot=no
$ tail -f /var/log/syslog
Feb 2 23:49:01 computer NetworkManager[1329]: <info> [1486108141.0702] audit:
op="connection-activate" uuid="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
name="example" pid=3136 uid=1000 result="success"
Feb 2 23:49:01 computer NetworkManager[1329]: <info> [1486108141.0741]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
Started the VPN service, PID 5074
Feb 2 23:49:01 computer NetworkManager[1329]: <info> [1486108141.0828]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
Saw the service appear; activating connection
Feb 2 23:49:01 computer nm-openvpn[5081]: OpenVPN 2.3.11 x86_64-pc-linux-gnu
[SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2016
Feb 2 23:49:01 computer nm-openvpn[5081]: library versions: OpenSSL 1.0.2g 1
Mar 2016, LZO 2.08
Feb 2 23:49:01 computer NetworkManager[1329]: nm-openvpn[5074] <info>
openvpn[5081] started
Feb 2 23:49:01 computer NetworkManager[1329]: <info> [1486108141.1490]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: state changed: starting (3)
Feb 2 23:49:01 computer NetworkManager[1329]: <info> [1486108141.1491]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN connection: (ConnectInteractive) reply received
Feb 2 23:49:01 computer nm-openvpn[5081]: NOTE: the current --script-security
setting may allow this configuration to call user-defined scripts
Feb 2 23:49:01 computer nm-openvpn[5081]: Control Channel Authentication:
using '/home/ubuntu/vpn/ovpn.example.net/networkmanager/example.ovpn.tls-auth'
as a OpenVPN static key file
Feb 2 23:49:01 computer nm-openvpn[5081]: NOTE: chroot will be delayed because
of --client, --pull, or --up-delay
Feb 2 23:49:01 computer nm-openvpn[5081]: NOTE: UID/GID downgrade will be
delayed because of --client, --pull, or --up-delay
Feb 2 23:49:01 computer nm-openvpn[5081]: UDPv4 link local: [undef]
Feb 2 23:49:01 computer nm-openvpn[5081]: UDPv4 link remote:
[AF_INET]10.10.10.10:1194
Feb 2 23:49:01 computer nm-openvpn[5081]: WARNING: 'link-mtu' is used
inconsistently, local='link-mtu 1557', remote='link-mtu 1558'
Feb 2 23:49:01 computer nm-openvpn[5081]: WARNING: 'comp-lzo' is present in
remote config but missing in local config, remote='comp-lzo'
Feb 2 23:49:01 computer nm-openvpn[5081]: [OpenVPN Server] Peer Connection
Initiated with [AF_INET]10.10.10.10:1194
Feb 2 23:49:04 computer nm-openvpn[5081]: AUTH: Received control message:
AUTH_FAILED
Feb 2 23:49:04 computer nm-openvpn[5081]: SIGUSR1[soft,auth-failure] received,
process restarting
Feb 2 23:49:04 computer NetworkManager[1329]: nm-openvpn[5074] <warn>
Password verification failed
Feb 2 23:49:06 computer NetworkManager[1329]: <info> [1486108146.0884]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: requested secrets; state connect (4)
Feb 2 23:49:06 computer nm-openvpn[5081]: NOTE: the current --script-security
setting may allow this configuration to call user-defined scripts
Feb 2 23:49:06 computer nm-openvpn[5081]: UDPv4 link local: [undef]
Feb 2 23:49:06 computer nm-openvpn[5081]: UDPv4 link remote:
[AF_INET]10.10.10.10:1194
Feb 2 23:49:06 computer nm-openvpn[5081]: WARNING: 'link-mtu' is used
inconsistently, local='link-mtu 1557', remote='link-mtu 1558'
Feb 2 23:49:06 computer nm-openvpn[5081]: WARNING: 'comp-lzo' is present in
remote config but missing in local config, remote='comp-lzo'
Feb 2 23:49:06 computer nm-openvpn[5081]: [OpenVPN Server] Peer Connection
Initiated with [AF_INET]10.10.10.10:1194
Feb 2 23:49:08 computer nm-openvpn[5081]: AUTH: Received control message:
AUTH_FAILED
Feb 2 23:49:08 computer nm-openvpn[5081]: SIGUSR1[soft,auth-failure] received,
process restarting
Feb 2 23:49:08 computer NetworkManager[1329]: nm-openvpn[5074] <warn>
Password verification failed
Feb 2 23:49:09 computer NetworkManager[1329]: <info> [1486108149.2841] audit:
op="connection-deactivate" uuid="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
name="example" pid=3136 uid=1000 result="success"
Feb 2 23:49:09 computer dbus[1315]: [system] Activating via systemd: service
name='org.freedesktop.nm_dispatcher'
unit='dbus-org.freedesktop.nm-dispatcher.service'
Feb 2 23:49:09 computer NetworkManager[1329]: nm-openvpn[5074] <info>
openvpn[5081]: send SIGTERM
Feb 2 23:49:09 computer NetworkManager[1329]: nm-openvpn[5074] <info> wait
for 1 openvpn processes to terminate...
