network-manager-openvpn config import ignores tls-crypt section
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
network-manager-openvpn (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
I setup a vpn on raspberry pi with pivpn.
It creates ovpn files with a tls-crypt section
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
<key data>
-----END OpenVPN Static key V1-----
</tls-crypt>
network-manager fails to extract this key and setup the advanced tls-crypt section when one imports the ovpn file and vpn cannot connect (logs only show a timeout).
on the other hand openvpn --config ovpn-file works fine.
extracting the tls-crypt key and setting the tls settings to tls-crypt with this extracted key, enables the vpn to work.
additionally, it doesn't extract the config to verify the name as the ovpn file also requests it do (again, cant set this manually)
ProblemType: Bug
DistroRelease: Ubuntu 19.04
Package: network-
ProcVersionSign
Uname: Linux 5.0.0-27-generic x86_64
ApportVersion: 2.20.10-0ubuntu27.1
Architecture: amd64
CurrentDesktop: KDE
Date: Mon Oct 7 23:30:49 2019
InstallationDate: Installed on 2019-01-06 (274 days ago)
InstallationMedia: Ubuntu 18.10 "Cosmic Cuttlefish" - Release amd64 (20181017.3)
SourcePackage: network-
UpgradeStatus: Upgraded to disco on 2019-04-18 (172 days ago)
You are correct. Thanks. I was so puzzled by this.
I am using KDE. Possibly the network manager interface is different. This is what I did.
Imported the openvpn config file into networkmanger. It makes a connection, it times out, and no amount of debugging gives any more hint.
I edit the openvpn file, and extract the key block into a file.
It is the key block in between <tls-crypt> and </tls-crypt>
so my text file looks like this:
-----BEGIN OpenVPN Static key V1----- 863zzzz4a0ebe95 2
92e2de5ae643729
.
.
.
cc05zxzxczczxxc zxzxczxce902b49 8a5
-----END OpenVPN Static key V1-----
I save it as blabla.key
Then I opened the openvpn connection imported into nm, choose Advanced... on the VPM (openvpn) tab,Choose TLS Settings, and change only two things
Mode is TLS-Crypt
and Key File i give the path of the key file created just before.
And immediately, the connection worked