Skip to content
yubikey
Got a problem with Viscosity or need help? Ask here!
- Posts: 2
- Joined: Wed Aug 08, 2018 9:33 am
I tried following the instructions on https://www.sparklabs.com/support/kb/ar ... viscosity/
I also tried using the U2F method (https://www.sparklabs.com/support/kb/ar ... viscosity/)
With the one time password method, it just never connects
The patched version of OpenVPN in method 2 would not install
I am using an OpenVPN 2.4 server installed on Ubuntu. Been my experience that when something won't make, you can chase failed dependencies until you are cross-eyed and never get it to work, so I am trying to get the simpler OTP method. I don't, however, know where to look for the problem. I tried it several times, and I know I didn't miss anything
I also tried using the U2F method (https://www.sparklabs.com/support/kb/ar ... viscosity/)
With the one time password method, it just never connects
The patched version of OpenVPN in method 2 would not install
I am using an OpenVPN 2.4 server installed on Ubuntu. Been my experience that when something won't make, you can chase failed dependencies until you are cross-eyed and never get it to work, so I am trying to get the simpler OTP method. I don't, however, know where to look for the problem. I tried it several times, and I know I didn't miss anything
Hi jeffgbrock,
I recommend checking the OpenVPN log to see why you're unable to connect:
https://www.sparklabs.com/support/kb/ar ... envpn-log/
Please note that we can only offer support for the Viscosity side of things - we simply don't have the available capacity to support server setups. However generally the log should indicate what is going on.
Cheers,
James
I recommend checking the OpenVPN log to see why you're unable to connect:
https://www.sparklabs.com/support/kb/ar ... envpn-log/
Please note that we can only offer support for the Viscosity side of things - we simply don't have the available capacity to support server setups. However generally the log should indicate what is going on.
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
- Posts: 2
- Joined: Wed Aug 08, 2018 9:33 am
Best I can tell, the problem lies in the script openvpn_otp_auth.py
I can connect fine with the certificate/key method.
If I add the lines
auth-user-pass-verify opevnpn_otp_auth.py via-env
script-security 3
and comment out user nobody/group/nogroup
to my server.conf file
then the log shows the connection attempt hanging until you get a 'TLS key negotiation failed to occur within 60 seconds...' error
The script has been made executable, it has been amended with the clientID/secret key from yubico
PAM and yubico-client are installed.
I can connect fine with the certificate/key method.
If I add the lines
auth-user-pass-verify opevnpn_otp_auth.py via-env
script-security 3
and comment out user nobody/group/nogroup
to my server.conf file
then the log shows the connection attempt hanging until you get a 'TLS key negotiation failed to occur within 60 seconds...' error
The script has been made executable, it has been amended with the clientID/secret key from yubico
PAM and yubico-client are installed.
It's possible there could be a problem with the Python install on the machine. Try running the command "/usr/bin/python /path/to/openvpn_otp_auth.py" and see it it's able to run (it'll of course fail as it's not being run by OpenVPN itself, but if you see any exceptions for missing dependancies etc. that is likely the problem).
Otherwise, I recommend setting up a clean install of Ubuntu inside a virtual machine, and setting it up under that. Assuming that it works, you should be able to work backwards to see where things are going wrong on your actual Ubuntu install.
Cheers,
James
Otherwise, I recommend setting up a clean install of Ubuntu inside a virtual machine, and setting it up under that. Assuming that it works, you should be able to work backwards to see where things are going wrong on your actual Ubuntu install.
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
4 posts
Page 1 of 1