-
Flo81
- OpenVpn Newbie
- Posts: 3
- Joined: Wed Apr 04, 2018 2:02 pm
—auth-user-pass fails with
Hello
I can’t log on with —user-auth-pass
I tried ANSI, unicode, and UTF8, move and rename the pass.txt still the same error
I’ve done exactly what is said in several tutorials but none worked
Code: Select all
Wed Apr 04 15:56:35 2018 WARNING: cannot stat file 'C:Program FilesOpenVPNconfigpass.txt': No such file or directory (errno=2)
Options error: --auth-user-pass fails with 'C:Program FilesOpenVPNconfigpass.txt'
Options error: Please correct these errors.
Use --help for more information.
Press any key to continue...Please help
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11142
- Joined: Fri Jun 03, 2016 1:17 pm
Re: —auth-user-pass fails with
Post
by TinCanTech » Wed Apr 04, 2018 2:50 pm
Flo81 wrote: ↑
Wed Apr 04, 2018 2:12 pm
WARNING: cannot stat file ‘C:Program FilesOpenVPNconfigpass.txt’: No such file or directory (errno=2)
I presume you have this in your config file:
Code: Select all
auth-user-pass "C:Program FilesOpenVPNconfigpass.txt"when you need to have this:
Code: Select all
auth-user-pass "C:\Program Files\OpenVPN\config\pass.txt"Double backslash .. «\» .. like it says in the Manual
-
Flo81
- OpenVpn Newbie
- Posts: 3
- Joined: Wed Apr 04, 2018 2:02 pm
Re: —auth-user-pass fails
Post
by Flo81 » Wed Apr 04, 2018 6:34 pm
Thanks for reply
Here is my ovpn
wrong ovpn
# host/port of vpn server
remote gw1.ams2.octanevpn.com 8888
# file containing username and password
auth-user-pass «C:\Program Files\OpenVPN\config\pass.txt»
# equivalent to pull, tls-client
client
# redirect all outgoing traffic to the vpn gateway
redirect-gateway
# verify the server certificate for authenticity
remote-cert-tls server
#cipher
cipher AES-256-CBC
proto udp
dev tun
nobind
<ca>
——BEGIN CERTIFICATE——
MIIDQDCCAqmgAwIBAgIJAM8Brk2pUr0KMA0GCSqGSIb3DQEBBQUAMHQxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJDQTEMMAoGA1UEBxMDVlBOMQwwCgYDVQQKEwNWUE4x
DDAKBgNVBAsTA1ZQTjEMMAoGA1UEAxMDVlBOMQwwCgYDVQQpEwNWUE4xEjAQBgkq
hkiG9w0BCQEWA1ZQTjAeFw0xMjAzMDMwMjExNDJaFw0yMjAzMDEwMjExNDJaMHQx
CzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEMMAoGA1UEBxMDVlBOMQwwCgYDVQQK
EwNWUE4xDDAKBgNVBAsTA1ZQTjEMMAoGA1UEAxMDVlBOMQwwCgYDVQQpEwNWUE4x
EjAQBgkqhkiG9w0BCQEWA1ZQTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wY2K08N7or1Br/EsD9XBon7gs7dKflWYuymgMLJfeMFWuJloNdsn+3GARIhYBbN6
zhvFGFE214qKPqAydW1WmIIK7KoC0sgndr+Vk/au9gssFzVmmvr6+WN/nfo2L9Kv
vBMoYLrMAiyw/D4cRapZi2pXJLcMDfC+p1VWAX8TYWkCAwEAAaOB2TCB1jAdBgNV
HQ4EFgQUmyvO4rTnu5/ABnp0FngU+SdR8WAwgaYGA1UdIwSBnjCBm4AUmyvO4rTn
u5/ABnp0FngU+SdR8WCheKR2MHQxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEM
MAoGA1UEBxMDVlBOMQwwCgYDVQQKEwNWUE4xDDAKBgNVBAsTA1ZQTjEMMAoGA1UE
AxMDVlBOMQwwCgYDVQQpEwNWUE4xEjAQBgkqhkiG9w0BCQEWA1ZQToIJAM8Brk2p
Ur0KMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAoB0kOuGvrzPBTIRX
IDHCCxBMdny+3sKAOllmH4+51j2aWhAJ4Pyc/yBTYyQGNoriABjmNzp+R05oiaxA
D3vTgR80juKDPtQb8LoGLBF18gL7Vtc3+hJXcJasXZaDSSoyh5f+TtGvytIT+ece
JWIrKnFXzlHOvKlyLkcZn15gwK
——END CERTIFICATE——
</ca>
-
Flo81
- OpenVpn Newbie
- Posts: 3
- Joined: Wed Apr 04, 2018 2:02 pm
Re: —auth-user-pass fails with
Post
by Flo81 » Fri Apr 06, 2018 2:01 pm
Please someone can help me ?
hi,
FYI, I just experienced the same problem:
ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
on a Raspberry Pi 1 Host with Hypriot 0.6:
$ uname -a
Linux openvpn 4.1.12-hypriotos+ #1 PREEMPT Tue Nov 3 19:37:31 UTC 2015 armv6l GNU/Linux
$ docker --version
Docker version 1.9.0, build 76d6bc9
I figured that it works with the --privileged option, but not with --cap-add=NET_ADMIN.
however, as I did not want to give the docker container full privileged access, I tried a little around and finally figured: it works if you also add the /dev/net/tun device:
docker run --cap-add=NET_ADMIN --device=/dev/net/tun ...
so maybe this helps someone out there, for me it works fine now. 
