Ubuntu Security :: Get Openvpn Start-up Script To Ask For A Password?

Jul 20, 2011

I have to say, I'm a little astonished at how anxious people are to bypass password checks on networks, all for the convenience of having things come up automatically. But given the world as we find it, I'm seeking a different approach.

I have an OpenVPN network. It works fine, but for my laptop, I've selected a client certificate that requires a password, so that if it falls into nefarious hands, the thief will not have immediate access to the VPN.

I'm trying not to have any data at all on the laptop (yes, a waste of a 500GB drive). So I want the VPN up even before I log in through the GUI.

It would be nice if the boot-up sequence would pause for the openvpn start script to ask for this password. I see the script contains a line "# X-Interactive: true" which I understand from documentation is supposed to accomplish this. But it doesn't. OpenVPN simply fails to start, which is better than the alternative, but a pain.

I have already disabled the splash screen (having been around Linux for over ten years, I am more comfortable seeing boot-up messages anyway, though even on this x86 they flash on so quickly I'm not sure I'm really gaining anything).

What am I missing?

View 2 Replies


ADVERTISEMENT

Ubuntu Security :: Avoid To Rewrite The Password Again And Again - Start With Superuser Permissions

Oct 16, 2010

Having to write my user password every time I want to do anything. I DO know I'm doing something risky for the system, that's why I have Linux. Is there a way to avoid to rewrite the password again and again, like start with superuser permissions?

View 2 Replies View Related

Security :: Security Of OpenVPN With Premade Keys?

Jan 2, 2010

Im a total beginner when it comes cryptography and networking. Finally managed to create a connection with OpenVPN on Ubuntu to a vpn provider called ivacy. On this page:http://ivacy.com/en/doc/user/setup/winxp_openvpn they give configuration files and keys, which I used. The question is, if someone wanted to see my network traffic, could they do it using the keys provided on that page. Reading the OpenVPN documentation i saw that it is also possible to create your own keys. Would that be more secure?

View 10 Replies View Related

Security :: OpenVPN Security For Clients?

Jan 8, 2010

I have a running proxy server that I wish to also turn into a VPN server.The VPN is not used so much that a user can access the network but is used so that they can obtain a geo specific IP address for their applications (the proxy server only does this for HTTP).I would therefore like to block off the VPN from accessing any of my Linux box's ports such as email, web server etc.Clients are given local IPs of 172.16.0.x.What should I take into consideration to block off clients from accessing dangerous stuff on the network?

View 4 Replies View Related

Ubuntu Security :: How To Use Openvpn On 10.10

Nov 29, 2010

There dosent seem to be a guide for this...i can use pptp vpn on ubuntu-how do i use openvpn-a step by step guide would be really useful!!

The vpn provider i use is called 'hidemyass' vpn-anyone know if openvpn will work on ubuntu with this?

View 1 Replies View Related

Ubuntu :: Get US Openvpn To Start Before Opening Huludesktop

Mar 14, 2010

I'm trying to get my US openvpn to start before opening huludesktop. I can start my vpn from the command line:

sudo openvpn --cd /etc/openvpn --config client.ovpn

but if I put in a script vpnhulu.sh

#!/bin/bash
sudo openvpn --cd /etc/openvpn --config client.ovpn &
huludesktop %F

It doesn't work - huludesktop starts but the vpn client doesn't start

View 1 Replies View Related

Ubuntu :: OpenVPN Server Won't Start After Reboot

Jul 15, 2010

I had recently setup an OpenVPN server on x64 10.04 via the guide found at: [url]

Everything was working perfectly, all clients were able to connect etc.

Today I needed to reboot for a completely unrelated issue - only to find that upon logging in, openVPN was no longer running.

When I tried to execute 'sudo /etc/init.d/openvpn start' I'm presented with an interesting message...

This *used* to say Server. I've double checked all the configs and scripts used in the config and they all check out OK. I purged and reinstalled openVPN to no avail...

View 2 Replies View Related

Debian Multimedia :: Network-manager - Openvpn Does Not Ask For Password ?

Mar 9, 2011

I have setup my laptop to connect to a VPN server running openvpn.

This works fine if I from the client, start OpenVPN from the terminal. /etc/init.d/openvpn start

It then asks for a password for the certificate, which is should.

I have then installed the OpenVPN option for the Gnome network manager (network-manager-openvpn), so I could use the nm-applet for this, instead.