Feb 2 23:49:09 computer nm-openvpn[5081]: SIGTERM[hard,init_instance]
received, process exiting
Feb 2 23:49:09 computer NetworkManager[1329]: nm-openvpn[5074] <info>
openvpn[5081] exited with success
Feb 2 23:49:09 computer NetworkManager[1329]: <warn> [1486108149.2918]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: failed: connect-failed (1)
Feb 2 23:49:09 computer NetworkManager[1329]: <info> [1486108149.2919]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: state changed: stopping (5)
Feb 2 23:49:09 computer dbus-daemon[2669]: Activating service
name='org.freedesktop.Notifications'
Feb 2 23:49:09 computer dbus-daemon[2669]: Successfully activated service
'org.freedesktop.Notifications'
Feb 2 23:49:09 computer NetworkManager[1329]: <info> [1486108149.2921]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: state changed: stopped (6)
Feb 2 23:49:09 computer systemd[1]: Starting Network Manager Script Dispatcher
Service...
Feb 2 23:49:09 computer dbus[1315]: [system] Successfully activated service
'org.freedesktop.nm_dispatcher'
Feb 2 23:49:09 computer systemd[1]: Started Network Manager Script Dispatcher
Service.
Feb 2 23:49:09 computer nm-dispatcher: req:1 'vpn-down' [eth0]: new request (1
scripts)
Feb 2 23:49:09 computer nm-dispatcher: req:1 'vpn-down' [eth0]: start running
ordered scripts...
$ journalctl -u NetworkManager
Feb 02 23:49:01 computer NetworkManager[1329]: <info> [1486108141.0702] audit:
op="connection-activate" uuid="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
name="example" pid=3136 uid=1000 result="success"
Feb 02 23:49:01 computer NetworkManager[1329]: <info> [1486108141.0741]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
Started the VPN service, PID 5074
Feb 02 23:49:01 computer NetworkManager[1329]: <info> [1486108141.0828]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
Saw the service appear; activating connection
Feb 02 23:49:01 computer nm-openvpn[5081]: OpenVPN 2.3.11 x86_64-pc-linux-gnu
[SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2016
Feb 02 23:49:01 computer nm-openvpn[5081]: library versions: OpenSSL 1.0.2g 1
Mar 2016, LZO 2.08
Feb 02 23:49:01 computer NetworkManager[1329]: nm-openvpn[5074] <info>
openvpn[5081] started
Feb 02 23:49:01 computer NetworkManager[1329]: <info> [1486108141.1490]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: state changed: starting (3)
Feb 02 23:49:01 computer NetworkManager[1329]: <info> [1486108141.1491]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN connection: (ConnectInteractive) reply received
Feb 02 23:49:01 computer nm-openvpn[5081]: NOTE: the current --script-security
setting may allow this configuration to call user-defined scripts
Feb 02 23:49:01 computer nm-openvpn[5081]: Control Channel Authentication:
using '/home/ubuntu/vpn/ovpn.example.net/networkmanager/example.ovpn.tls-auth'
as a OpenVPN static key file
Feb 02 23:49:01 computer nm-openvpn[5081]: NOTE: chroot will be delayed because
of --client, --pull, or --up-delay
Feb 02 23:49:01 computer nm-openvpn[5081]: NOTE: UID/GID downgrade will be
delayed because of --client, --pull, or --up-delay
Feb 02 23:49:01 computer nm-openvpn[5081]: UDPv4 link local: [undef]
Feb 02 23:49:01 computer nm-openvpn[5081]: UDPv4 link remote:
[AF_INET]10.10.10.10:1194
Feb 02 23:49:01 computer nm-openvpn[5081]: WARNING: 'link-mtu' is used
inconsistently, local='link-mtu 1557', remote='link-mtu 1558'
Feb 02 23:49:01 computer nm-openvpn[5081]: WARNING: 'comp-lzo' is present in
remote config but missing in local config, remote='comp-lzo'
Feb 02 23:49:01 computer nm-openvpn[5081]: [OpenVPN Server] Peer Connection
Initiated with [AF_INET]10.10.10.10:1194
Feb 02 23:49:04 computer nm-openvpn[5081]: AUTH: Received control message:
AUTH_FAILED
Feb 02 23:49:04 computer nm-openvpn[5081]: SIGUSR1[soft,auth-failure] received,
process restarting
Feb 02 23:49:04 computer NetworkManager[1329]: nm-openvpn[5074] <warn>
Password verification failed
Feb 02 23:49:06 computer NetworkManager[1329]: <info> [1486108146.0884]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: requested secrets; state connect (4)
Feb 02 23:49:06 computer nm-openvpn[5081]: NOTE: the current --script-security
setting may allow this configuration to call user-defined scripts
Feb 02 23:49:06 computer nm-openvpn[5081]: UDPv4 link local: [undef]
Feb 02 23:49:06 computer nm-openvpn[5081]: UDPv4 link remote:
[AF_INET]10.10.10.10:1194
Feb 02 23:49:06 computer nm-openvpn[5081]: WARNING: 'link-mtu' is used
inconsistently, local='link-mtu 1557', remote='link-mtu 1558'
Feb 02 23:49:06 computer nm-openvpn[5081]: WARNING: 'comp-lzo' is present in
remote config but missing in local config, remote='comp-lzo'
Feb 02 23:49:06 computer nm-openvpn[5081]: [OpenVPN Server] Peer Connection
Initiated with [AF_INET]10.10.10.10:1194
Feb 02 23:49:08 computer nm-openvpn[5081]: AUTH: Received control message:
AUTH_FAILED
Feb 02 23:49:08 computer nm-openvpn[5081]: SIGUSR1[soft,auth-failure] received,
process restarting
Feb 02 23:49:08 computer NetworkManager[1329]: nm-openvpn[5074] <warn>
Password verification failed
Feb 02 23:49:09 computer NetworkManager[1329]: <info> [1486108149.2841] audit:
op="connection-deactivate" uuid="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
name="example" pid=3136 uid=1000 result="success"
Feb 02 23:49:09 computer NetworkManager[1329]: nm-openvpn[5074] <info>
openvpn[5081]: send SIGTERM
Feb 02 23:49:09 computer NetworkManager[1329]: nm-openvpn[5074] <info> wait
for 1 openvpn processes to terminate...