UPDATE: as I’m just going through the scripts here in more detail I have to add that I did not use the scripts here, so I did not run the mknod /dev/net/tun ... command which I guess was the reason for my setup not working before, my bad.
UPDATE 2: of course now that I created the /dev/net/tun device as in your script, it works as expected! so please rather ignore this comment
|
0 / 0 / 0 Регистрация: 27.01.2014 Сообщений: 5 |
|
|
1 |
|
|
27.01.2014, 21:28. Показов 11655. Ответов 5
Здравствуйте, уважаемые гуру! Логов нет никаких других. И переустанавливал openvpn и файервол с антивирем отключал, службы нужные вроде выставил и т.д и т.п., — не пашет… Подскажите пожалуйста, как настроить её?)
__________________
0 |
|
12383 / 7222 / 758 Регистрация: 09.09.2009 Сообщений: 28,180 |
|
|
28.01.2014, 16:44 |
2 |
|
При чем тут файервол, антивирь и прочая фигня? тебе сама софтина пишет:
Temporary directory (—tmp-dir) fails with ‘C:DOCUME~1666LOCALS~1Temp’: No such file or directory это значит, что у нее в настройках «кто-то» прописал параметру —tmp-dir значение C:DOCUME~1666LOCALS~1Temp , а фактически на компе такой папки НЕТ! вот и вся любовь…
1 |
|
0 / 0 / 0 Регистрация: 27.01.2014 Сообщений: 5 |
|
|
29.01.2014, 15:25 [ТС] |
3 |
|
«прочая фигня» как раз таки важна при подключении, не первый раз настраиваю, а манипуляции с шампунем и прочим, полагаю, не уместны, хотя и не проверял)))
0 |
|
12383 / 7222 / 758 Регистрация: 09.09.2009 Сообщений: 28,180 |
|
|
29.01.2014, 15:35 |
4 |
|
такая папка есть, проверял… осталось доказать это программе
1 |
|
224 / 112 / 18 Регистрация: 27.09.2012 Сообщений: 575 |
|
|
29.01.2014, 15:58 |
5 |
|
Решение Проблема в длинных именах папок. Программа идет по пути «C:DOCUME~1666LOCALS~1Temp», а такого пути то нету.
1 |
Сообщение было отмечено newW как решение
|
0 / 0 / 0 Регистрация: 27.01.2014 Сообщений: 5 |
|
|
29.01.2014, 20:39 [ТС] |
6 |
|
kroniel, — огромное спасибо и респект!) всё получилось! я что-то такое подозревал, но не знал с какой стороны подступиться
0 |
There are lots of questions pertaining this error, and there is a suggested manual fix which works well, but there’s no permanent solution. How can i permanently solve this? Im having this issue on a debian wheezy server, using OpenVPN client to connect to an OpenVPN server.
The suggested fix is the one below. Seems like, /dev/net is not automatically created and of course disappears on each reboot.
mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 600 /dev/net/tun
asked Feb 14, 2020 at 1:47
1
debian wheezy has been out of support since may 2018 (https://www.debian.org/releases/wheezy/), you should not be using it in 2020 any more for production.
Now, with that out of the way, you could add the commands that temporarily fix your issue adding those commands a bash script that you add to your root crontab with the @reboot nickname (man 5 crontab).
So create a bash script somewhere in your file system with something like this:
#!/bin/bash
mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 600 /dev/net/tun
/etc/init.d/openvpn restart
Save it with 755 permissions and modify the root crontab:
# crontab -e
with this content at least
@reboot /path/to/where/you/saved/the/script
And after rebooting it should have started openvpn successfully.
answered Feb 14, 2020 at 19:35
natxo asenjonatxo asenjo
5,6792 gold badges26 silver badges27 bronze badges
2
It happens in Arch/Manjaro as well.
I managed to figure out the problem, apparently a kernel upgrade is simply moving the modules directory, so trying to reach the modules from their known location is unavailable, the current running kernel is still running but I can’t seem to modprobe (load) any modules which are not already loaded (such as tun required for OpenVPN connections).
So for example, the /lib/modules/ directory had the following directories before the upgrade (I have multiple kernels, notice the 5.16 series):
5.15.32-1-MANJARO *5.16.14-1-MANJARO* extramodules-5.15-MANJARO extramodules-5.16-MANJARO
And this is the status after the upgrade:
5.15.32-1-MANJARO *5.16.18-1-MANJARO* extramodules-5.15-MANJARO extramodules-5.16-MANJARO
Trying to load the tun modules shows the following message:
modprobe: FATAL: Module tun not found in directory /lib/modules/5.16.14-1-MANJARO
Which perfectly makes sense as this directory doesn’t exist.
