pivpn: Cannot add a client
PiVPN Issue Template
When trying to add a new client, it fails. (see console output below)
Have you searched for similar issues and solutions?
Yes
Console output of pivpn add or pivpn add nopass
$ sudo pivpn add
cat: /etc/pivpn/INSTALL_USER: No such file or directory
Enter a Name for the Client: tes
Enter the password for the client:
Enter the password again to verify:
spawn ./easyrsa build-client-full tes
couldn't execute "./easyrsa": permission denied
while executing
"spawn ./easyrsa build-client-full "tes""
spawn openssl rsa -in pki/private/tes.key -des3 -out pki/private/tes.key
Error opening Private Key pki/private/tes.key
1996073056:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('pki/private/tes.key','r')
1996073056:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load Private Key
expect: spawn id exp6 not open
while executing
"expect "Enter PEM pass phrase" { send "Password\r" }"
[ERROR]: Client Public Key Certificate not found: tes.crt
Console output of pivpn debug
$ pivpn debug
cat: /etc/pivpn/NO_UFW: No such file or directory
::: Generating Debug Output
::: :::
:: PiVPN Debug ::
::: :::
:: Latest Commit ::
::: :::
commit 33ed7e7012d5278162d72c3477a0d9b4345520ab
Merge: 1375fa1 30397f2
Author: redfast00 <redfast00@users.noreply.github.com>
Date: Sat Mar 24 13:39:55 2018 +0100
Merge pull request #502 from stan3/nonexecutable
Changed permission bits on text files.
::: :::
:: Recursive list of files in ::
:: /etc/openvpn/easy-rsa/pki ::
::: :::
/etc/openvpn/easy-rsa/pki/:
ca.crt
dh.pem
index.txt
index.txt.attr
index.txt.attr.old
index.txt.old
issued
private
serial
serial.old
ta.key
/etc/openvpn/easy-rsa/pki/issued:
cli.crt
nes.crt
nexus5.crt
server.crt
/etc/openvpn/easy-rsa/pki/private:
ca.key
cli.3des.key
cli.key
default.txt
nes.3des.key
nes.key
nexus5.3des.key
nexus5.key
server.key
::: :::
:: Output of /etc/pivpn/* ::
::: :::
:: START /etc/pivpn/INSTALL_PORT ::
1194
:: END /etc/pivpn/INSTALL_PORT ::
:: START /etc/pivpn/INSTALL_PROTO ::
udp
:: END /etc/pivpn/INSTALL_PROTO ::
:: START /etc/pivpn/pivpnINTERFACE ::
eth0
:: END /etc/pivpn/pivpnINTERFACE ::
::: :::
:: /etc/openvpn/easy-rsa/pki/Default.txt ::
::: :::
cat: /etc/openvpn/easy-rsa/pki/Default.txt: No such file or directory
::: :::
:: Debug Output Complete ::
::: :::
:::
::: Debug output completed above.
::: Copy saved to /tmp/debug.txt
:::
Console Output of sudo iptables -t nat -S
$ sudo iptables -t nat -S
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 192.168.1.4
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 192.168.1.4
Console Output of sudo iptables -S
$ sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
output of sudo netstat -uanp | grep openvpn
None
Have you taken any steps towards solving your issue?
None
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 23 (5 by maintainers)
@orazioedoardo I downloaded the install.sh file in order to test with those lines added, but when I executed the file locally, it actually worked this time. No errors and no skipped steps. I can add clients and connect from them.
Same issue here. Would prefer not to do a clean install if possible. If I manually create the INSTALL_USER file and write my username inside it, this part of the script works. However it fails later because it can’t find Default.txt (it actually creates the ovpn file but there’s no configuration info in it, just the keys). I don’t get the error about easy-rsa however.
Also when actually installing PiVPN, I never get presented with the option to select public IP or DNS, port etc. The install exits before this (which is probably why the config files are missing in the first place). However it does say the installation is Complete…