Could you please attach your configuration file? I tried this with PSKs, and it works for me as well:
-rw------- 1 martin martin 636 2008-05-14 12:00 key (not accessible to nobody/nogroup) ----- vpn-tick-psk.conf ----- remote tick.local dev tun ifconfig 10.99.0.1 10.99.0.2 user nobody group nogroup secret /home/martin/key -------------------------------------- $ sudo openvpn --config vpn-tick-psk.conf [...] Wed May 14 12:02:21 2008 /usr/sbin/openvpn-vulnkey -q /home/martin/key Wed May 14 12:02:21 2008 TUN/TAP device tun0 opened Wed May 14 12:02:21 2008 ifconfig tun0 10.99.0.1 pointopoint 10.99.0.2 mtu 1500 Wed May 14 12:02:21 2008 GID set to nogroup Wed May 14 12:02:21 2008 UID set to nobody [...] So for this configuration, the key is checked before dropping privileges. -- OpenVPN doesn't start after USN-612-3: New key is accused to be vulnerable https://bugs.launchpad.net/bugs/230208 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
