Slackware-Current user, cannot connect with openvpn, and/or Network-Manager to Nordvpn
by chaz_bro1972 from LinuxQuestions.org on (#6CKT2)
I think a recent upgrade broke Openvpn & Network-Manager. Just a few days ago I was able to use either programs to connect to Nordvpn. Now I cannot.
Openvpn says the following:
Code:bash-5.2# ls /etc/openvpn
README.TXT ca1439.nordvpn.com.udp.conf certs keys ovpn.zip ovpn_tcp ovpn_udp sample-config-files
bash-5.2# openvpn /etc/openvpn/ovpn_udp/#######.nordvpn.com.udp.ovpn
2023-06-29 23:47:29 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2023-06-29 23:47:29 OpenVPN 2.6.5 x86_64-slackware-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-06-29 23:47:29 library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
Enter Auth Username:XXXXXXX@XXXXXX.XXX
Enter Auth Password:
2023-06-29 23:47:58 WARNING: --ping should normally be used with --ping-restart or --ping-exit
2023-06-29 23:47:58 TCP/UDP: Preserving recently used remote address: [AF_INET]37.19.213.12:1194
2023-06-29 23:47:58 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-06-29 23:47:58 UDPv4 link local: (not bound)
2023-06-29 23:47:58 UDPv4 link remote: [AF_INET]37.19.213.12:1194
2023-06-29 23:47:58 TLS: Initial packet from [AF_INET]37.19.213.12:1194, sid=b6739ef8 803791c3
2023-06-29 23:47:58 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2023-06-29 23:47:58 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
2023-06-29 23:47:58 VERIFY OK: depth=1, O=NordVPN, CN=NordVPN CA8
2023-06-29 23:47:58 VERIFY KU OK
2023-06-29 23:47:58 Validating certificate extended key usage
2023-06-29 23:47:58 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-06-29 23:47:58 VERIFY EKU OK
2023-06-29 23:47:58 VERIFY X509NAME OK: CN=ca1439.nordvpn.com
2023-06-29 23:47:58 VERIFY OK: depth=0, CN=ca1439.nordvpn.com
2023-06-29 23:47:58 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512
2023-06-29 23:47:58 [XXXXXX.nordvpn.com] Peer Connection Initiated with [AF_INET]37.19.213.12:1194
2023-06-29 23:47:58 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-06-29 23:47:58 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-06-29 23:47:59 SENT CONTROL [XXXXXXX.nordvpn.com]: 'PUSH_REQUEST' (status=1)
2023-06-29 23:48:04 SENT CONTROL [XXXXXXX.nordvpn.com]: 'PUSH_REQUEST' (status=1)
2023-06-29 23:48:04 AUTH: Received control message: AUTH_FAILED
2023-06-29 23:48:04 SIGTERM[soft,auth-failure] received, process exiting
bash-5.2#Network Manager (nm-applet) keeps posting a dialog box with my password hidden, but already there. I can unhide my password. IT IS CORRECT. So say OK... and it just keeps trying to connect, failing to do so and reasking the same dialog box with my hidden password.
Openvpn says the following:
Code:bash-5.2# ls /etc/openvpn
README.TXT ca1439.nordvpn.com.udp.conf certs keys ovpn.zip ovpn_tcp ovpn_udp sample-config-files
bash-5.2# openvpn /etc/openvpn/ovpn_udp/#######.nordvpn.com.udp.ovpn
2023-06-29 23:47:29 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2023-06-29 23:47:29 OpenVPN 2.6.5 x86_64-slackware-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-06-29 23:47:29 library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
Enter Auth Username:XXXXXXX@XXXXXX.XXX
Enter Auth Password:
2023-06-29 23:47:58 WARNING: --ping should normally be used with --ping-restart or --ping-exit
2023-06-29 23:47:58 TCP/UDP: Preserving recently used remote address: [AF_INET]37.19.213.12:1194
2023-06-29 23:47:58 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-06-29 23:47:58 UDPv4 link local: (not bound)
2023-06-29 23:47:58 UDPv4 link remote: [AF_INET]37.19.213.12:1194
2023-06-29 23:47:58 TLS: Initial packet from [AF_INET]37.19.213.12:1194, sid=b6739ef8 803791c3
2023-06-29 23:47:58 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2023-06-29 23:47:58 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
2023-06-29 23:47:58 VERIFY OK: depth=1, O=NordVPN, CN=NordVPN CA8
2023-06-29 23:47:58 VERIFY KU OK
2023-06-29 23:47:58 Validating certificate extended key usage
2023-06-29 23:47:58 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-06-29 23:47:58 VERIFY EKU OK
2023-06-29 23:47:58 VERIFY X509NAME OK: CN=ca1439.nordvpn.com
2023-06-29 23:47:58 VERIFY OK: depth=0, CN=ca1439.nordvpn.com
2023-06-29 23:47:58 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bit RSA, signature: RSA-SHA512
2023-06-29 23:47:58 [XXXXXX.nordvpn.com] Peer Connection Initiated with [AF_INET]37.19.213.12:1194
2023-06-29 23:47:58 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-06-29 23:47:58 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-06-29 23:47:59 SENT CONTROL [XXXXXXX.nordvpn.com]: 'PUSH_REQUEST' (status=1)
2023-06-29 23:48:04 SENT CONTROL [XXXXXXX.nordvpn.com]: 'PUSH_REQUEST' (status=1)
2023-06-29 23:48:04 AUTH: Received control message: AUTH_FAILED
2023-06-29 23:48:04 SIGTERM[soft,auth-failure] received, process exiting
bash-5.2#Network Manager (nm-applet) keeps posting a dialog box with my password hidden, but already there. I can unhide my password. IT IS CORRECT. So say OK... and it just keeps trying to connect, failing to do so and reasking the same dialog box with my hidden password.