So, what is my proposed solution in this case? A restart.
answered Apr 19, 2022 at 7:46
YaronYaron
2013 silver badges10 bronze badges
0
I think that a possible solution is to configure the system to load the tun kernel module during startup. In order to do so, list the tun module name in /etc/modules file:
# echo tun >> /etc/modules
udev is the system component that creates and maintains device nodes in /dev folder according to loaded kernel modules and connected hardware devices. I believe that by loading tun kernel module at boot time, the system will create the /dev/net/tun device node on every startup.
I hope it helps.
EDIT: I am a bit outdated. After launching a Debian Wheezy image published in Vagrant Cloud website, I figured out that udev in fact handles permissions, ownerships and symlinks regarding already existing device nodes. Device nodes are actually created by the kernel itself and are exposed to userspace through the devtmpfs pseudo-filesystem.
devtmpfs filesystem is mounted at initramfs time. The file /usr/share/initramfs-tools/init, which gets executed once grub extracts initramfs to memory, presents code that mounts a devtmpfs filesystem into /dev, falling back to a standard tmpfs filesystem if unsuccessful.
In addition, to have devtmpfs filesystem available, Debian Wheezy kernel is shipped with CONFIG_DEVTMPFS=y enabled.
answered Feb 14, 2020 at 3:12
4
This is my first time creating a opnenvpn server to non testing and so far like the setup. However I am having an issue starting the server, I’m following this guide on hackernoon to set it up. I am stuck on step 6 the reboot part. My line I added as part of that was
push "route 10.0.0.0 255.255.0.0"
Which seems to make sense with what they were suggesting since my subnets are done via a 10.0.X.X patern.
Log file
Options error: --ca fails with 'ca.crt': No such file or directory (errno=2)
Options error: --cert fails with 'server.crt': No such file or directory (errno=2)
Thu Nov 7 21:27:54 2019 WARNING: cannot stat file 'server.key': No such file or directory (errno=2)
Options error: --key fails with 'server.key': No such file or directory (errno=2)
Options error: Please correct these errors.
Use --help for more information.
I found people saying I need to put the complete path to those files however I can not find them
ls /etc/openvpn/
client/ server/ ta.key
dh2048.pem server.conf update-resolv-conf
client and server directories are empty
interesting part of the openvpn.sh script
cd ~/openvpn-ca/keys
cp ca.crt ca.key server.crt server.key ta.key dh2048.pem /etc/openvpn
I checked both the origional location as well as the expected location and the files are in neither
See this in the output when running the script
cp: cannot stat 'ca.crt': No such file or directory
cp: cannot stat 'ca.key': No such file or directory
cp: cannot stat 'server.crt': No such file or directory
cp: cannot stat 'server.key': No such file or directory
- Печать
Страницы: [1] 2 3 Все Вниз
Тема: ubuntu server + openvpn server = при запуске Options error: —dh fails with ‘dh. (Прочитано 6898 раз)
0 Пользователей и 1 Гость просматривают эту тему.
YDenis
Здравствуйте.
Подскажите пожалуйста. Ubuntu server 20.04 (vps amazon). Устанавливаю openvpn server. Дошел до запуска самого сервера. Идет ругань на сертификаты.
Конфигурация:
port 1194
proto udp
dev tun
ca ca.crt
cert yyyy.crt
key yyyy.key
dh dh.pem
server 10.9.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
tls-auth ta.key 1
auth SHA1
cipher AES-256-CBC
client-to-client
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
verb 3
explicit-exit-notify 1
Терминал:
sudo openvpn /etc/openvpn/server.confВ папке логов нет. Сами сертификаты в /etc/openvpn в наличии.
Options error: --dh fails with 'dh.pem': No such file or directory (errno=2)
Options error: --ca fails with 'ca.crt': No such file or directory (errno=2)
Options error: --cert fails with 'yyyy.crt': No such file or directory (errno=2)
Mon Oct 18 15:42:50 2021 WARNING: cannot stat file 'yyyy.key': No such file or directory (errno=2)
Options error: --key fails with 'yyyy.key': No such file or directory (errno=2)
Mon Oct 18 15:42:50 2021 WARNING: cannot stat file 'ta.key': No such file or directory (errno=2)
Options error: --tls-auth fails with 'ta.key': No such file or directory (errno=2)
Options error: Please correct these errors.
Use --help for more information.
Где может быть ошибка?
благодарю
ALiEN175
ca ca.crt
cert yyyy.crt
key yyyy.key
dh dh.pem
No such file or directory
А если чуть-чуть подумать?
