LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-05-2013, 01:46 PM   #1
linuxStudent11
Member
 
Registered: Jun 2007
Posts: 101

Rep: Reputation: 16
openvpn quits after an hour (approx)


Is there something simple that I'm missing?
When I launch openvpn (as a simple client) from bash it quits after about an hour. I type:
Code:
sudo openvpn published.conf
And that config file contains:
Code:
client
remote <where I connect>
ca <my certificate>
comp-lzo yes
daemon yes
dev tun
proto udp
nobind
auth-nocache
script-security 2
persist-key
persist-tun
user openvpn
group openvpn
But when I start it up from the nm-app menu, everything's fine!?! It keeps on running as long as I like.
BTW: The tun device is NOT defined in /etc/network/interfaces . Is that a problem?
Thanks in advance for any help or guesses.
 
Old 07-06-2013, 08:41 AM   #2
pendrive
Member
 
Registered: Mar 2011
Posts: 51

Rep: Reputation: 2
first of all, there is no need define any tun interface in /etc/network/interfaces. it'll be configured when you bring the openvpn up. if the interface is gone after a couple of time, its becuase of the openvpn process get killed some how and you mentioned it. have you ever tried to start openvpn client without daemonizing? is it stoped too? have you checked the log files after the openvpn get stoped?
 
Old 07-06-2013, 06:52 PM   #3
linuxStudent11
Member
 
Registered: Jun 2007
Posts: 101

Original Poster
Rep: Reputation: 16
===

Last edited by linuxStudent11; 07-06-2013 at 06:58 PM.
 
Old 07-06-2013, 06:55 PM   #4
linuxStudent11
Member
 
Registered: Jun 2007
Posts: 101

Original Poster
Rep: Reputation: 16
First, I want to thank you for your kind help! I don't know what to do.
I couldn't find the keyword to force it to not go background...I think that means daemonize.
There was nothing in /var/log/syslog about the termination. There was only stuff about the startup. It logged every startup. It logged no termination. I saw something about how to increase logging levels.

I noticed some things from `ps -AF | grep openvpn`. Maybe this can help. (I removed account info).
Code:
root     14601  2480  0 13734  2484   2 19:43 ?        00:00:00 /usr/lib/NetworkManager/nm-openvpn-service
root     14606 14601  0  7677  4060   3 19:43 ?        00:00:00 /usr/sbin/openvpn --remote <snip> --comp-lzo --nobind --dev tun --proto udp --port 1194 --auth-nocache --syslog nm-openvpn --script-security 2 --up /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --up-restart --persist-key --persist-tun --management 127.0.0.1 1194 --management-query-passwords --route-noexec --client --auth-user-pass --ca /etc/openvpn/ca.crt
The above is the result of the nm-applet startup.
I'm using Debian Squeeze and openvpn 2.1.3 Feb 21 2012.
Thank You!

Last edited by linuxStudent11; 07-06-2013 at 07:02 PM.
 
Old 07-07-2013, 03:36 AM   #5
pendrive
Member
 
Registered: Mar 2011
Posts: 51

Rep: Reputation: 2
Your welcome linuxStudent11
its definitely the "daemon yes" entry. if you remote that, it runs stand alone in terminal and you can see the outputs and probably the errors.
then issue
#openvpn client-config.conf

it'll start in terminal and you can see clearly whats going on. also your ps outputs for nm does not shows anything wrong. make the above changes. I think it'll help you figure out what goes wrong

Last edited by pendrive; 07-07-2013 at 03:38 AM.
 
Old 07-07-2013, 10:44 AM   #6
linuxStudent11
Member
 
Registered: Jun 2007
Posts: 101

Original Poster
Rep: Reputation: 16
Wierdest thing but I tried "daemon no" and it still went background.
hmmm...myabe I should just comment it out? Maybe it doesn't understand "daemon <anything>" thinking it just means "use daemon mode"? I'll try it..
---trying it---
COOL!
I just DELETED "daemon no" and it stayed foreground! Now I'll just wait an hour to see what happens.

Last edited by linuxStudent11; 07-07-2013 at 10:51 AM.
 
Old 07-07-2013, 12:20 PM   #7
linuxStudent11
Member
 
Registered: Jun 2007
Posts: 101

Original Poster
Rep: Reputation: 16
ok, I waited an hour and it stopped with a requery for username/password....FROM the dang terminal, not via the parameters I set.
So I've added the following to my config:
Code:
auth-retry nointeract
# auth-nocache (i.e. I commented this out
I hope I won't need some sort of helper script.
Now I'll wait another hour.
 
Old 07-07-2013, 01:36 PM   #8
linuxStudent11
Member
 
Registered: Jun 2007
Posts: 101

Original Poster
Rep: Reputation: 16
That worked! It was commenting out the auth-nocache that did it.
However, openvpn complains that this caches the username/password in memory and is a weakening of security...understandably. I'm sure the best approach is to demand that an operator type them in every hour...no comment. A "helper function" might fetch them from the keys files. I read that this was a desired but unimplemented feature in openvpn. So I think I'll just live with memory cacheing.
 
Old 07-13-2013, 12:20 AM   #9
pendrive
Member
 
Registered: Mar 2011
Posts: 51

Rep: Reputation: 2
sorry I was more than a little busy I had not even could check my mails.
anyway glad it worked. BTW I used to use openvpn but not with user/pass, I used the client cert and private key and it did not claim anything.
 
  


Reply

Tags
vpn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cron job issue - every hour works, but specific hour fails lunarleviathan Linux - Newbie 6 11-20-2009 12:19 AM
what should my fps be approx? cjae Suse/Novell 5 02-25-2006 10:02 PM
Aergh. X dies on the hour, every hour l00zer Linux - Software 4 06-07-2005 10:02 PM
change clock from 24 hour to 12 hour in suse 9.2/KDE 3.3 jmlumpkin Linux - Newbie 1 01-22-2005 11:45 PM
8.1 approx install time? ab42 Slackware 7 01-13-2003 11:54 AM


All times are GMT -5. The time now is 09:44 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration