openvpn configuration with token (pkcs11 provider) blocks the boot
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openvpn (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: openvpn
After updating from Hardy to Intrepid, it seems openvpn is automatically launched on boot, and attemps to open all connections describes in /etc/openvpn/*.conf files. My exact version of OpenVPN here is 2.1~rc9-3ubuntu2.
This causes a problem when using PKCS11 provider options in a configuration file: the boot is interrupted and in text mode a request to insert the token is displayed, like this:
8<-----
NEED-OK|
8<-----
Despite trying all usual escape commands (escape, ctrl+C, ctrl+Z, etc), and actually inserting the token (nothing happened, it is on a USB connection), this completely blocked the boot. I had to restart and then boot in recovery mode and rename my file to avoid the automatic connection.
I feel that launching connections automatically is not the problem - that's a nice feature :) However, I would expect at least to be able to cancel the connection opening, or delay this error message until a user has logged in.
If any further info can help, my config is waiting for your requests.
I agree the boot should not be blocked, an option to cancel the start of that VPN should be provided.
I'll have a look to see if I find an easy fix, I may need your help to test it though, since I don't own such a token ;)
About the autostart feature, note that you can configure which configurations should be autostarted at boot through the /etc/default/ openvpn file.