ASUS P5K-C :: Intel Xeon E5450 @ 3.00GHz :: 8 GB DDR2 :: Radeon R7 260X :: XFCE
ACER 5750G :: Intel Core i5-2450M @ 2.50GHz :: 6 GB DDR3 :: GeForce GT 630M :: XFCE
YDenis
ca ca.crt
cert yyyy.crt
key yyyy.key
dh dh.pemNo such file or directory
А если чуть-чуть подумать?
Права.
Когда копировал сертификаты по мануалу, прошло только через судо:
cp ./pki/ca.crt /etc/openvpn/ca.crt
ALiEN175
YDenis, неа) рабочая директория 
cd /etc/openvpn && sudo openvpn /etc/openvpn/server.conf
ASUS P5K-C :: Intel Xeon E5450 @ 3.00GHz :: 8 GB DDR2 :: Radeon R7 260X :: XFCE
ACER 5750G :: Intel Core i5-2450M @ 2.50GHz :: 6 GB DDR3 :: GeForce GT 630M :: XFCE
YDenis
YDenis, неа) рабочая директория
cd /etc/openvpn && sudo openvpn /etc/openvpn/server.conf
благодарю
Пользователь добавил сообщение 18 Октября 2021, 19:24:57:
И еще ребята плиз.
Мне tcp нужно (микротик будет клиентом).
Ставлю proto tcp
Options error: —explicit-exit-notify can only be used with —proto udp
« Последнее редактирование: 18 Октября 2021, 19:24:57 от YDenis »
ALiEN175
Пара советов:
— ключи и сертификаты можно хранить непосредственно в конфиг-файле.
— OpenVPN сильно режет скорость. Если это критично, лучше посмотреть на Wireguard
ASUS P5K-C :: Intel Xeon E5450 @ 3.00GHz :: 8 GB DDR2 :: Radeon R7 260X :: XFCE
ACER 5750G :: Intel Core i5-2450M @ 2.50GHz :: 6 GB DDR3 :: GeForce GT 630M :: XFCE
YDenis
Пара советов:
— ключи и сертификаты можно хранить непосредственно в конфиг-файле.— OpenVPN сильно режет скорость. Если это критично, лучше посмотреть на Wireguard
Микрот в 7 версии операционки будет работать с Wireguard. Сейчас нет.
сенк
ALiEN175
Ставлю proto tcp
Options error: —explicit-exit-notify can only be used with —proto udp
Всё написано же. Уберите explicit-exit-notify
ASUS P5K-C :: Intel Xeon E5450 @ 3.00GHz :: 8 GB DDR2 :: Radeon R7 260X :: XFCE
ACER 5750G :: Intel Core i5-2450M @ 2.50GHz :: 6 GB DDR3 :: GeForce GT 630M :: XFCE
YDenis
Добрый.
Чтоб не плодить темы и на правах ТС спрошу.
server.conf:
port 1194
proto tcp
dev tun
ca ca.crt
cert yyyy.crt
key yyyy.key
dh dh.pem
server 10.9.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
tls-auth ta.key 1
auth SHA1
cipher AES-256-CBC
client-to-client
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
verb 3
Запускаю:
ubuntu@ip-172-31-41-114:~$ cd /etc/openvpn && sudo openvpn /etc/openvpn/server.confКуда нужно посмотреть чтобы найти ошибку?
Wed Oct 27 14:42:36 2021 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021
Wed Oct 27 14:42:36 2021 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Wed Oct 27 14:42:36 2021 Diffie-Hellman initialized with 2048 bit key
Wed Oct 27 14:42:36 2021 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Oct 27 14:42:36 2021 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Oct 27 14:42:36 2021 ROUTE_GATEWAY 172.31.32.1/255.255.240.0 IFACE=eth0 HWADDR=06:65:5c:42:3d:e6
Wed Oct 27 14:42:36 2021 TUN/TAP device tun2 opened
Wed Oct 27 14:42:36 2021 TUN/TAP TX queue length set to 100
Wed Oct 27 14:42:36 2021 /sbin/ip link set dev tun2 up mtu 1500
Wed Oct 27 14:42:37 2021 /sbin/ip addr add dev tun2 local 10.9.0.1 peer 10.9.0.2
Wed Oct 27 14:42:37 2021 /sbin/ip route add 10.9.0.0/24 via 10.9.0.2
RTNETLINK answers: File exists
Wed Oct 27 14:42:37 2021 ERROR: Linux route add command failed: external program exited with error status: 2
Wed Oct 27 14:42:37 2021 Could not determine IPv4/IPv6 protocol. Using AF_INET
Wed Oct 27 14:42:37 2021 Socket Buffers: R=[131072->131072] S=[16384->16384]
Wed Oct 27 14:42:37 2021 TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)
Wed Oct 27 14:42:37 2021 Exiting due to fatal error
Wed Oct 27 14:42:37 2021 Closing TUN/TAP interface
Wed Oct 27 14:42:37 2021 /sbin/ip addr del dev tun2 local 10.9.0.1 peer 10.9.0.2
благодарю
ALiEN175
ip a; echo; ip r
systemctl list-units | grep vpn
ASUS P5K-C :: Intel Xeon E5450 @ 3.00GHz :: 8 GB DDR2 :: Radeon R7 260X :: XFCE
ACER 5750G :: Intel Core i5-2450M @ 2.50GHz :: 6 GB DDR3 :: GeForce GT 630M :: XFCE
YDenis
ip a; echo; ip r
systemctl list-units | grep vpn
ubuntu@ip-172-31-1-60:/etc/openvpn$ ip a; echo; ip r
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc fq_codel state UP group default qlen 1000
link/ether 0a:d5:d7:1b:b0:08 brd ff:ff:ff:ff:ff:ff
inet 172.31.1.60/20 brd 172.31.15.255 scope global dynamic eth0
valid_lft 2132sec preferred_lft 2132sec
inet6 fe80::8d5:d7ff:fe1b:b008/64 scope link
valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
link/none
inet 172.21.55.1 peer 172.21.55.2/32 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::7e09:68a3:1403:5e8a/64 scope link stable-privacy
valid_lft forever preferred_lft forever
default via 172.31.0.1 dev eth0 proto dhcp src 172.31.1.60 metric 100
172.21.55.0/24 via 172.21.55.2 dev tun0
172.21.55.2 dev tun0 proto kernel scope link src 172.21.55.1
172.31.0.0/20 dev eth0 proto kernel scope link src 172.31.1.60
172.31.0.1 dev eth0 proto dhcp scope link src 172.31.1.60 metric 100
ubuntu@ip-172-31-1-60:/etc/openvpn$ systemctl list-units | grep vpn
openvpn@server.service loaded activating auto-restart OpenVPN connection to server
system-openvpn.slice loaded active active system-openvpn.slice
ALiEN175
Если вручную запускаете, останавливайте либо убирайте автозагрузку.
sudo systemctl stop openvpn@server
ASUS P5K-C :: Intel Xeon E5450 @ 3.00GHz :: 8 GB DDR2 :: Radeon R7 260X :: XFCE
ACER 5750G :: Intel Core i5-2450M @ 2.50GHz :: 6 GB DDR3 :: GeForce GT 630M :: XFCE
shamanhuev
inet 172.21.55.1 peer 172.21.55.2/32
Странная какая то строчка , как по мне. Маска 32 это вроде один единственный адрес ?
YDenis
Если вручную запускаете, останавливайте либо убирайте автозагрузку.
sudo systemctl stop openvpn@server
Остановил, запускаю, но все равно:
ubuntu@ip-172-31-1-60:/etc/openvpn$ sudo systemctl stop openvpn@server
ubuntu@ip-172-31-1-60:/etc/openvpn$ cd /etc/openvpn && sudo openvpn /etc/openvpn/server.conf
Thu Oct 28 12:38:30 2021 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021
Thu Oct 28 12:38:30 2021 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Thu Oct 28 12:38:30 2021 Diffie-Hellman initialized with 2048 bit key
Thu Oct 28 12:38:30 2021 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Oct 28 12:38:30 2021 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Oct 28 12:38:30 2021 ROUTE_GATEWAY 172.31.0.1/255.255.240.0 IFACE=eth0 HWADDR=0a:d5:d7:1b:b0:08
Thu Oct 28 12:38:30 2021 TUN/TAP device tun1 opened
Thu Oct 28 12:38:30 2021 TUN/TAP TX queue length set to 100
Thu Oct 28 12:38:30 2021 /sbin/ip link set dev tun1 up mtu 1500
Thu Oct 28 12:38:30 2021 /sbin/ip addr add dev tun1 local 172.21.55.1 peer 172.21.55.2
Thu Oct 28 12:38:30 2021 /sbin/ip route add 172.21.55.0/24 via 172.21.55.2
RTNETLINK answers: File exists
Thu Oct 28 12:38:30 2021 ERROR: Linux route add command failed: external program exited with error status: 2
Thu Oct 28 12:38:30 2021 Could not determine IPv4/IPv6 protocol. Using AF_INET
Thu Oct 28 12:38:30 2021 Socket Buffers: R=[131072->131072] S=[16384->16384]
Thu Oct 28 12:38:30 2021 TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)
Thu Oct 28 12:38:30 2021 Exiting due to fatal error
Thu Oct 28 12:38:30 2021 Closing TUN/TAP interface
Thu Oct 28 12:38:30 2021 /sbin/ip addr del dev tun1 local 172.21.55.1 peer 172.21.55.2
ubuntu@ip-172-31-1-60:/etc/openvpn$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9001
inet 172.31.1.60 netmask 255.255.240.0 broadcast 172.31.15.255
inet6 fe80::8d5:d7ff:fe1b:b008 prefixlen 64 scopeid 0x20<link>
ether 0a:d5:d7:1b:b0:08 txqueuelen 1000 (Ethernet)
RX packets 265505 bytes 369905067 (369.9 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 26284 bytes 3605037 (3.6 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 610 bytes 61250 (61.2 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 610 bytes 61250 (61.2 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.21.55.1 netmask 255.255.255.255 destination 172.21.55.2
inet6 fe80::7e09:68a3:1403:5e8a prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 28 bytes 1344 (1.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
« Последнее редактирование: 28 Октября 2021, 16:02:12 от YDenis »
ALiEN175
ASUS P5K-C :: Intel Xeon E5450 @ 3.00GHz :: 8 GB DDR2 :: Radeon R7 260X :: XFCE
ACER 5750G :: Intel Core i5-2450M @ 2.50GHz :: 6 GB DDR3 :: GeForce GT 630M :: XFCE
- Печать
Страницы: [1] 2 3 Все Вверх
Since I reinstalled my ArchLinux distro I get an error when I want to use OpenVPN. Here is the full output:
quentin@QuentinDesktop ~/Documents> openvpn --config ulille-vpn.ovpn
2022-01-04 21:52:15 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2022-01-04 21:52:15 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Options error: --up script fails with '/etc/openvpn/update-systemd-resolved': No such file or directory (errno=2)
Options error: Please correct this error.
