Re: NM-vpn no vpn secrets

[Dan Williams <dcbw redhat com>]

On Thu, 2010-01-21 at 10:26 +0100, Ferry Toth wrote:
> Yes, the X.509 Certificates method is used. The Certificate requires a
> key, the Key file has no password. The results is that about once in 5
> tries the connection gets established, possibly depending on the time
> between retries.
> 
> The workaround just switches to X.509 with password, changes no other
> settings, and I fill in a bogus username and password as Anton
> suggests. Now the connection always is established in one try.

Yeah, this is obviously sub-optimal for two reasons; (1) your private
key is not encrypted and thus is vulnerable, and (2) the UI doesn't
detect an unencrypted private key and handle it properly.

Dan

> 
> ---
> Ferry Toth
> Oranjeplantage 34
> 2611 TK Delft
> Nederland
> Tel: +31(15)2133191 
> 
> 
> On wo, 2010-01-20 at 15:05 -0800, Dan Williams wrote: 
> > On Wed, 2010-01-20 at 23:36 +0100, Ferry Toth wrote:
> > > Dan,
> > > 
> > > Yes I deleted that. What was before were the messages that you get
> > > when successfully establishing a VPN connection. SIGTERM[hard,]
> > > happens because I manually close the vpn at that point. I assumed
> > > those log before were not that interesting.
> > > 
> > > BTW Anton Lindström found a work around the problem
> > > Anton Lindström wrote on 2009-12-04: #97
> > > (https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/453807), transcription follows:
> > > 
> > > Just want to comment that I have found a workaround for
> > > network-manager-openvpn: Instead of selecting authentication type
> > > "Certificate (TLS)" (I'm translating this to English so it might not
> > > be exactly the same) I select "Password with certificate (TLS)". Then
> > > I fill in a bogus username and password.
> > 
> > Ok, I assume that you are using a TLS connection and the private key is
> > *not* protected iwth a password?
> > 
> > Dan
> > 
> >