Error message

[jimbo64 1]

Getting this error message.

 

'Eddie - OpenVPN>warning: Using --management on a TCP port without passwords is strongly discouraged and considered insecure'

 

Whats it all about?

I'm currently running Fedora Linux 27.

[Gaechka 7]

I have the very same question!

 

What does this means?:

 

"OpenVPN > WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure"
 

There's some info about this here: https://github.com/OpenVPN/openvpn/commit/4db7715a3aa62f2e8d8234c1852fb141f62318e2

 

It is not recommended to use --management on a TCP port without alsoadding a password authentication, as this can easily be abused by otherusers or processes being able to connect to the managmement interface.

But, what does it means for us, Airvpn users?

[corrado 100]

I get no such warning using OpenVPN 2.4.6 on Arch without Eddie. I'm not sure what this message actually refers to, but generally passwords are not required to connect to a server with AirVPN. Instead, you can generate your own key or use the default one (unique for each user). If we should still be worried, I have no idea....

[varttaanen 1]

I've got the same message, using Manjaro linux:

 

 

I 2018.05.19 12:49:54 - Eddie version: 2.13.6 / linux_x64, System: Linux, Name: Manjaro Linux \r  (\n) (\l), Version: Linux manjaro 4.14.40-1-MANJARO #1 SMP PREEMPT Wed May 9 20:10:25 UTC 2018 x86_64 GNU/Linux, Mono/.Net Framework: v4.0.30319
. 2018.05.19 12:49:54 - Reading options from /home/varttaanen/.airvpn/AirVPN.xml
. 2018.05.19 12:49:56 - Command line arguments (2): path="/home/varttaanen/.airvpn" console.mode="none"
I 2018.05.19 12:49:57 - OpenVPN Driver - Found, /dev/net/tun
I 2018.05.19 12:49:57 - OpenVPN - Version: 2.4.6 - OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10 (/usr/bin/openvpn)
I 2018.05.19 12:49:57 - SSH - Version: OpenSSH_7.7p1, OpenSSL 1.1.0h  27 Mar 2018 (/usr/bin/ssh)
W 2018.05.19 12:49:57 - SSL - Not available
I 2018.05.19 12:49:57 - curl - Version: 7.60.0 (/usr/bin/curl)
I 2018.05.19 12:49:57 - Certification Authorities: /usr/share/AirVPN/cacert.pem
. 2018.05.19 12:49:57 - Updating systems & servers data ...
I 2018.05.19 12:49:58 - Session starting.
. 2018.05.19 12:49:58 - Systems & servers data update completed
I 2018.05.19 12:50:05 - Checking authorization ...
! 2018.05.19 12:50:05 - Connecting to Sheliak (Netherlands, Alblasserdam)
. 2018.05.19 12:50:05 - SSH > OpenSSH_7.7p1, OpenSSL 1.1.0h  27 Mar 2018
. 2018.05.19 12:50:05 - SSH > debug1: Reading configuration data /etc/ssh/ssh_config
. 2018.05.19 12:50:05 - SSH > debug1: Connecting to 213.152.162.113 [213.152.162.113] port 22.
. 2018.05.19 12:50:05 - SSH > debug1: Connection established.
. 2018.05.19 12:50:05 - SSH > debug1: permanently_set_uid: 0/0
. 2018.05.19 12:50:05 - SSH > debug1: key_load_public: No such file or directory
. 2018.05.19 12:50:05 - SSH > debug1: identity file /home/varttaanen/.airvpn/f1a987693e9fc3c755a7fac0c465567036b15d62c904784bd67538391a3825ad.tmp.key type -1
. 2018.05.19 12:50:05 - SSH > debug1: key_load_public: No such file or directory
. 2018.05.19 12:50:05 - SSH > debug1: identity file /home/varttaanen/.airvpn/f1a987693e9fc3c755a7fac0c465567036b15d62c904784bd67538391a3825ad.tmp.key-cert type -1
. 2018.05.19 12:50:05 - SSH > debug1: Local version string SSH-2.0-OpenSSH_7.7
. 2018.05.19 12:50:06 - SSH > debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u1
. 2018.05.19 12:50:06 - SSH > debug1: match: OpenSSH_6.7p1 Debian-5+deb8u1 pat OpenSSH* compat 0x04000000
. 2018.05.19 12:50:06 - SSH > debug1: Authenticating to 213.152.162.113:22 as 'sshtunnel'
. 2018.05.19 12:50:06 - SSH > debug1: SSH2_MSG_KEXINIT sent
. 2018.05.19 12:50:06 - SSH > debug1: SSH2_MSG_KEXINIT received
. 2018.05.19 12:50:06 - SSH > debug1: kex: algorithm: curve25519-sha256@libssh.org
. 2018.05.19 12:50:06 - SSH > debug1: kex: host key algorithm: ecdsa-sha2-nistp256
. 2018.05.19 12:50:06 - SSH > debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
. 2018.05.19 12:50:06 - SSH > debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
. 2018.05.19 12:50:06 - SSH > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
. 2018.05.19 12:50:06 - SSH > debug1: Server host key: ecdsa-sha2-nistp256 SHA256:1mPY0Ju8byn3wcM+h/zjNKmoaWL0MiAKdQ0XR13LU6U
. 2018.05.19 12:50:06 - SSH > Warning: Permanently added '213.152.162.113' (ECDSA) to the list of known hosts.
. 2018.05.19 12:50:06 - SSH > debug1: rekey after 134217728 blocks
. 2018.05.19 12:50:06 - SSH > debug1: SSH2_MSG_NEWKEYS sent
. 2018.05.19 12:50:06 - SSH > debug1: expecting SSH2_MSG_NEWKEYS
. 2018.05.19 12:50:06 - SSH > debug1: SSH2_MSG_NEWKEYS received
. 2018.05.19 12:50:06 - SSH > debug1: rekey after 134217728 blocks
. 2018.05.19 12:50:06 - SSH > debug1: SSH2_MSG_SERVICE_ACCEPT received
. 2018.05.19 12:50:07 - SSH > debug1: Authentications that can continue: publickey,password
. 2018.05.19 12:50:07 - SSH > debug1: Next authentication method: publickey
. 2018.05.19 12:50:07 - SSH > debug1: Trying private key: /home/varttaanen/.airvpn/f1a987693e9fc3c755a7fac0c465567036b15d62c904784bd67538391a3825ad.tmp.key
. 2018.05.19 12:50:07 - SSH > debug1: Authentication succeeded (publickey).
. 2018.05.19 12:50:07 - SSH > Authenticated to 213.152.162.113 ([213.152.162.113]:22).
. 2018.05.19 12:50:07 - SSH > debug1: Local connections to LOCALHOST:33274 forwarded to remote address 127.0.0.1:2018
. 2018.05.19 12:50:07 - SSH > debug1: Local forwarding listening on ::1 port 33274.
. 2018.05.19 12:50:07 - SSH > debug1: channel 0: new [port listener]
. 2018.05.19 12:50:07 - SSH > debug1: Local forwarding listening on 127.0.0.1 port 33274.
. 2018.05.19 12:50:07 - SSH > debug1: channel 1: new [port listener]
. 2018.05.19 12:50:07 - SSH > debug1: Requesting no-more-sessions@openssh.com
. 2018.05.19 12:50:07 - SSH > debug1: Entering interactive session.
. 2018.05.19 12:50:07 - SSH > debug1: pledge: network
W 2018.05.19 12:50:07 - OpenVPN > WARNING: Using --management on a TCP port WITHOUT passwords is STRONGLY discouraged and considered insecure
. 2018.05.19 12:50:07 - OpenVPN > OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 24 2018
. 2018.05.19 12:50:07 - OpenVPN > library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10
. 2018.05.19 12:50:07 - Connection to OpenVPN Management Interface
. 2018.05.19 12:50:07 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100
. 2018.05.19 12:50:07 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2018.05.19 12:50:07 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2018.05.19 12:50:07 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:33274
. 2018.05.19 12:50:07 - OpenVPN > Socket Buffers: R=[87380->87380] S=[16384->16384]
. 2018.05.19 12:50:07 - OpenVPN > Attempting to establish TCP connection with [AF_INET]127.0.0.1:33274 [nonblock]
. 2018.05.19 12:50:07 - OpenVPN > TCP connection established with [AF_INET]127.0.0.1:33274
. 2018.05.19 12:50:07 - SSH > debug1: Connection to port 33274 forwarding to 127.0.0.1 port 2018 requested.
. 2018.05.19 12:50:07 - OpenVPN > TCP_CLIENT link local: (not bound)
. 2018.05.19 12:50:07 - OpenVPN > TCP_CLIENT link remote: [AF_INET]127.0.0.1:33274
. 2018.05.19 12:50:07 - SSH > debug1: channel 2: new [direct-tcpip]
. 2018.05.19 12:50:07 - SSH > debug1: Remote: Pty allocation disabled.
. 2018.05.19 12:50:07 - SSH > debug1: Remote: X11 forwarding disabled.
. 2018.05.19 12:50:07 - SSH > debug1: Remote: Forced command.
. 2018.05.19 12:50:07 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100
. 2018.05.19 12:50:07 - OpenVPN > TLS: Initial packet from [AF_INET]127.0.0.1:33274, sid=021672ee 0f1506d9
. 2018.05.19 12:50:08 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2018.05.19 12:50:08 - OpenVPN > VERIFY KU OK
. 2018.05.19 12:50:08 - OpenVPN > Validating certificate extended key usage
. 2018.05.19 12:50:08 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2018.05.19 12:50:08 - OpenVPN > VERIFY EKU OK
. 2018.05.19 12:50:08 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
. 2018.05.19 12:50:08 - OpenVPN > Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
. 2018.05.19 12:50:08 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]127.0.0.1:33274
. 2018.05.19 12:50:09 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
. 2018.05.19 12:50:10 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.50.0.1,comp-lzo no,route-gateway 10.50.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.50.13.160 255.255.0.0'
. 2018.05.19 12:50:10 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2018.05.19 12:50:10 - OpenVPN > OPTIONS IMPORT: compression parms modified
. 2018.05.19 12:50:10 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2018.05.19 12:50:10 - OpenVPN > OPTIONS IMPORT: route options modified
. 2018.05.19 12:50:10 - OpenVPN > OPTIONS IMPORT: route-related options modified
. 2018.05.19 12:50:10 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
. 2018.05.19 12:50:10 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2018.05.19 12:50:10 - OpenVPN > Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2018.05.19 12:50:10 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
. 2018.05.19 12:50:10 - OpenVPN > Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
. 2018.05.19 12:50:10 - OpenVPN > ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlp4s0b1 HWADDR=5c:ac:4c:a0:b4:b0
. 2018.05.19 12:50:10 - OpenVPN > TUN/TAP device tun0 opened
. 2018.05.19 12:50:10 - OpenVPN > TUN/TAP TX queue length set to 100
. 2018.05.19 12:50:10 - OpenVPN > do_ifconfig, tt->did_ifconfig_ipv6_setup=0
. 2018.05.19 12:50:10 - OpenVPN > /usr/bin/ip link set dev tun0 up mtu 1500
. 2018.05.19 12:50:10 - OpenVPN > /usr/bin/ip addr add dev tun0 10.50.13.160/16 broadcast 10.50.255.255
. 2018.05.19 12:50:15 - OpenVPN > /usr/bin/ip route add 127.0.0.1/32 via 192.168.1.1
. 2018.05.19 12:50:15 - OpenVPN > /usr/bin/ip route add 0.0.0.0/1 via 10.50.0.1
. 2018.05.19 12:50:15 - OpenVPN > /usr/bin/ip route add 128.0.0.0/1 via 10.50.0.1
. 2018.05.19 12:50:15 - OpenVPN > /usr/bin/ip route add 213.152.162.113/32 via 192.168.1.1
. 2018.05.19 12:50:15 - /etc/resolv.conf moved to /etc/resolv.conf.eddie as backup
. 2018.05.19 12:50:15 - DNS of the system updated to VPN DNS (Rename method: /etc/resolv.conf generated)
. 2018.05.19 12:50:15 - Flushing DNS
I 2018.05.19 12:50:15 - Checking route
I 2018.05.19 12:50:16 - Checking DNS
! 2018.05.19 12:50:18 - Connected.
. 2018.05.19 12:50:18 - OpenVPN > Initialization Sequence Completed
. 2018.05.19 12:59:59 - Updating systems & servers data ...
. 2018.05.19 13:00:01 - Systems & servers data update completed
. 2018.05.19 13:10:02 - Updating systems & servers data ...
. 2018.05.19 13:10:03 - Systems & servers data update completed
 

 

[jimbo64 1]

I also run manjaro (latest) and the problem also exists there. I'm just connecting through openvp for now, no errors when I do it this way.