But it seems to be that there is a little bug, so I does not prompt me for the certificate password, OR use the password this is actually set for the certificate. (kinda irritating)

I get the following error on on the client.

nm-openvpn[2936]: ERROR: could not read Private Key username/password/ok/string from management interface

It seems like an very old bug, I tried the following without any luck (Yes I noticed it was for Ubuntu). [url]

View 1 Replies View Related

Fedora :: Why OpenVPN Service Can't Start Up

Nov 24, 2009

It is the first time have I used VPN. I installed OpenVPN in my Fedora 11 computer. I did it following:URL...And I stopped at step 16: service openvpn start . The service can not start up. Even if I disabled Selinux . Does anyone know how to treat this trouble.

View 1 Replies View Related

Ubuntu Security :: Openvpn Won't Work On A New Network?

Jan 5, 2010

A couple of weeks ago I was using openvpn with a provider of PVNs on a home wifi network with no problems.I had installed openvpn using apt-get install and downloaded theopvn PVN files from the organization.erything worked fine.I would type sudo openvpn nameoffile.ovpn and then add my username and password during the installation process.However, when I try to do the same on an Ethernet network, the installation work fines (as above) and informs me that everything is connected (same as on the home Wifi network) but Firefox and all other software cannot connect to anything on the Internet.I contacted the organization who said the DNS was a problem and I needed to install resolvconf then modify each .opvn file using up /etc/openvpn/update-resolv-conf and down /etc/openvpn/update-resolv-confcauses the installation to hang because it does not like openvpn pointing to an external file.Irrespective of the problem I have with this "solution", previously I could use openvpn without modifying the .ovpn files. It just worked! I wonder if anyone knows why using the exact same configuration on an Ethernet network (which I have not used before with openvpn) is causing problems

View 4 Replies View Related

Ubuntu Security :: Configuring Iptables To Allow VNC And OpenVPN?

Jun 20, 2010

I'm running Ubuntu 10.04 LTS as a VM in Hyper-V, and accessing it via VNC with a machine in the same broadcast domain. I'm using OpenVPN to connect to XeroBank. I have instructions for configuring iptables to permit establishing and using the XeroBank connection, while blocking all other traffic on eth0. I've followed them successfully. I need to also permit the VNC connection, and haven't managed that. FWIW, the VM is at 192.168.111.12::5900 and the workstation is 192.168.111.2.

The attachment to this post lists the recommended contents for each Shorewall file. Which files need changed, and what do I add to each?

View 3 Replies View Related

Ubuntu Security :: OpenVPN Installation Using Apt - Components

Jul 17, 2010

I just installed OpenVPN using apt, and it doesn't seem to have components which are distributed with the source, such as easy-rsa. Why would tools like this be excluded from the package? I prefer to use apt rather than compiling from source, to keep things neat and simple.

View 2 Replies View Related

Ubuntu Security :: Can't Seem To Activate The Openvpn Server In The Gui?

Aug 4, 2010

I installed OpenVPN and gadmin-openvpn-server from the repos and I can't seem to activate the openvpn server in the gui. I have the server certificate generated, and all the information on encryption protocols setup, and accounts named and ready, despite accounts that were already there, such as www-data, bind, ossec, etc being listed. The server log states:

PLUGIN_INIT: could not load plugin shared object /usr/lib/openvpn-pam-auth.so: /usr/lib/openvpn/openvpn-pam-auth.so: cannot open shared object file: No such file or directory.

View 5 Replies View Related

Ubuntu Security :: OpenVPN Connects To VPN But No Internet (10.10 64-bit)

Jan 5, 2011

I use vpntunnel.se and followed their tutorial for OpenVPN and it connects and assigns an IP. However, once the sequence is initiated and I open my browser I cannot connect to a webpage and get a "cannot resolve" error. I e-mailed their support and they suggested I change the DNS of my network settings. I did that but the same problem. Once I close OpenVPN my internet works again. It works in windows, so I know it is not my router...I use a wireless connection with my router. I don't know if this has something to do with anything...

View 9 Replies View Related

Ubuntu Security :: Unable To Ssh To Client When It Is Running Openvpn?

Apr 21, 2010

I have a virtual private server running ubuntu server edition that I have set up as an openvpn client. The problem I have is that the moment I turn on openvpn, I am no longer able to ssh into the machine. Is there a way to enable me to connect to it even when it is tunneling?

View 4 Replies View Related

Fedora Networking :: F-12 Openvpn Server Does Not Start At Boot

Nov 23, 2009

This was working and stable on f-10 and f-11. Fresh f-12 install including openvpn, Copied /etc/openvpn/* to new system as root from working f-11 syatem. /etc/init.d/openvpn start (and stop) works as advertised HOWEVER when set to start at boot using chkconfig or Services Configuration program, openvpn does not start. I must manually start it every time. When started, it does work without error messages in the log.

I tried removing the NetworkManager-vpn module with no effect. Thought it could somehow be overriding the auto startup of openvpn at boot.

View 6 Replies View Related

Security :: Deleted Certificates But They Keep Reappearing - Openvpn?

Jan 10, 2010

Why is that certificates need to be revoked with openvpn?I simply removed them from the keys folder but everytime the client connects it just places the certificates back into the keys folder itself?! Should that be possible?

Secondly, I have a problems etting the revoke command.Is there a known setting on the openssl.cnf file that might cause this?

[root@server]# source ./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys
[root@server]# ./revoke-full client2
Using configuration from /etc/openvpn/easy-rsa/2.0/openssl.cnf
error on line 282 of config file '/etc/openvpn/easy-rsa/2.0/openssl.cnf'
21368:error:0E065068:configuration file routines:STR_COPY:variable has no value:conf_def.c:629:line 282
code....

View 1 Replies View Related

Ubuntu Security :: Change Keyring Password To Match Login Password

Jun 14, 2011

everytime i try to vnc to my box, it pops up the keyring authentication, which is obviously a huge problem when logging in remotely.how do i change my keyring password to match my login password?

View 4 Replies View Related

Ubuntu Security :: Generate Password / Encryption Keys For Password

Oct 22, 2010

I know this has probably been asked too many times here but I need to secure my emails. Personal matters of course. But yeah. I use the program "Password and Encryption Keys" to generate a key to sign my emails with but I do not know what to do. To be blunt, I'm stupid when it comes to this. IF not, steps in creating a key? and giving it (my public key) to the significant other? Finding where both keys are? Implementing it into Thunderbird? If it helps any here's some extra information: Ubuntu distro: Ubuntu 10.04 Email client: Thunderbird

View 7 Replies View Related

Ubuntu Security :: Want To Change Password To Weak Password

Jan 13, 2010

How can I force passwd to use a simple password?I want to change my passwd & delete passwd history (if stored).I plan on creating a Virtual Appliance that uses another password besides my testing password.

View 5 Replies View Related

General :: Start Truecrypt Automatically And Use The Same Password As Login Password?

Sep 13, 2009

Ubuntu 8.4 Just installed Truecrypt yesterday. Would like to be able to start Truecrypt automatically and use the same password as my login password.

View 1 Replies View Related

Security :: Public Facing OpenVPN - Open Any Ports On The Router / Firewall

Feb 14, 2011

Within the documentation of example OpenVPN setups there is a setup that shows an OpenVPN Server with two network interfaces. One interfaces is plugged into the public internet network and the second interface is plugged into the private network.

Normally I assume that it would be best to place the OpenVPN system inside the network behind the router and firewall and open only the ports needed on the router to allow access to the OpenVPN system. All other router ports would be closed. This is the first example they show. To see what I am talking about see page(s) 6-7 here -> [URL]

If one were to use the two interface public facing setup, when would that setup best be justified? I guess if you didn't want to open any ports on the router/firewall then this could be justified but then you have to lock down this public system individually instead of having it protected by the network firewall.

View 1 Replies View Related

Ubuntu Security :: Changing Password Seem To Be Potential Security Hazard?

Aug 3, 2010

I already posted a topic similar to this concerning the Desktop OS version, but this deals with the Netbook because unlike the Desktop, the Netbook is less cooperative. Allow me to elaborate: Today (or rather yesterday since it's not after midnight where I am), I changed my password because I was hopelessly confounded about how to get my Wireless Network card up and running after it had been installed and I was allowing my dad to use it. This issue has since been resolved, however...

When I chose my password during the original installation, there was no mention of it being "too simple." This is where the Desktop OS and the Netbook OS differ. The desktop will let me change it in the terminal without any errors. The Netbook will not. When I've attempted to revert it back to the original, it will not let me do so in the User Profile or in the Terminal. The Passwords and Encryption Keys application also does not appear to help.

So now even after I've changed it to a different "complicated" password I am still prompted to insert two different passwords since I changed my user password but I am unable to change the password I input during the installation. A bit screwy methinks. This is extremely important. I'd like to know how to change the original installation password.

If I can't change the main password on my laptop then this is a serious potential security breach just waiting to happen (especially since it's on a laptop and I will be hauling it around with me) and I will most likely install a different OS if this isn't resolved --- It would be very unfortunate since I spent the whole day fixing it and I really enjoy the interface. Luckily I can live with this on my Desktop since I'm not going to be hauling it around with me everywhere when the school year starts.

View 9 Replies View Related

Security :: Find Password Or Circumvent The Password Altogether?

Oct 1, 2010

I have a database created by an older program (not Access) that I need to open and retrieve information for my business. The manufacturer put a password on there so that only it's program could open it. I do not use that program, but it has information I need. Is there a way to find that password or circumvent the password altogether?

View 1 Replies View Related

Ubuntu Networking :: Network-manager-openvpn And Static-key OpenVPN Connection In 9.10

Apr 5, 2010

i have some problems with configuring openvpn tunnel connection to my openvpn server. I'm using static-key tcp connection. Network manager always said to me that connection could not be established. Also, when i try to run openvpn from terminal, i got some strange permissions problem:

Code:

openvpn --config config.ovpn
Mon Apr 5 15:48:37 2010 OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009
Mon Apr 5 15:48:37 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 5 15:48:37 2010 /usr/sbin/openvpn-vulnkey -q moj.key

[code]....

View 1 Replies View Related

Fedora :: Openvpn Certificate \ Installed Openvpn And Config It For A Tunnel?

Aug 9, 2010

i have installed openvpn and config it for a tunnel. my server.conf and client,conf is as follow:

server.conf
port 1194
proto udp

[code]...

View 1 Replies View Related

Server :: OpenVPN Range Address / When Change Static IP To Dynamic IP In Config File OpenVPN Didn't Work?

Feb 13, 2010

I want to configure a VPN over the Internet.I installed the 'openvpn' package, generated the key file, transfered it by a secure way to the client, and setted up the configuration file.

So, in that configuration file I input the IP addresses of the tunneled interfaces. Both IPs are static in the tunnel.

Then, I've heard somewhere that I can assign a dynamic configuration IP for the client. I do this registering a range.

Well, when I tried to change static IP to dynamic IP (changing '192.168.0.2' to '192.168.0.0/24') in the configuration file, the OpenVPN didn't work.

Obviously I don't know what I'm doing, and I really, don't believe that simply changing the IP will make it work, but I tried.

I hope I explained my problem as well.

My configuration file:

# OpenVPN Server Configuration File
dev tun 0
ifconfig 192.168.0.1 192.168.0.2
cd /etc/openvpn
secret key_file

In client I execute the 'openvpn' without the '--daemon' parameter.Then I want that my client uses a IP in a range (192.168.0.0/24, for example), instead of a static IP (192.168.0.2).I also thought to use a DHCP server, but I'm not sure that will work.

View 6 Replies View Related

Fedora Networking :: Unable To Start An Openvpn-connection Via The "nmcli"-command To Control NetworkManager

Jun 4, 2011

As I reported in this bug:[URL].. root is not able to start an openvpn-connection via the "nmcli"-command to control NetworkManager, whereas my user does not run in any problems with this command. My error output when starting as root is as follows:

Code:
# nmcli con up id "my-openvpn"
Active connection state: unknown
Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/5
state: VPN connecting (need authentication) (2)
Error: Connection activation failed: no valid VPN secrets.

Does anybody know what to do about this strange behaviour? The vpn-secret seems to be stored in the gnome-keyring and in the /etc/NetworkManager/system-connections/my-openvpn simultaneously. But root cannot access any of these. Why this is important? I'm trying to set up a dispatcher-script to automatically start openvpn on eth-connection. but this does throw the exact error from above (no valid vpn secrets..).

[Code]...

View 1 Replies View Related

Ubuntu :: Keyring Password On Start Up

Jan 19, 2010

When I start up my laptop that is running Ubuntu 9.10 I get a pop up window that asks me to input my password for Keyring. How can i remove this from the start up or how can I remove from having to put in my password for every time I get prompted ?

View 2 Replies View Related

Ubuntu :: Get A Terminal To Appear At The Start Up To Ask For The Password

Mar 31, 2010

I've copied a little shell script from the net and when I run it in xfce4-terminal it just works

Code:

sudo ./script.sh

The problem is that this script needs interaction with the user (entering a password) and I want to run it at the startup. I've put it in the /etc/init.d folder, configured the options but I need to know how you can get a terminal to appear at the start up to ask you for the password.

Code:

#!/bin/bash
echo "1. Enter your password
oldConfig=`stty -g`

[code].....

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved