I have created a small kludge of a patch for the openssl-vulnkey issue mentioned in this threas. It's far from perfect and not supported/endorsed by Ubuntu in any way. Basically I have implemented the ideas of Mihai and created a whitelist solution. The whitelist file is stored here: /usr/share/openssl-blacklist/whitelist
Once the openssl-vulnkey app is run as root (due to file permissions of /usr/share/openssl-blacklist/) it verifies the key. If it's not blacklisted it adds the key to the whitelist. So eg. running: "sudo openssl-vulnkey /home/patrik/key.pem" will (after typing the password 3 times) add the key "key.pem" to the whitelist. Each time the openssl-vulnkey app is run it first checks this whitelist file for the presence of the key against which it is being run. Again, this is a kludge and in NO WAY an attempt to deliver a FINAL solution. I created it ONLY to save some typing time and be able to run OpenVPN through the NetworkManager applet again. I thought I would post it here if someone would like to give it a go. In case you decide to do so first backup the /usr/sbin/openssl-vulnkey file and then apply the patch: sudo patch < openssl-vulnkey.patch /Patrik ** Attachment added: "openssl-vulnkey.patch" http://launchpadlibrarian.net/14878599/openssl-vulnkey.patch -- network-manager-openvpn is incapable of supplying openssl-vulnkey with the X.509 key passphrase it requests https://bugs.launchpad.net/bugs/230197 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs