Prompts for both the user and group passwords even though group password has been saved

Please open a terminal and run "apport-collect 1043043" to submit more information about the affected system.

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

I've just had this today as well. I'm using xubuntu and had to kill/restart the nm-applet (https://bugs.launchpad.net/ubuntu/+source/network-manager-applet/+bug/1006141 - seems related to suspend/resume).

In my case, going into vpn->edit showed that the group password was marked as "saved" but was blank for one vpn. Another vpnc vpn entry was marked as saved but had the correct group password. Both prompt for group password on connect and fail without entering itii network-manager 0.9.6.0-0ubuntu7 amd64 network management framework (daemon and userspace tools)
ii network-manager-gnome 0.9.6.2-0ubuntu5 amd64 network management framework (GNOME frontend)
ii network-manager-openvpn 0.9.6.0-0ubuntu2 amd64 network management framework (OpenVPN plugin core)
ii network-manager-openvpn-gnome 0.9.6.0-0ubuntu2 amd64 network management framework (OpenVPN plugin GNOME GUI)
ii network-manager-pptp 0.9.6.0-0ubuntu1 amd64 network management framework (PPTP plugin core)
ii network-manager-pptp-gnome 0.9.6.0-0ubuntu1 amd64 network management framework (PPTP plugin GNOME GUI)
ii network-manager-vpnc 0.9.6.0-0ubuntu1 amd64 network management framework (VPNC plugin core)
ii network-manager-vpnc-gnome 0.9.6.0-0ubuntu1 amd64 network management framework (VPNC plugin GNOME GUI)
ii openvpn 2.2.1-8ubuntu1 amd64 virtual private network daemon
ii vpnc 0.5.3r512-2ubuntu1 amd64 Cisco-compatible VPN client
ii libnm-glib-vpn1 0.9.6.0-0ubuntu7 amd64 network management framework (GLib VPN shared library)

I am also experiencing this w/ a vpnc connection on Ubuntu 12.10 amd64.

This bug is currently marked "incomplete". What more can I provide to move this forward.

I'm not experiencing this anymore. I'm not sure if it was a recent update or if something else changed on my system.

Matthew: it should not be incomplete at this time, but I have a request. Could you please upload screenshots of where you enter the password(s) at VPN account setup and where you are asked again. Also, have you installed all updates?

Adding screenshots as requested.

AFAIK, I am running an up to date 12.10.

Are you only using group password? This sounds a bit like bug #321378 and https://bugzilla.redhat.com/show_bug.cgi?id=366361.

I am only saving the group password. The non-group password is unsaved, since it is provided via an RSA key fob. I can confirm the group password is saved in the keyring as a "VPN IPSec secret"

And just to confirm this worked until 12.10.

Reading over bug #321378, I added and saved a bogus password for my VPN account, it was saved in the keyring as "VPN Xauth password" along with the group password "VPN IPsec secret". With both set, I am no longer prompted for any login information, but of course the connection fails since it's not using a valid password.

Sorry for all the comments, but I just worked around the issue by editing, /etc/NetworkManager/system-connections/MY_CONNECTION and setting:

[vpn]
ipsec-secret-type=save
IPSec secret-flags=0

and adding:

[vpn-secrets]
IPSec secret=MYSECRET

I am no longer prompted for anything other than the password when connecting. So obviously we have an issue with NM reading just the group password(IPSec secret) from the keyring.

One last comment. I noticed that with the [vpn-secrets] block in place, editing and saving the group password in the NM GUI updates the config file with the changes. It no longer uses the keyring, but works.

I see this as well. Running 12.10 with all current updates.

For me the problem is intermittent. Sometimes I see it, sometimes not, when I do it is typically after the machine has been idle for a long time.

I've also found that when I get the prompt for both user and group PW, if I hit "cancel" and then try again, it has magically found the group password, I get only the prompt for user password, and everything works great.

Just upgraded to 12.10 from 12.04 and see exactly same as jedxlaom above, including the 'cancel' workaround

The "cancel" workaround does not work here.

The workaround in comment #25 works.

This issue also affects me exactly as reported by Matthew Gregg, it worked fine all the time while I was on Xubuntu 12.04 LTS, it was only recently I moved from LTS to normal and upgraded to 12.10, then this issue started for me

I have am experiencing the same issue. If I wait a couple minutes after logging into the computer, it will just prompt me for my password. But I usually do the "Cancel" work around and by the second "Cancel", I will get just the password prompt.

Linux COMPUTERX 3.5.0-25-generic #39-Ubuntu SMP Mon Feb 25 18:26:58 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

This issue is still visible in Ubuntu 13.04.

Work around still working for me in 13.04 as well.

I've been experiencing same issue and for me the solution was to change in /etc/NetworkManager/system-connections/MY_CONNECTION from:
IPSec secret-flags=1
to:
IPSec secret-flags=0

Work around works for me in 13.04

https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1043043/comments/34 worked for me in 13.04

#34 works for me too in 13.10

#34 works for me on 13.10 64-bit.

I can confirm that #34 worked for me after manually adding [vpn-secrets] as per #25, despite group password already entered in GUI.
Ubuntu 13.10 64-bit, all updates, using cisco VPN with RSA fob.

Still happening in 14.04. When is this bug going to be fixed?

I also experienced this problem in 14.04 after upgrading from 12.04. The workaround of editing the config file in #25 worked for me.

I've also been having this issue since updating from 13.10 to 14.04.

There seemed to be about a 20% chance that the VPN client would work correctly each time I invoked it, which led to frustrating repeated invocations hoping to get lucky.

The one line hack from comment #34 appears to have made it work again.

This is still happening in 14.04. Workaround is in comment #34

This bug is still exists in fresh distribution of Ubuntu Gnome 14.10.

still happening in fresh install of ubuntu 14.10. workaround #25 still valid.

I started experiencing this lately on 14.04 (it used to work before), for all VPN connections. I have all passwords marked as Saved, but I get popup asking for password every time I connect to any VPN connection (OpenVPN, IPSEC, PPTP).

Hi, I experience the same issue also, it used to work also under 14.04, but along the way (updates) this started happening and is very anoying.

I also hit this issue in 14.04. I use "cancel" and connect again (2-4 times if I'm unlucky).

I'm experiencing this on 16.04, too. If i hit "cancel" and then connect again, the group password is filled in. If i store both passwords, everything is fine (but quite insecure). Workaround #25 did not work for me.

Note that the converse issue also occurs: the group password is prompted for even if the remote server does not require it. (That is, I have a configuration file working on the command line with `vpnc` without a "IPSec secret" entry at all, but the GUI plugin seems to require that there be a secret.)

> I started experiencing this lately on 14.04 (it used to work before), for all VPN connections.

Ditto. It is a very annoying issue - it has literally broke my transparent VPN gateway VM. After starting it, nothing works. Now, I have to go into the VM and enter the password manually. I have found no traces of the (rumored on the interwebs) checkbox for "automatically unlock the key ring on log in". It just doesn't exist anywhere.

It is a major regression to me.

Same issue on 14.04. Workaround #25 seems to work fine.