Koozali.org: home of the SME Server

Contribs.org Forums => Koozali SME Server 10.x Contribs => Topic started by: joost on November 09, 2023, 10:42:20 PM

Title: OpenVPN on Koozali 10 - "Password entry required"
Post by: joost on November 09, 2023, 10:42:20 PM

Hi,

I installed openvpn-bridge.

What am I doing wrong if I keep getting

"Password entry required for 'Enter Private Key Password:' (PID 4909).
Please enter password with the systemd-tty-ask-password-agent tool!"

when I login a terminal session?

Thanks,

Title: Re: OpenVPN on Koozali 10 - "Password entry required"
Post by: gieres on November 10, 2023, 08:30:39 AM

Hi,
Perhaps have you forget to set password user in configuration panel ; by example in :
*In ubuntu go to '''Network Manager > VPN Connections > Configure VPN'''. Click '''import''' then in the explorer navigate to the openvpn folder in the home directory and select the .ovpn file created previously. This should automatically load all settings into network manager.
*Add username and password of client, then you have to give the path of the '''user.p12''' key of your user and set the  Private key password (the password set during the certificate creation in phpky).

Title: Re: OpenVPN on Koozali 10 - "Password entry required"
Post by: ReetP on November 10, 2023, 11:17:56 PM

Or create the client certificate without a password?

Title: Re: OpenVPN on Koozali 10 - "Password entry required"
Post by: joost on November 11, 2023, 07:41:34 PM

I guess it was the deamon, because I got this message on Koozali server and I got rid of the message when I entered the CA-password. I'm still wondering is this normal? I cannot remember that in the passed with a former installation of a server that I got this same problem. So my question is, did I do something wrong? Thanks

Title: Re: OpenVPN on Koozali 10 - "Password entry required"
Post by: Jean-Philippe Pialasse on November 11, 2023, 11:27:37 PM

Quote from: joost on November 11, 2023, 07:41:34 PM

I guess it was the deamon, because I got this message on Koozali server and I got rid of the message when I entered the CA-password. I'm still wondering is this normal? I cannot remember that in the passed with a former installation of a server that I got this same problem. So my question is, did I do something wrong? Thanks

probably did not read the manual : https://wiki.koozali.org/OpenVPN_Bridge#Using_PHPki_to_manage_the_certificates

Quote

Password: This field must be blank. Remember that OpenVPN daemon starts without human intervention when the server boots, so it need to have access to the certificate key without being prompted for a password.

Title: Re: OpenVPN on Koozali 10 - "Password entry required"
Post by: joost on November 14, 2023, 01:19:30 PM

If I try to leave the password field  empty when creating the CA I get the following error:

ERROR(S) IN FORM:
Missing Certificate Password
Missing Certificate Password Verification "Again"

Can I bypass this?

Title: Re: OpenVPN on Koozali 10 - "Password entry required"
Post by: ReetP on November 14, 2023, 02:11:52 PM

You need to read more.

https://wiki.koozali.org/PHPki

You always add a password for creating your CA certificate when you set up PKPki.

You do not need a password when creating the user certificate for openvpn.

Title: Re: OpenVPN on Koozali 10 - "Password entry required"
Post by: Jean-Philippe Pialasse on November 14, 2023, 05:46:03 PM

you need to select the type vpn client or vpn. server for the form to allow you mot to fill the password.