Jump to content
Not connected, Your IP: 18.220.110.45
Sign in to follow this  
zerosum

How to connect manually in console (without network-manager) in ubuntu 14.04?

Recommended Posts

I'm unable to add the airvpn openvpn config scripts in ubuntu 14.04. This seems to be a bug in network-manager. So, I'm unable to use airvpn unfortunately.

 

Could anyone please advice on how to use openvpn through the terminal or command line.

 

Help is very much appreciated.

 

George

Share this post


Link to post

hi.

 

I'am having the same issue.

 

One way to overcome this is to use the openvpn client from the command line:

 

openvpn

 

 

:~$ sudo openvpn myfile.opvn 

 

 

but for this to work, i had to change the path to cert and key files like this:

 

ca "/absolute/path/to/ca.crt"
cert "/absolute/path/to/user.crt"
key "/absolute/path/to/user.key"
tls-auth "/absolute/path/to/ta.key" 1

Share this post


Link to post

 

hi.

 

I'am having the same issue.

 

One way to overcome this is to use the openvpn client from the command line:

 

openvpn

 

 

:~$ sudo openvpn myfile.opvn 

 

 

but for this to work, i had to change the path to cert and key files like this:

 

ca "/absolute/path/to/ca.crt"
cert "/absolute/path/to/user.crt"
key "/absolute/path/to/user.key"
tls-auth "/absolute/path/to/ta.key" 1

This doesn't work for me.  the script just sits there and hangs. Doesn't complete the connection. Yes I use the absolute path

 

I need to know how to configure OpenVPN without using a script. Other VPN services are able to do it. I tried to configure it manually according to the configuration in the script but it does not work.

 

/Downloads/air$ ls

air2                               AirVPN_US-Librae_UDP-443.ovpn

AirVPN_CA-Cephei_UDP-443.ovpn      AirVPN_US-Pollux_UDP-443.ovpn

AirVPN_CA-Cephei_UDP-443.ovpn~     AirVPN_US-Sirius_UDP-443.ovpn

AirVPN_CA-Lesath_UDP-443.ovpn      AirVPN.zip

AirVPN_CH-Virginis_UDP-443.ovpn    all

AirVPN_LU-Herculis_UDP-443.ovpn    ca.crt

AirVPN_NL-Acrux_UDP-443.ovpn       Install guide Linux.txt

AirVPN_NL-Canopus_UDP-443.ovpn     RiseupCA.pem

AirVPN_NL-Castor_UDP-443.ovpn      socks

AirVPN_NL-Corvi_UDP-443.ovpn       ta.key

AirVPN_NL-Dorsum_UDP-443.ovpn      user.crt

AirVPN_NL-Erakis_UDP-443.ovpn      User guide Linux.txt

AirVPN_NL-Grafias_UDP-443.ovpn     user.key

AirVPN_NL-Haedi_UDP-443.ovpn       VPNCheck 1.0 Linux beta 2.exe

AirVPN_US-Andromedae_UDP-443.ovpn

XXXX@XXXXX:~/Downloads/air$ sudo openvpn

[sudo] password for XXXX:

XXX@XXX:~/Downloads/air$ sudo openvpn AirVPN_NL-Corvi_UDP-443.ovpn

[sudo] password for  XXXX :

Mon Apr 21 19:53:55 2014 OpenVPN 2.3.2 i686-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [iPv6] built on Feb  4 2014

Mon Apr 21 19:53:55 2014 WARNING: file 'user.key' is group or others accessible

Mon Apr 21 19:53:55 2014 WARNING: file 'ta.key' is group or others accessible

Mon Apr 21 19:53:55 2014 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file

Mon Apr 21 19:53:55 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

Mon Apr 21 19:53:55 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication

Mon Apr 21 19:53:55 2014 Socket Buffers: R=[163840->131072] S=[163840->131072]

Mon Apr 21 19:53:55 2014 UDPv4 link local: [undef]

Mon Apr 21 19:53:55 2014 UDPv4 link remote: [AF_INET]95.211.138.19:443

Mon Apr 21 19:53:55 2014 TLS: Initial packet from [AF_INET]95.211.138.19:443, sid=50823450 16b362dd

Mon Apr 21 19:53:56 2014 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org

