[SOLVED] How to fix file error? Openvpn not recognizing config files.

skateguy · 2014-09-14 09:43:10

Hi, thanks for taking your time to read my post. Sorry if this issue seems seems trivial but I decided to dive in head first into the linux world without having any background in it so I am still learning the basics.

I am trying to use the openvpn client on my desktop. When ever I run sudo openvpn /etc/openvpn/client.conf I get these errors.

Options error: --ca fails with 'ca.crt': No such file or directory
Options error: --cert fails with 'client.crt': No such file or directory
Options error: --key fails with 'client.key': No such file or directory
Options error: Please correct these errors.

When I navigate to the directory /etc/openvpn and use the ls command I can see the files, heres the output:

[cam@localhost openvpn]$ ls
ca.crt client.crt client.ovpn README.txt
client.conf client.key config static.key

They have correct names, so does anyone why openvpn isn't seeing the files? I tried sudo chown -R cam /etc/openvpn so I believe they should have the right permissions. If providing a log file would be beneficial please let me know, I have never done one before so thats why I omitted it.

What are the commands to enable the tun module? Will modprobe tun work?

Last edited by skateguy (2014-09-14 13:22:49)

rebootl · 2014-09-14 10:52:11

I don't use openvpn but have you followed the wiki about configuration ?
https://wiki.archlinux.org/index.php/Op … ation_file

Maybe you simply have to put in the full pathnames in the config ?

Edit: Maybe edit your topic title a bit, to include openvpn or so.

Last edited by rebootl (2014-09-14 10:53:32)

skateguy · 2014-09-14 11:14:47

Yeah I have been following that guide. I'm at the part about testing the openvpn configuration. I didn't bother copying the example config because I already had the actual one. The vpn is being hosted by my android tablet by a third party app. I will see if editing to full filepath will make a difference. I just realized I forgot to enable the tun module after re-reading, although not surer why that would cause this error. The wiki is non-descript about enabling the tun module, it just says enable it. What commands are required to enable tun module?

Last edited by skateguy (2014-09-14 11:23:31)

rebootl · 2014-09-14 11:23:46

Well, it says to look at the Kernel Modules wiki for more info.

To just load it use:

modprobe tun

(as root)

To make it persistent over reboots please see the mentioned wiki: https://wiki.archlinux.org/index.php/Ke … es#Loading

What about the full pathnames ?

skateguy · 2014-09-14 11:31:10

Yeah I saw that just a minute ago, thanks anyways though. I started the tun module but still getting the error. I understand that I should possibly change the file names from ... to /etc/openvpn/... but where would I make this change?

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert client.crt
key client.key

I copied that from the config file, thats the only place I could think of changing filename but I'm not sure.

Last edited by skateguy (2014-09-14 11:36:38)

th3voic3 · 2014-09-14 11:45:26

Fixed your code. You have to give the full path names as rebootl suggested.

# SSL/TLS parms.
# See the server config file for more
# description.  It's best to use
# a separate .crt/.key file pair
# for each client.  A single ca
# file can be used for all clients.
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client.crt
key /etc/openvpn/client.key

skateguy · 2014-09-14 12:01:57

Great, it's working now. the wiki mentioned changing file names but I thought that meant just for the folder it was in, anyways thanks for your help guys. Is there anyway I can verify the connection besides the ip addr command?

Last edited by skateguy (2014-09-14 12:04:02)

tomk · 2014-09-14 12:24:33

Try to connect to some service inside the vpn.

rebootl · 2014-09-14 12:28:48

Cool.

Is there anyway I can verify the connection besides the ip addr command?

There's a wast amount of network tools available...
E.g. you can use ping to check the connection to a host, including localhost:

ping <hostname or ip address>

(use Ctrl+c to terminate)
See 'man ping' for more info.

Please don't forget to mark your thread as solved, when you feel appropriate. (By editing your first post's title and prepend [SOLVED].)

skateguy · 2014-09-14 13:00:25

@rebootl, how would I set the ping command to ping only X times and then quit? The reason I ask this is because I was using the terminal emulator app on android to ssh into my server the other day and I tried the ping command ,it worked but I couldn't stop it because it wasn't responding to the keyboard and had to close the terminal.

@tomk, how would I connect to a service "inside" the vpn. The client runs in terminal. My internet seems to be working fine. the output of ip addr is:

[cam@localhost ~]$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 78:24:af:33:6a:6c brd ff:ff:ff:ff:ff:ff
inet 192.168.11.24/24 brd 192.168.11.255 scope global eno1
valid_lft forever preferred_lft forever
inet6 fe80::7a24:afff:fe33:6a6c/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::d8b9:8cb1:eeaf:7841/64 scope link
valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet 10.8.0.6 peer 10.8.0.5/32 scope global tun0
valid_lft forever preferred_lft forever

Also how can I edit text on here to look like code?

Last edited by skateguy (2014-09-14 13:05:33)

th3voic3 · 2014-09-14 13:04:54

skateguy wrote:

@rebootl, how would I set the ping command to ping only X times and then quit? The reason I ask this is because I was using the terminal emulator app on android to ssh into my server the other day and I tried the ping command ,it worked but I couldn't stop it because it wasn't responding to the keyboard and had to close the terminal.

First of all

man ping

What you want to do is

ping -c 3 www.archlinux.org

This would ping archlinux.org 3 times. And you can stop most commands at any time by pressing ctrl + c.

Last edited by th3voic3 (2014-09-14 13:06:25)

skateguy · 2014-09-14 13:09:48

@th3voic3, what does putting man in front of ping do? Also in the second command what does the -c stand for? I know I can probably look these things up but I figure it can't hurt to ask.

rebootl · 2014-09-14 13:46:01

'man <command>' will give you a manual for many commands.
Try 'man man'.

I know I can probably look these things up but I figure it can't hurt to ask.

https://wiki.archlinux.org/index.php/fo … way_Street says:

Please do not be a "help vampire".

(http://slash7.com/2006/12/22/vampires/)
Thanks

Edit:

Also how can I edit text on here to look like code?

https://bbs.archlinux.org/help.php#bbcode

Last edited by rebootl (2014-09-14 13:49:12)

skateguy · 2014-09-14 13:54:55

@rebootl, thanks, will definitely do my research before asking next time. Oh and thanks for the article link, made me laugh.

tomk · 2014-09-14 16:54:07

skateguy wrote:

how would I connect to a service "inside" the vpn.

Depends what the service is e.g. if you have a ssh daemon running in the vpn, you would use the ssh command.

The fact that your internet is working fine is not relevant here, as you could be accessing the internet via the 192.168.x.x address. What's the purpose of the VPN?

skateguy · 2014-09-14 17:56:00

tomk wrote:

skateguy wrote:
how would I connect to a service "inside" the vpn.
Depends what the service is e.g. if you have a ssh daemon running in the vpn, you would use the ssh command.
The fact that your internet is working fine is not relevant here, as you could be accessing the internet via the 192.168.x.x address. What's the purpose of the VPN?

The vpn is running on my android tablet using the servers ultimate pro app. I wouldn't imagine there would be a ssh daemon running in the app. maybe the tablet has one running? The purpose of the VPN is just to mess around and learn a thing or two, and of course privacy from the government and other people.

tomk · 2014-09-14 18:06:06

Still not very clear. So this VPN is just between your Arch system and your tablet?

ssh was just an example (as indicated by the "e.g."), so I asked about the purpose of the VPN to try to determine what you want to use it for.

You will only get "privacy from the government and other people" if the VPN tunnels out beyond your LAN - if it ends on your tablet, all your internet traffic is still available to such people.

skateguy · 2014-09-15 05:11:54

tomk wrote:

Still not very clear. So this VPN is just between your Arch system and your tablet?
ssh was just an example (as indicated by the "e.g."), so I asked about the purpose of the VPN to try to determine what you want to use it for.
You will only get "privacy from the government and other people" if the VPN tunnels out beyond your LAN - if it ends on your tablet, all your internet traffic is still available to such people.

I'm sorry but my limited knowledge fully prevents me from understanding your respnonses. you ask if the VPN is between my Arch system and my tablet. I would believe so but I would imagine the tablet then forwards the internet request to the outside world. Even if all traffic was visible wouldn't they surmise that the traffic was from said IP when I'm not really located at that IP?

tomk · 2014-09-15 09:43:01

Assuming your setup is typical, you have a router connected to the internet on one side, and your various devices on the other. On the internet side, the router has one public IP address which is used for all your traffic. Your devices, on the other hand, have private IP addresses in the 192.168.x.x range - this is your internal network. The router uses a process called Network Address Translation (NAT) to make traffic from multiple private addresses work with just one public address.

Your VPN goes from one address to another within your internal network, and therefore has no effect at all on the traffic that emerges from the internet side of your router. That's the side that "the government and other people" would be interested in. A VPN capable of hiding your activities would have to go outside your internal network, across the internet, and terminate on some other system - maybe a friend's, or some commercial VPN provider.

Obviously, that's a very brief summary - for messing around and learning, you've made a good start, but there is a wealth of detailed resources on these topics available to you. Have fun!

pazof · 2018-02-23 10:07:32

I had the same problem and as this was one of the very few relevant threads I bumped into. Just wanted to add what worked for me, because this had frustrated me for quite a while now, even manually adding the absolute path didn't do the trick for me - turns out the problem in my case was simply caused by a space character in the path. Removed that, and it worked even without adding the absolute path.

Just my 2 cents, in case it helps anyone else that is frustrated by this.

V1del · 2018-02-23 10:17:56

Thanks for sharing, using the opportunity to close this old thread.

Arch Linux

#1 2014-09-14 09:43:10

[SOLVED] How to fix file error? Openvpn not recognizing config files.

#2 2014-09-14 10:52:11

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#3 2014-09-14 11:14:47

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#4 2014-09-14 11:23:46

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#5 2014-09-14 11:31:10

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#6 2014-09-14 11:45:26

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#7 2014-09-14 12:01:57

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#8 2014-09-14 12:24:33

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#9 2014-09-14 12:28:48

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#10 2014-09-14 13:00:25

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#11 2014-09-14 13:04:54

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#12 2014-09-14 13:09:48

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#13 2014-09-14 13:46:01

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#14 2014-09-14 13:54:55

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#15 2014-09-14 16:54:07

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#16 2014-09-14 17:56:00

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#17 2014-09-14 18:06:06

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#18 2014-09-15 05:11:54

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#19 2014-09-15 09:43:01

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#20 2018-02-23 10:07:32

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

#21 2018-02-23 10:17:56

Re: [SOLVED] How to fix file error? Openvpn not recognizing config files.

Board footer