8000 Vopono forget password after failed connection attempt · Issue #288 · jamesmcm/vopono · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Vopono forget password after failed connection attempt #288

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Nyanraltotlapun opened this issue Dec 26, 2024 · 9 comments
Closed

Vopono forget password after failed connection attempt #288

Nyanraltotlapun opened this issue Dec 26, 2024 · 9 comments

Comments

@Nyanraltotlapun
Copy link

Vopono forget password after failed connection attempt.
Currently I am using vopono with NordVPN under Arch Linux, and it often fails to connect to random server.
After failing, it forgets vpn service password and I need to enter it again.
It is a major pain for me.

Maybe I am missing something?

If I am not, I propose to change this behavior in some way:

  1. Just don't forget password and login.
  2. Or make option to alter this behaivour (forget or no)

Is something from this sounds reasonable? If it is, may I work on it and send pull request?
@jamesmcm
Copy link
Owner

Are you using OpenVPN? If you set up the server config with vopono it should save the OpenVPN password in ~/.config/vopono/nordvpn/openvpn/auth.txt

If it's a custom config you can do the same thing with the OpenVPN config file - https://forums.openvpn.net/viewtopic.php?t=11342

@allan-null
Copy link
allan-null commented Dec 27, 2024
edited
Loading

Vopono forget password after failed connection attempt. Currently I am using vopono with NordVPN under Arch Linux, and it often fails to connect to random server. After failing, it forgets vpn service password and I need to enter it again. It is a major pain for me.

Maybe I am missing something?

If I am not, I propose to change this behavior in some way:

1. Just don't forget password and login.

2. Or make option to alter this behaivour (forget or no)

Is something from this sounds reasonable? If it is, may I work on it and send pull request?

I can confirm the same happens to me on version 0.10.10 with NordVPN under Debian Sid. Vopono just deletes the auth.txt if the connection fails.

@Nyanraltotlapun
Copy link
Author

Are you using OpenVPN? If you set up the server config with vopono it should save the OpenVPN password in ~/.config/vopono/nordvpn/openvpn/auth.txt

If it's a custom config you can do the same thing with the OpenVPN config file - https://forums.openvpn.net/viewtopic.php?t=11342

I am creating config by vopono sync
Choosing NordVPN
And entering login and password when asked.

After this, I am using vopono as follows:
vopono exec -p NordVPN -s county_name --no-proxy "firefox"

When vopono fails to connect to server, next time when I issuing same command it start asking to enter login and password for NordVPN.

@Nyanraltotlapun
Copy link
Author
Nyanraltotlapun commented Dec 27, 2024
edited
Loading

Are you using OpenVPN? If you set up the server config with vopono it should save the OpenVPN password in ~/.config/vopono/nordvpn/openvpn/auth.txt

If it's a custom config you can do the same thing with the OpenVPN config file - https://forums.openvpn.net/viewtopic.php?t=11342

Deletion of auth file is happening here -

vopono/vopono_core/src/network/openvpn.rs

Line 161 in 62b6026

if buffer.contains("AUTH_FAILED") {

It seems that its looking for "AUTH_FAILED" in OpenVPN log. Maybe its false positive?

Or maybe NordVPN servers sometimes failing authorization doe to overload or something.
In any case - its happening pretty often and becomes major inconvenience.

@jamesmcm
Copy link
Owner

Yeah, that makes sense, the aim was to delete the auth file to stop it retrying if the password is wrong and re-prompt the user.

It'd be good to make the existing behaviour an option / separate command though.

@Nyanraltotlapun
Copy link
Author

There is logs from failed connection:

1735419895.723899 40 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations. 
1735419895.723919 3 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
1735419895.723934 40 WARNING: file '/home/kira/.config/vopono/nordvpn/openvpn/auth.txt' is group or others accessible
1735419895.723940 1 OpenVPN 2.6.12 [git:makepkg/038a94bae57a446c+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] built on Dec 16 2024
1735419895.723948 1 library versions: OpenSSL 3.4.0 22 Oct 2024, LZO 2.10
1735419895.723961 1 DCO version: N/A
1735419895.724068 40 WARNING: --ping should normally be used with --ping-restart or --ping-exit
1735419895.724645 1 TCP/UDP: Preserving recently used remote address: [AF_INET]149.22.89.34:1194
1735419895.724670 2b000003 Socket Buffers: R=[212992->212992] S=[212992->212992]
1735419895.724675 1 UDPv4 link local: (not bound)
1735419895.724679 1 UDPv4 link remote: [AF_INET]149.22.89.34:1194
1735419895.759440 14000003 TLS: Initial packet from [AF_INET]149.22.89.34:1194, sid=df5c7719 92d85105
1735419895.759465 40 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
1735419895.831175 14000002 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
1735419895.831318 14000002 VERIFY OK: depth=1, O=NordVPN, CN=NordVPN CA9
1735419895.831441 14000002 VERIFY KU OK
1735419895.831448 14000002 Validating certificate extended key usage
1735419895.831453 14000002 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
1735419895.831457 14000002 VERIFY EKU OK
1735419895.831461 14000002 VERIFY X509NAME OK: CN=ch434.nordvpn.com
1735419895.831465 14000002 VERIFY OK: depth=0, CN=ch434.nordvpn.com
1735419895.865337 14000002 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 4096 bits RSA, signature: RSA-SHA512, peer temporary key: 253 bits X25519
1735419895.865361 1 [ch434.nordvpn.com] Peer Connection Initiated with [AF_INET]149.22.89.34:1194
1735419895.865371 14000003 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
1735419895.865401 14000003 TLS: tls_multi_process: initial untrusted session promoted to trusted
1735419897.091697 22000003 SENT CONTROL [ch434.nordvpn.com]: 'PUSH_REQUEST' (status=1)
1735419897.236995 0 AUTH: Received control message: AUTH_FAILED
1735419897.237146 1 SIGTERM[soft,auth-failure] received, process exiting

8000
@jamesmcm jamesmcm mentioned this issue Dec 29, 2024
Merged
@jamesmcm
Copy link
Owner

Thanks, it's a pain there's no way to distinguish it from a real invalid credentials error.

But this change is made in PR #289 - hopefully I'll have time to release it this week.

@jamesmcm
Copy link
Owner

The auth file deletion issue is fixed in release v0.10.11

@Nyanraltotlapun
Copy link
Author

The auth file deletion issue is fixed in release v0.10.11

Thank you! Vopono is really important to me, I am appreciating you work very much!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jamesmcm @allan-null @Nyanraltotlapun
0