Mon Apr 21 19:53:56 2014 Validating certificate key usage

Mon Apr 21 19:53:56 2014 ++ Certificate has key usage  00a0, expects 00a0

Mon Apr 21 19:53:56 2014 VERIFY KU OK

Mon Apr 21 19:53:56 2014 Validating certificate extended key usage

Mon Apr 21 19:53:56 2014 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication

Mon Apr 21 19:53:56 2014 VERIFY EKU OK

Mon Apr 21 19:53:56 2014 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org

Mon Apr 21 19:54:04 2014 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Mon Apr 21 19:54:04 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Mon Apr 21 19:54:04 2014 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Mon Apr 21 19:54:04 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Mon Apr 21 19:54:04 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA

Mon Apr 21 19:54:04 2014 [server] Peer Connection Initiated with [AF_INET]95.211.138.19:443

Mon Apr 21 19:54:06 2014 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

Mon Apr 21 19:54:06 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.21.114 10.4.21.113'

Mon Apr 21 19:54:06 2014 OPTIONS IMPORT: timers and/or timeouts modified

Mon Apr 21 19:54:06 2014 OPTIONS IMPORT: LZO parms modified

Mon Apr 21 19:54:06 2014 OPTIONS IMPORT: --ifconfig/up options modified

Mon Apr 21 19:54:06 2014 OPTIONS IMPORT: route options modified

Mon Apr 21 19:54:06 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

Mon Apr 21 19:54:06 2014 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0 HWADDR=00:16:44:61:93:93

Mon Apr 21 19:54:06 2014 TUN/TAP device tun0 opened

Mon Apr 21 19:54:06 2014 TUN/TAP TX queue length set to 100

Mon Apr 21 19:54:06 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0

Mon Apr 21 19:54:06 2014 /sbin/ip link set dev tun0 up mtu 1500

Mon Apr 21 19:54:06 2014 /sbin/ip addr add dev tun0 local 10.4.21.114 peer 10.4.21.113

Mon Apr 21 19:54:06 2014 /sbin/ip route add 95.211.138.19/32 via 192.168.1.1

Mon Apr 21 19:54:06 2014 /sbin/ip route add 0.0.0.0/1 via 10.4.21.113

Mon Apr 21 19:54:06 2014 /sbin/ip route add 128.0.0.0/1 via 10.4.21.113

Mon Apr 21 19:54:06 2014 /sbin/ip route add 10.4.0.1/32 via 10.4.21.113

Mon Apr 21 19:54:06 2014 Initialization Sequence Completed

 

It just sits there.

Share this post


Link to post

Hello!

@WcoRaaky

 

According to the logs the connection is perfectly successful. OpenVPN is not "sitting there", it just does not have anything else to output in the terminal at the moment. It is running just fine.

 

Kind regards

Share this post


Link to post

Hello!

 

After several tests we don't detect the bug reported in the forum in network-manager. Anyway, it is possible that we have been unable to reproduce it but the bug really exists. In any case please run OpenVPN directly.

 

What we detect, and this not good at all for security, is that network-manager runs OpenVPN so that no server certificate verification is required from your OpenVPN. We underline that this is bad for security reasons and we are investigating. This is another good reason ((the other reason is that network-manager does not pass explicit-exit-notify to OpenVPN) to run OpenVPN directly, as long as we do not release the client for Linux.

 

If you wish further investigations, after you import a .ovpn file in network-manager with OpenVPN plugin, please send us all the screenshots of its various configuration (one per each tab), they may give us important clues. No keys or certificates need to be imported one by one: if our instructions are followed exactly network-manager will do all the job automatically: ta.key, user.crt, user.key and ca.crt will be all read automatically by network-manager and their names displayed correctly in the relevant fields.

 

Kind regards

Share this post


Link to post

Hi,

 

  My apologies. By running from the command promt it does indeed work but it bypasses the network manager completely so you don't see the lock. If this is deemed safe then I would have no issues using this method from this point on.

Share this post


Link to post

      I had the same problem using the network manager so I tried running from the command line and I kept getting an error. It finally occurred to me to try and download the config with out separating the Key's and Cet's, downloaded  the config as one file and it worked perfectly from the command line. I confirmed I had successfully established a connection by going to the Air Vpn site and checking the status at the bottom of the screen telling you whether your connected and to what server. No need to deal with changing the absolute paths or anything else. At the command line with sudo I just type "openvpn --config /home/dir/air.ovpn" (/dir being the directory where you stored your ovpn file) thats all anyone running Ubuntu 14.04 needs to do, at least until the network manager issue is resolved.   

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...