Use --help for more information.
Here is the truncated ulille-vpn.ovpn file content (I just truncated the CA certificates):
ignore-unknown-option comp-lzo compress
dev tun
persist-tun
persist-key
cipher AES-256-CBC
tls-client
client
resolv-retry infinite
proto udp
remote vpn-etudiant.univ-lille.fr 443
verify-x509-name "vpn-etudiant.univ-lille.fr" name
auth SHA256
auth-user-pass
comp-lzo
compress lzo
#route-nopull
verb 3
pull-filter ignore "dhcp-option DOMAIN"
dhcp-option DOMAIN univ-lille.fr
dhcp-option DOMAIN univ-lille1.fr
script-security 2
setenv PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
up /etc/openvpn/update-systemd-resolved
up-restart
down /etc/openvpn/update-systemd-resolved
down-pre
Note that I didn’t write this one myself, it is given by my university to access its local network.
I already tried to install the openvpn-update-systemd-resolved AUR package and enable it on systemd but it changed nothing.
How can I fix it ?
asked Jan 4, 2022 at 21:03
Okay, after a quick looking at the configuration file (what I did not think before asking this question), I commented the last 4 lines of the chunk I posted, and it works !
I am sorry for asking this question, I though the config file my university distributes was valid but it looks like it is Fedora/Debian specific, which is kind of weird because it works perfectly fine without these four lines.
I hope this short lifespan topic can help someone else in a similar case ! :^)
answered Jan 4, 2022 at 21:18
QuentinQuentin
511 silver badge5 bronze badges
I had the very same problem and it was also the config file trying to run up /etc/openvpn/update-systemd-resolved. Seems to be a distro problem as I’m also running arch.
answered Jan 6, 2022 at 22:24
2
-
#1
I am getting this error on my LXC Containers «ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)»
Ubuntu 20.04.1 LTS (GNU/Linux 5.4.34-1-pve x86_64)
Thanks,
Code:
root@Torrent:/vpn/UDP_Files# openvpn --config Canada-UDP.ovpn
Sat Aug 15 03:39:09 2020 WARNING: file 'userpass.txt' is group or others accessible
Sat Aug 15 03:39:09 2020 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
Sat Aug 15 03:39:09 2020 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Sat Aug 15 03:39:09 2020 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Sat Aug 15 03:39:09 2020 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Aug 15 03:39:09 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]158.69.26.75:4443
Sat Aug 15 03:39:09 2020 UDP link local: (not bound)
Sat Aug 15 03:39:09 2020 UDP link remote: [AF_INET]158.69.26.75:4443
Sat Aug 15 03:39:09 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Aug 15 03:39:09 2020 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1602', remote='link-mtu 1570'
Sat Aug 15 03:39:09 2020 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
Sat Aug 15 03:39:09 2020 [*.fastestvpn.co] Peer Connection Initiated with [AF_INET]158.69.26.75:4443
Sat Aug 15 03:39:10 2020 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:5: register-dns (2.4.7)
Sat Aug 15 03:39:10 2020 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
Sat Aug 15 03:39:10 2020 Exiting due to fatal error
-
#2
For an unprivileged container, I first created a device node with the right permissions on the host (once):
mknod /dev/net/openpvn_containerid c 10 200
chown 100000:100000 /dev/net/openpvn_containerid
And then, I added the following in the containerid.conf :
lxc.mount.entry: /dev/net/openpvn_containerid dev/net/tun none bind,create=file
PS: The devices node is not persistent and it needs to be created every reboot of the host. (As described by the discussion below.)
Last edited: Sep 16, 2020
-
#3
Thanks, AVW
Worked on first try.
-
#4
@avw When I reboot my Proxmox Server, I have to rerun these two commands, otherwise container won’t start.
«mknod /dev/net/openpvn_containerid c 10 200
chown 100000:100000 /dev/net/openpvn_containerid»
-
#5
@avw When I reboot my Proxmox Server, I have to rerun these two commands, otherwise container won’t start.
