NordVPN App - "Whoops! Cannot reach System Daemon." when running "nordvpn c"
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
NordVPN App - "Whoops! Cannot reach System Daemon." when running "nordvpn c"
Hello,
i have installed NordVPN App from SlackBuilds and have done the described instructions there - like adapting rc.local and rc.local_shutdown files to start and stop service automatically.
I have not done the described steps in the very first post in this guide
When i try to run
Code:
nordvpn c
i get error
Code:
Whoops! Cannot reach System Daemon.
Apprently something is not right, could you please help me find and fix it?
thanks!
Distribution: Slackware64-current with "True Multilib" and KDE4Town.
Posts: 9,131
Rep:
Quote:
Originally Posted by hitest
Thanks for the tutorial cwizardone! That works very well!
You are welcome.
If you have Wireguard installed and would like Nordvpn to use it for "enhanced security,"
as root, run,
Quote:
nordvpn set technology nordlynx
after you start the daemon, but before you run, nordvpn c
It will return the message, "Technology is successfully set to 'NordLynx."
You only have to do that once.
Last edited by cwizardone; 12-05-2021 at 08:02 AM.
Distribution: Slackware64-current with "True Multilib" and KDE4Town.
Posts: 9,131
Rep:
Quote:
Originally Posted by glupa4e
This works, thanks, do you also know where i could change the default server which the daemon would connect to?
Sorry, no I don't.
As a subscriber you have access to their online tutorials. It isn't the best documentation I've ever seen, but the answer might be there somewhere.
Good luck.
Distribution: VM Host: Slackware-current, VM Guests: Artix, Venom, antiX, Gentoo, FreeBSD, OpenBSD, OpenIndiana
Posts: 1,011
Rep:
Quote:
Originally Posted by cwizardone
You are welcome.
If you have Wireguard installed and would like Nordvpn to use it for "enhanced security,"
as root, run,
after you start the daemon, but before you run, nordvpn c
It will return the message, "Technology is successfully set to 'NordLynx."
You only have to do that once.
Wireguard does not provide "enahnced security" in comparison to OpenVPN. Currently the only advantage is speed. On the other hand Wireguard is UDP only protocol which limits it usage to the places where VPN is allowed.
From privacy standpoint OpenVPN is still superior.
Currently wireguard is better for speed and provides good privacy, OpenVPN provides good speed and better privacy.
Distribution: Slackware64-current with "True Multilib" and KDE4Town.
Posts: 9,131
Rep:
Nordvpn went about it a little differently.
Quote:
....To put it less technically: by implementing the out-of-the-box WireGuard protocol in our service, we would have put your privacy at risk. And we would never do this.
So we had a puzzle to solve: how can we bring WireGuard’s benefits to our users while strengthening the wobbly privacy part?
How we made it work.
We needed to find a way for the WireGuard protocol to work without posing a risk to our customers’ privacy.
And we found it. We developed something called a double NAT (Network Address Translation) system.
To put it simply, the double NAT system creates two local network interfaces for each user. The first interface assigns a local IP address to all users connected to a server. Unlike in the original WireGuard protocol, each user gets the same IP address.
Once a VPN tunnel is established, the second network interface with a dynamic NAT system kicks in. The system assigns a unique IP address for each tunnel. This way, internet packets can travel between the user and their desired destination without getting mixed up.
The double NAT system allows us to establish a secure VPN connection without storing any identifiable data on a server. Dynamic local IP addresses remain assigned only while the session is active. Meanwhile, user authentication is done with the help of a secure external database.....
There's only one little problem with commercial VPNs: many of them are untrustworthy. So, what can you do? Well, run your own of course is the open-source answer. And, today, your VPN of choice is Linux's built-in VPN: WireGuard.
This is first sign of pure PR:
Wireguard as well as OpenVPN uses external services to create tunnel. The customer one way or another has to trust service provider.
Quote:
Torvalds loved WireGuard because, "Maybe the code isn't perfect, but I've skimmed it, and compared to the horrors that are OpenVPN and IPSec, it's a work of art."
Of course the code isn't perfect (no human product is perfect). As I stated before, you have serious issues with user IP address retained on the server. NordVPN uses nordlynx and Mullvard and OVPN clean data after 180s if connection is broken.
This is an issue that OpenVPN does not have to deal with. "Enhanced security" is an attempt to be on par with OpenVPN which simply does not have this problem.
Quote:
Just in terms of sheer lines of code, for example, OpenVPN weighs in at 70,000 lines of code. Or, if implemented with OpenSSL, as it usually is, it comes in at a hefty 600,000 total lines of code. WireGuard? It's a mere 4,000 lines of code. That makes it, as many security experts have pointed out, much simpler to audit for security problems.
..and what about growing number of kernel lines of code? Does it make kernel less secure? Up until now OpenVPN code was/is thoroughly audited so ona can trust OpenVPN as much as possible. On the other hand Wireguard is quite new and until year or less ago even Wireguard official site warned that this is beta software.
Quote:
He suggested it be supplemented with a new cryptographic subsystem: His own Zinc library.
ok
Quote:
Some Zine elements have been imported into the legacy crypto code in the Linux 5.5 kernel.
..and I always hear how difficult is to implement a new crypto.
Quote:
Today, WireGuard is a layer 3 secure VPN. While it started in Linux, WireGuard code quickly became cross-platform. Today it runs on Windows, macOS, BSD, iOS, and Android. Indeed, there's already a native, albeit experimental Windows WireGuard port. You name it, you can probably run WireGuard on it.
I can do the same with OpenVPN
Quote:
By itself, for example, WireGuard doesn't dynamically assign IP addresses. So, by itself, every time you use it, you get the same, easy-to-track static IP address. That, in turn, means WireGuard must log and store your IP address and timestamps. Both OpenVPN and IKEv2 avoid these security concerns by dynamically assigning IP addresses.
This is a serious privacy concern, personally for me this is no go (I would not use IKEv2 either if I can help it).
Limiting traffic to UDP only may help:
ISPs to throttle VPN Traffic
some countries make VPNs illegal and block VPNs (DPI)
streaming platforms successfully block VPNs
using OpenVPN provides an extra layer of privacy
In the future I will switch to Wiregard, after my concerns are solved but I am not in the rush.
some countries make VPNs illegal and block VPNs (DPI)
My country doesn't block VPNs, but, my bank does. Banking transactions should be really secure. It annoys me that I can't use a VPN to login to the bank.
Distribution: Slackware64-current with "True Multilib" and KDE4Town.
Posts: 9,131
Rep:
Quote:
Originally Posted by hitest
My country doesn't block VPNs, but, my bank does. Banking transactions should be really secure. It annoys me that I can't use a VPN to login to the bank.
I've never had any problems connecting to the banks I use when using Nordvpn's extension for Firefox.
Out of curiosity, I just fired up NordLynx, as per the instructions in post #2, above, and had no problems connecting to the same institutions.
The only site I haven't been able to connect to using a VPN is The Linux Kernel Archive.
Amazon Prime works. Netflix works, but using a VPN generates a security warning.
Last edited by cwizardone; 12-09-2021 at 11:01 AM.
I've never had any problems connecting to the banks I use when using Nordvpn's extension for Firefox.
You're lucky! I was able to use NordVPN to connect to my bank and then suddenly I could not. I became curious and called my bank. They confirmed that they are now blocking VPN access. Annoying.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.