Red Hat Bugzilla – Bug 1266779
Can't start openvpn - neither stdin nor stderr are a tty device, can't ask for Private Key password
Last modified: 2017-04-24 13:36:24 EDT
Description of problem:
I try to launch a vpn connection to privateinternetaccess.
openvpn fails to start with the following message :
neither stdin nor stderr are a tty device, can't ask for Private Key password. If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
Openvpn version : 2.3.8 x86_64
Steps to Reproduce:
yum install openvpn openssh-askpass
wget https://www.privateinternetaccess.com/openvpn/openvpn.zip [^]
mv openvpn.zip /etc/openvpn/
mv Japan.ovpn Japan.conf
systemctl start openvpn@Japan.service
openvpn doesn't ask login/password and fails to start
openvpn should ask login/password and then start
OS : CentOs 7.1-1503 x86_64 (fully up to date)
This seems to be an upstream issue as it has also been reported by other people . Apparently OpenVPN changed the way it forks . This was also documented by the upstream project , so I'm not sure what the correct solution is.
Obviously it badly breaks OpenVPN setups, since I'm no longer able to provide the passphrase for my encrypted keys in a convenient manner. Personally I would consider this a regression, maybe someone in the appropriate position can evaluate this for himself.
There is now a Fedora bug 1279210 for the same issue, which refers to upstream ticket, which has a patch that fixes username/password authentication.
Closing this, as I believe this is be resolved in OpenVPN v2.4.x