«mknod /dev/net/openpvn_containerid c 10 200
chown 100000:100000 /dev/net/openpvn_containerid»
Sorry about that. Turns out that I added the following to /etc/rc.local to do this every (re)boot:
[ ! -e /dev/net/openvpn ] && /usr/sbin/modprobe tun && /usr/bin/mknod /dev/net/openvpn c 10 200 && /usr/bin/chown 100000:100000 /dev/net/openvpn
PS: Maybe you will need to enable rc.local in systemd, or put the command line in crontab with an @ reboot…
-
#6
Should I put just like that
» [ ! -e /dev/net/openvpn ] && /usr/sbin/modprobe tun && /usr/bin/mknod /dev/net/openvpn c 10 200 && /usr/bin/chown 100000:100000 /dev/net/openvpn »
or with container id
» [ ! -e /dev/net/openvpn ] && /usr/sbin/modprobe tun && /usr/bin/mknod /dev/net/openvpn_103 c 10 200 && /usr/bin/chown 100000:100000 /dev/net/openvpn_103 «
-
#7
Should I put just like that
» [ ! -e /dev/net/openvpn ] && /usr/sbin/modprobe tun && /usr/bin/mknod /dev/net/openvpn c 10 200 && /usr/bin/chown 100000:100000 /dev/net/openvpn «
or with container id
» [ ! -e /dev/net/openvpn ] && /usr/sbin/modprobe tun && /usr/bin/mknod /dev/net/openvpn_103 c 10 200 && /usr/bin/chown 100000:100000 /dev/net/openvpn_103 »
You can choose the name of the node yourself. openvpn or openvpn_containerIDnumber or whatever you think is helpful.
Just make sure you use the same name in the configuration of the container in /etc/pve/lxc/containerIDnumber.conf.
Also make sure you use the same name in the command line (you forgot _103 in the first command on the second command line in your message).
-
#8
I added the line to rc.local, but it can’t start and I enabled it using this guide https://www.linuxbabe.com/linux-server/how-to-enable-etcrc-local-with-systemd
Code:
[ ! -e /dev/net/openvpn ] && /usr/sbin/modprobe tun && /usr/bin/mknod /dev/net/openvpn c 10 200 && /usr/bin/chown 100000:100000 /dev/net/openvpnCode:
root@vms1:~# systemctl status rc-local
● rc-local.service - /etc/rc.local Compatibility
Loaded: loaded (/etc/systemd/system/rc-local.service; enabled; vendor preset: enabled)
Drop-In: /usr/lib/systemd/system/rc-local.service.d
└─debian.conf
Active: failed (Result: exit-code) since Tue 2020-09-08 07:56:16 EDT; 3s ago
Process: 13702 ExecStart=/etc/rc.local start (code=exited, status=203/EXEC)
Sep 08 07:56:16 vms1 systemd[1]: Starting /etc/rc.local Compatibility...
Sep 08 07:56:16 vms1 systemd[13702]: rc-local.service: Failed to execute command: Exec format error
Sep 08 07:56:16 vms1 systemd[13702]: rc-local.service: Failed at step EXEC spawning /etc/rc.local: Exec format error
Sep 08 07:56:16 vms1 systemd[1]: rc-local.service: Control process exited, code=exited, status=203/EXEC
Sep 08 07:56:16 vms1 systemd[1]: rc-local.service: Failed with result 'exit-code'.
Sep 08 07:56:16 vms1 systemd[1]: Failed to start /etc/rc.local Compatibility.
-
#9
Fixed and working, Instead of creating rc.local manually, had to run this command and then add the line to it.
Thanks,
Code:
printf '%sn' '#!/bin/bash' 'exit 0' | sudo tee -a /etc/rc.local
-
#10
I added the line to rc.local, but it can’t start and I enabled it using this guide https://www.linuxbabe.com/linux-server/how-to-enable-etcrc-local-with-systemd
Code:
[ ! -e /dev/net/openvpn ] && /usr/sbin/modprobe tun && /usr/bin/mknod /dev/net/openvpn c 10 200 && /usr/bin/chown 100000:100000 /dev/net/openvpn/QUOTE]
It sounds like you are missing a#!/bin/bashstarting line in your/etc/rc.local?
-
#11
This is what I have in there,
-
#12
This is what I have in there,
View attachment 19738
Your rc.local bash script terminates with exit 0 before it has a chance to execute the command at the bottom of the file. Please swap the two lines.
PS: Please note that all of this is not specific to the original issue. It is common Linux system administration. If you want the commands to automatically run at every boot on the machine, feel free to use any method you like.