Feb 02 23:49:09 computer NetworkManager[1329]: nm-openvpn[5074] <info>
openvpn[5081] exited with success
Feb 02 23:49:09 computer NetworkManager[1329]: <warn> [1486108149.2918]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: failed: connect-failed (1)
Feb 02 23:49:09 computer NetworkManager[1329]: <info> [1486108149.2919]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: state changed: stopping (5)
Feb 02 23:49:09 computer NetworkManager[1329]: <info> [1486108149.2921]
vpn-connection[0x557d295f73c0,XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX,"example",0]:
VPN plugin: state changed: stopped (6)
$ nmcli con s example
connection.id: example
connection.uuid: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
connection.interface-name: --
connection.type: vpn
connection.autoconnect: yes
connection.autoconnect-priority: 0
connection.timestamp: 0
connection.read-only: no
connection.permissions: user:ubuntu
connection.zone: --
connection.master: --
connection.slave-type: --
connection.autoconnect-slaves: -1 (default)
connection.secondaries:
connection.gateway-ping-timeout: 0
connection.metered: unknown
connection.lldp: -1 (default)
ipv4.method: auto
ipv4.dns:
ipv4.dns-search:
ipv4.dns-options: (default)
ipv4.dns-priority: 0
ipv4.addresses:
ipv4.gateway: --
ipv4.routes:
ipv4.route-metric: -1
ipv4.ignore-auto-routes: no
ipv4.ignore-auto-dns: no
ipv4.dhcp-client-id: --
ipv4.dhcp-timeout: 0
ipv4.dhcp-send-hostname: yes
ipv4.dhcp-hostname: --
ipv4.dhcp-fqdn: --
ipv4.never-default: no
ipv4.may-fail: yes
ipv4.dad-timeout: -1 (default)
ipv6.method: auto
ipv6.dns:
ipv6.dns-search:
ipv6.dns-options: (default)
ipv6.dns-priority: 0
ipv6.addresses:
ipv6.gateway: --
ipv6.routes:
ipv6.route-metric: -1
ipv6.ignore-auto-routes: no
ipv6.ignore-auto-dns: no
ipv6.never-default: no
ipv6.may-fail: yes
ipv6.ip6-privacy: 0 (disabled)
ipv6.addr-gen-mode: stable-privacy
ipv6.dhcp-send-hostname: yes
ipv6.dhcp-hostname: --
vpn.service-type: org.freedesktop.NetworkManager.openvpn
vpn.user-name: --
vpn.data: key =
/home/ubuntu/vpn/ovpn.example.net/networkmanager/example.ovpn.key,
verify-x509-name = subject:CN=OpenVPN Server, dev = tun, ca =
/home/ubuntu/vpn/ovpn.example.net/networkmanager/example.ovpn.ca.crt, cert =
/home/ubuntu/vpn/ovpn.example.net/networkmanager/example.ovpn.user.crt,
username = myusername, dev-type = tun, ns-cert-type = server, reneg-seconds =
604800, cert-pass-flags = 0, cipher = AES-128-CBC, remote =
10.10.10.10:1194:udp, password-flags = 1, connection-type = password-tls,
ta-dir = 1, ta =
/home/ubuntu/vpn/ovpn.example.net/networkmanager/example.ovpn.tls-auth
vpn.secrets: <hidden>
vpn.persistent: no
vpn.timeout: 0
** Bug watch added: GNOME Bug Tracker #778123
https://bugzilla.gnome.org/show_bug.cgi?id=778123
** Also affects: network-manager-openvpn via
https://bugzilla.gnome.org/show_bug.cgi?id=778123
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1661098
Title:
auth_failed when attempting openvpn via networkmanager
To manage notifications about this bug go to:
https://bugs.launchpad.net/network-manager-openvpn/+bug/1661098/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
