Bug 616014 - Unable to create ovpn connection without providing private key passphrase
Summary: Unable to create ovpn connection without providing private key passphrase
Alias: None
Product: Fedora
Classification: Fedora
Component: NetworkManager-openvpn
Version: 13
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Dan Williams
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2010-07-19 13:31 UTC by Christopher J. Buckley
Modified: 2011-06-29 13:17 UTC (History)
6 users (show)

Clone Of:
Last Closed: 2011-06-29 13:17:32 UTC

Attachments (Terms of Use)

Description Christopher J. Buckley 2010-07-19 13:31:01 UTC
Description of problem:

Previously, when creating an openvpn connection, you could leave the field 'Private Key Password' blank. This would then allow NM to prompt you to enter your passphrase.  

Within the release below, you are NOT able to click 'apply' until you enter your private key passphrase. This - to my mind - is incorrect. I do NOT wish to store my private key passphrase which could potentially unlock my entire network to someone able to break into my user account.   

Please could the original behaviour where a private key passphrase is PROMPTED if not specified in the creation of the ovpn connection within NM. 

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Please see above. 
Actual results:

Expected results:

Additional info:

Comment 1 Dan Williams 2010-09-08 17:23:11 UTC
In what format is your private key?  Could you paste in the top few lines of it?  I'll need to see that to ensure that NM-openvpn is correctly detecting that the private key is *not* encrypted.

There was support added in late May to ensure that unencrypted private keys could be used so this is expected to work, but we may need to enhance the bits that detect whether the private key file is in fact encrypted or not.

Comment 3 Graeme Gillies 2010-10-05 06:15:34 UTC
I am experiencing the same problem,

the top few lines of my openvpn private key are

Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,604A2D4D9F764359

Comment 4 Graeme Gillies 2010-10-05 06:18:24 UTC
Also just to clarify, I know the private key is encrypted, and thus does need a passphrase, the problem is we want NetworkManager to prompt for the passphrase each time we connect instead of forcing us to enter and store it within networkmanager as it does at the moment.

Comment 5 Bug Zapper 2011-06-01 13:28:00 UTC
This message is a reminder that Fedora 13 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 13.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '13'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 13's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 13 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 

Comment 6 Christopher J. Buckley 2011-06-25 23:14:37 UTC
Running Fedora 15, this issue still persists. Why am I being forced to store my passphrase when I do not wish to?

Comment 7 Bug Zapper 2011-06-29 13:17:32 UTC
Fedora 13 changed to end-of-life (EOL) status on 2011-06-25. Fedora 13 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.