-
#13
Working now, Thanks
I put commands like this
Code:
#!/bin/bash
# OpenVPN Tun Interface
mknod /dev/net/openpvn c 10 200
chown 100000:100000 /dev/net/openpvn
exit 0
-
#14
[root@web ~]# mknod /dev/net/openpvn_containerid c 10 100
mknod: /dev/net/openpvn_containerid: Operation not permitted
anyhelp
I have a server where openvpn worked fine, but I haven’t used it for a while, so I disabled the service. I have now re-enabled the service and get the following error when I start it:
Apr 03 17:17:41 mail2.wilkesley.net systemd[1]: Starting OpenVPN service for server...
Apr 03 17:17:41 mail2.wilkesley.net openvpn[21925]: Options error: --dh fails with '/root/easy-rsa/keys/dh2048.pem': No such file or directory (errno=2)
Apr 03 17:17:41 mail2.wilkesley.net openvpn[21925]: Options error: --ca fails with '/root/easy-rsa/keys/ca.crt': No such file or directory (errno=2)
Apr 03 17:17:41 mail2.wilkesley.net openvpn[21925]: Options error: --cert fails with '/root/easy-rsa/keys/wilkesley.org.crt': No such file or directory (errn>
Apr 03 17:17:41 mail2.wilkesley.net openvpn[21925]: WARNING: cannot stat file '/root/easy-rsa/keys/wilkesley.org.key': No such file or directory (errno=2)
Apr 03 17:17:41 mail2.wilkesley.net openvpn[21925]: Options error: --key fails with '/root/easy-rsa/keys/wilkesley.org.key': No such file or directory (errno>
Apr 03 17:17:41 mail2.wilkesley.net openvpn[21925]: WARNING: cannot stat file '/etc/openvpn/keys/ta.key': No such file or directory (errno=2)
Apr 03 17:17:41 mail2.wilkesley.net openvpn[21925]: Options error: --tls-auth fails with '/etc/openvpn/keys/ta.key': No such file or directory (errno=2)
Apr 03 17:17:41 mail2.wilkesley.net openvpn[21925]: Options error: Please correct these errors.
Apr 03 17:17:41 mail2.wilkesley.net openvpn[21925]: Use --help for more information.
Apr 03 17:17:41 mail2.wilkesley.net systemd[1]: openvpn-server@server.service: Main process exited, code=exited, status=1/FAILURE
Apr 03 17:17:41 mail2.wilkesley.net systemd[1]: openvpn-server@server.service: Failed with result 'exit-code'.
Apr 03 17:17:41 mail2.wilkesley.net systemd[1]: Failed to start OpenVPN service for server.The files exist in the correct place:
[root@mail2 server]# ls -la /root/easy-rsa/keys/dh2048.pem
-rw------- 1 root root 424 Jun 4 2016 /root/easy-rsa/keys/dh2048.pemIf I start the server from the command line, rather than systemd it starts correctly:
[root@mail2 server]# openvpn server.conf
Tue Apr 3 17:24:05 2018 OpenVPN 2.4.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 1 2018
Tue Apr 3 17:24:05 2018 library versions: OpenSSL 1.1.0g 2 Nov 2017, LZO 2.10
Tue Apr 3 17:24:05 2018 Diffie-Hellman initialized with 2048 bit key
Tue Apr 3 17:24:05 2018 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Apr 3 17:24:05 2018 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Apr 3 17:24:05 2018 ROUTE_GATEWAY 176.58.110.1/255.255.255.0 IFACE=enp0s4 HWADDR=f2:3c:91:56:f0:0f
Tue Apr 3 17:24:05 2018 TUN/TAP device tun0 opened
Tue Apr 3 17:24:05 2018 TUN/TAP TX queue length set to 100
Tue Apr 3 17:24:05 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Apr 3 17:24:05 2018 /usr/bin/ip link set dev tun0 up mtu 1500
Tue Apr 3 17:24:05 2018 /usr/bin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Tue Apr 3 17:24:05 2018 /usr/bin/ip route add 10.8.0.0/24 via 10.8.0.2
Tue Apr 3 17:24:05 2018 Could not determine IPv4/IPv6 protocol. Using AF_INET
Tue Apr 3 17:24:05 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Tue Apr 3 17:24:05 2018 UDPv4 link local (bound): [AF_INET][undef]:1194
Tue Apr 3 17:24:05 2018 UDPv4 link remote: [AF_UNSPEC]
Tue Apr 3 17:24:05 2018 GID set to nobody
Tue Apr 3 17:24:05 2018 UID set to nobody
Tue Apr 3 17:24:05 2018 MULTI: multi_init called, r=256 v=256
Tue Apr 3 17:24:05 2018 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Tue Apr 3 17:24:05 2018 ifconfig_pool_read(), in='client.wilkesley.org,10.8.0.4', TODO: IPv6
Tue Apr 3 17:24:05 2018 succeeded -> ifconfig_pool_set()
Tue Apr 3 17:24:05 2018 IFCONFIG POOL LIST
Tue Apr 3 17:24:05 2018 client.wilkesley.org,10.8.0.4
Tue Apr 3 17:24:05 2018 Initialization Sequence CompletedSo what am I doing wrong?
Last edited by geekinthesticks (2018-04-04 07:33:31)