Page 1 of 1

After upgrading to 1.7.3 viscosity lost auth-user-pass

Posted: Tue Jul 04, 2017 11:32 pm
by sbarnea
Upgrading from 1.7.1 to 1.7.3 seems to be a complete disaster:

* all the "auth-user-pass" sections were removed from the VPN config files.
* Adding the file manually works, one time because the directive is removed and next time you connect viscosity will not have it
* the clean-log option from view-log dialog does not clean the window anymore.

I checked and this happened on all connections (6 servers configured).

Re: After upgrading to 1.7.3 viscosity lost auth-user-pass

Posted: Mon Jul 10, 2017 11:32 am
by James
Hi sbarnea,
all the "auth-user-pass" sections were removed from the VPN config files.
Viscosity represents this option with the "Use Username/Password authentication" checkbox. Use of a password text file for storing authentication details is not supported - Viscosity supports storing credentials in the Keychain. Adding the "auth-user-pass" command manually to the advanced commands section will cause it to be parsed back into the corresponding checkbox setting.
the clean-log option from view-log dialog does not clean the window anymore
I'm afraid we are unable to find any problems with it. Please keep in mind that it clears the log for the currently selected connection only. If a different connection is then selected at the top of the Details window then its log data (if any) will be displayed.

Cheers,
James

Re: After upgrading to 1.7.3 viscosity lost auth-user-pass

Posted: Mon Jul 10, 2017 6:27 pm
by sbarnea
It seems that you totally missed the 2FA use-case, where the only way to implement a reliable (self-restoring) VPN connection is to use the "auth-user-pass" file in combination with before-connect-script which generates the one-time-password in that file.

This is a standard use case of OpenVPN which worked well even with Viscosity in the past. Now this is broken forcing users to drop use of Viscosity.

Re: After upgrading to 1.7.3 viscosity lost auth-user-pass

Posted: Mon Aug 07, 2017 8:37 pm
by sbarnea
Sorry to say it but it seems that I reached an "enough-is-enough" kind of moment, I am going to look for Viscosity replacements because it seems that Sparklabs has little interest in fixing its problems.

One thing is clear and I reported it several times: Adding "auth-user-pass" on advanced config used to work well on Viscosity and the config was persistent. Now, with recent versions, this is no longer working because some smart engineer decided to drop that section from config sometimes after the first connection.

So, if you add it and connect you will be able to connect *once*, but if you try edit the config again, you will see that the config was "curated"... meaning that the option was removed, so you will fail to connect.

Getting an answer with "not-supported" for a clear regression seems like a good-enough-reason for getting a very pissed off customer. Be sure that I will share my experience with my colleagues, recommending them to look for alternatives.

Also I don't really like the fact that the Forum is very well hidden, is like someone spent some time trying to make it as hard as possible to find the forum. Let me explain why:
- No direct support email address in the client
- No link to the forum inside the client
- Even support page does not have a search box as the top, instead is has at least two different ones hidden somewhere inside the body (none of them visible without scrolling).
- No forum hyperlink in main side top menu, or bottom links.
- On website, you need to scroll *3* screens to reach the forum section where the "Forum" section is not even clickable, but at least you can click one of the sections.

Somehow I have the impression that "UX" is not part of the resume of the guy doing the design... wasting 50% of the screen height on for the page title (measure on 13" MBP screen).

Re: After upgrading to 1.7.3 viscosity lost auth-user-pass

Posted: Thu Dec 07, 2017 7:54 pm
by sbarnea
James wrote:
all the "auth-user-pass" sections were removed from the VPN config files.
Viscosity represents this option with the "Use Username/Password authentication" checkbox. Use of a password text file for storing authentication details is not supported - Viscosity supports storing credentials in the Keychain. Adding the "auth-user-pass" command manually to the advanced commands section will cause it to be parsed back into the corresponding checkbox setting.
It seems that developers missed the whole point of having credentials from file, this is use when credentials are dynamic! Meaning that if viscosity reads the output of auth-user-pass and save it in config file it it will make login impossible next time because credentials are changed every 30s when you use OTP!

If the user specified `auth-user-pass`, just respect it and make it persistent instead of resetting it every time there is another change made to the config.

I am really displeased about the lack of bug fixes around Viscosity.