Re: OpenVpn plugin NeedSecret
- From: Dan Williams <dcbw redhat com>
- To: Francesco Andrisani <francesco andrisani acotel com>
- Cc: networkmanager-list gnome org
- Subject: Re: OpenVpn plugin NeedSecret
- Date: Thu, 03 Nov 2011 10:43:39 -0500
On Thu, 2011-11-03 at 16:03 +0100, Francesco Andrisani wrote:
> Thanks a lot. But i'm not able to know all parameter to intert into
> my /etc/NetworkManager/system-connections/VPNconnection.
>
> For example keyfile, certficate, ecc
>
> Please can you tell me how to find these informations (all
> parameters)?
At the moment the best way to do this is to edit the connection with
nm-connection-editor; otherwise it's a bit byzantine but the list of
acceptable parameters is here:
http://git.gnome.org/browse/network-manager-openvpn/tree/src/nm-openvpn-service.h
and the values that these keys can contain are in the code, but it's
probably non-trivial to pull them out. I can see where documenting the
acceptable values in the header there would be a nice thing to do.
Otherwise, if you have a config file you're importing from that would
work, or I can help you figure out what to use if you can describe your
VPN setup more. Or nm-connection-editor.
Dan
> Thanks and regards
>
> On Thu, Nov 3, 2011 at 3:51 PM, Dan Williams <dcbw redhat com> wrote:
> On Thu, 2011-11-03 at 10:26 +0100, Francesco Andrisani wrote:
> > Anothe DEBUG info:
> >
> > debian:/etc/NetworkManager# /usr/libexec/nm-openvpn-service
> --debug
> > ** Message: nm-openvpn-service (version 0.9.0) starting...
> > ** Message: real_need_secrets: connection
> > -------------------------------------
> > connection
> > name : "connection"
> > id : "VPNconnection" (s)
> > uuid : "355653c0-34d3-4777-ad25-f9a498b7ef8e" (s)
> > type : "vpn" (s)
> > permissions : [] (sd)
> > autoconnect : FALSE (s)
> > timestamp : 0 (sd)
> > read-only : FALSE (sd)
> >
> >
> > ipv4
> > name : "ipv4"
> > method : "auto" (s)
> > dns : [] (s)
> > dns-search : [] (sd)
> > addresses : [] (s)
> > routes : [] (s)
> > ignore-auto-routes : FALSE (sd)
> > ignore-auto-dns : FALSE (sd)
> > dhcp-client-id : NULL (sd)
> > dhcp-send-hostname : TRUE (sd)
> > dhcp-hostname : NULL (sd)
> > never-default : FALSE (sd)
> > may-fail : FALSE (sd)
> >
> >
> > ipv6
> > name : "ipv6"
> > method : "ignore" (s)
> > dns : [] (s)
> > dns-search : [] (sd)
> > addresses : [] (s)
> > routes : [] (s)
> > ignore-auto-routes : FALSE (sd)
> > ignore-auto-dns : FALSE (sd)
> > never-default : FALSE (sd)
> > may-fail : TRUE (sd)
> >
> >
> > vpn
> > name : "vpn"
> > service-type :
> "org.freedesktop.NetworkManager.openvpn" (s)
> > user-name : NULL (sd)
> > data : [ { 'name': openvpn }, ] (s)
> > secrets : [ ] (s)
>
>
> So here's the problem; the [vpn] setting isn't completely
> specified.
> Did you import this connection from an openvpn config file?
> Unless this
> was changed at some point (or there's a bug in the editor)
> this
> connection was never valid since it doesn't have the required
> connection
> type field and a few other things. Here's what it *should*
> look like:
>
> [vpn]
> service-type=org.freedesktop.NetworkManager.openvpn
> connection-type=password
> password-flags=3
> remote=ovpn.mycompany.com
> cipher=AES-256-CBC
> proto-tcp=yes
> reneg-seconds=0
> port=443
> username=dcbw
> ca=/home/dcbw/MyCA.pem
>
> or something along those lines. If you imported it from a
> config file,
> can you try doing that again? If it still looks like this,
> can you send
> me the config file so I can see what's going wrong?
>
> Dan
>
> > Regards
> >
> >
> > On Thu, Nov 3, 2011 at 10:12 AM, Francesco Andrisani
> > <francesco andrisani acotel com> wrote:
> > OK.
> >
> > So i've installed openvpn client on my workstation
> with
> > certificate authentication and...it work fine.
> > About NetworkManager-openvpn i've installed (from
> sources)
> > 0.9.0 version, the same of NetworkManager (it also
> installed
> > from sources).
> >
> > A clarification...i use the system without X server
> (no gnome,
> > no kde).
> > Below my NetworkManager and NetworkManager-openvpn
> > configuration files.
> >
> > debian:/etc/NetworkManager# cat
> > system-connections/VPNconnection
> > [connection]
> > id=VPNconnection
> > uuid=355653c0-34d3-4777-ad25-f9a498b7ef8e
> > type=vpn
> > autoconnect=FALSE
> >
> > [ipv4]
> > method=auto
> >
> > [vpn]
> > name=openvpn
> > service-type=org.freedesktop.NetworkManager.openvpn
> >
> > [ipv6]
> > method=ignore
> >
> > I've no secrets specified here, Is it correct? I've
> no
> > password for start opevpn client manually. Only
> certificate
> > authentication.
> >
> > debian:/etc/NetworkManager# cat
> VPN/nm-openvpn-service.name
> > [VPN Connection]
> > name=openvpn
> > service=org.freedesktop.NetworkManager.openvpn
> > program=/usr/libexec/nm-openvpn-service
> >
> > Regards
> >
> >
> >
> > On Thu, Nov 3, 2011 at 2:25 AM, Dan Williams
> <dcbw redhat com>
> > wrote:
> > On Wed, 2011-11-02 at 10:21 +0100, Francesco
> Andrisani
> > wrote:
> > >
> (355653c0-34d3-4777-ad25-f9a498b7ef8e/VPNconnection)
> > plugin
> > > NeedSecrets
> > > request #1 failed: dbus-glib-error-quark
> Invalid
> > connection type.
> >
> >
> > This part is the problem. Any chance you
> could paste
> > in your vpn
> > connection file
> > from /etc/NetworkManager/system-connections
> for us to
> > look at? Remove any passwords and XXXX out
> any
> > sensitive information
> > before doing so.
> >
> > Any idea what version of
> NetworkManager-openvpn you've
> > got installed?
> >
> > Dan
> >
> >
> >
> >
> >
> >
> > --
> > ____________________________________________________
> > Francesco Andrisani
> > mailto:francesco andrisani acotel com
> > Acotel Spa
> > http://www.acotel.com
> > Via della Valle dei Fontanili, 29
> > 00168 Roma
> > Tel +390661141200
> > Fax +39066149936
> > ____________________________________________________
> >
> >
> > Le informazioni contenute nella comunicazione che
> precede
> > possono essere riservate e sono, comunque,
> destinate
> > esclusivamente alla persona o all’ente
> sopraindicati. La
> > diffusione, distribuzione e/o copiatura non
> autorizzata del
> > documento trasmesso da parte di qualsiasi soggetto è
> proibita.
> > La sicurezza e la correttezza dei messaggi di
> posta
> > elettronica non possono essere garantite. Se avete
> ricevuto
> > questo messaggio per errore, Vi preghiamo di
> contattarci
> > immediatamente. Grazie.
> >
> > This message is for the named person's use only.
> It may
> > contain confidential, proprietary or legally
> privileged
> > information. No confidentiality or privilege is
> waived or lost
> > by any transmission. If you receive this message
> in error,
> > please immediately delete it and all copies of it
> from your
> > system, destroy any hard copies of it and notify
> the sender.
> > You must not, directly or indirectly, use,
> disclose,
> > distribute, print, or copy any part of this message
> if you are
> > not the intended recipient. Thanks
> >
> >
> >
> >
> >
> >
> > --
> > ____________________________________________________
> > Francesco Andrisani
> > mailto:francesco andrisani acotel com
> > Acotel Spa
> > http://www.acotel.com
> > Via della Valle dei Fontanili, 29
> > 00168 Roma
> > Tel +390661141200
> > Fax +39066149936
> > ____________________________________________________
> >
> >
> > Le informazioni contenute nella comunicazione che precede
> possono
> > essere riservate e sono, comunque, destinate
> esclusivamente alla
> > persona o all’ente sopraindicati. La diffusione,
> distribuzione e/o
> > copiatura non autorizzata del documento trasmesso da
> parte di
> > qualsiasi soggetto è proibita. La sicurezza e la
> correttezza dei
> > messaggi di posta elettronica non possono essere garantite.
> Se avete
> > ricevuto questo messaggio per errore, Vi preghiamo di
> contattarci
> > immediatamente. Grazie.
> >
> > This message is for the named person's use only. It may
> contain
> > confidential, proprietary or legally privileged
> information. No
> > confidentiality or privilege is waived or lost by any
> transmission. If
> > you receive this message in error, please immediately
> delete it and
> > all copies of it from your system, destroy any hard copies
> of it and
> > notify the sender. You must not, directly or indirectly,
> use,
> > disclose, distribute, print, or copy any part of this
> message if you
> > are not the intended recipient. Thanks
> >
> >
>
>
>
>
>
>
> --
> ____________________________________________________
> Francesco Andrisani
> mailto:francesco andrisani acotel com
> Acotel Spa
> http://www.acotel.com
> Via della Valle dei Fontanili, 29
> 00168 Roma
> Tel +390661141200
> Fax +39066149936
> ____________________________________________________
>
>
> Le informazioni contenute nella comunicazione che precede possono
> essere riservate e sono, comunque, destinate esclusivamente alla
> persona o all’ente sopraindicati. La diffusione, distribuzione e/o
> copiatura non autorizzata del documento trasmesso da parte di
> qualsiasi soggetto è proibita. La sicurezza e la correttezza dei
> messaggi di posta elettronica non possono essere garantite. Se avete
> ricevuto questo messaggio per errore, Vi preghiamo di contattarci
> immediatamente. Grazie.
>
> This message is for the named person's use only. It may contain
> confidential, proprietary or legally privileged information. No
> confidentiality or privilege is waived or lost by any transmission. If
> you receive this message in error, please immediately delete it and
> all copies of it from your system, destroy any hard copies of it and
> notify the sender. You must not, directly or indirectly, use,
> disclose, distribute, print, or copy any part of this message if you
> are not the intended recipient. Thanks
>
>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
