5

I am trying to configure my Raspberry Pi as an OpenVPN server on site B. For this setup, I require that the client configuration is stored in a very single file, as it's going to be deployed on my Android phone. I don't want to mess with paths and so: I'll beam the file via Bluetooth and zap!

The configuration is PKI-based. The configuration is inspired to an existing VPN (commented out) of which the Raspy is the client (site B to site A). The "other" VPN can be enabled at any time but, again, it is currently commented out. I am trying this on Windows first before trying to deploy on Android, especially because I can edit and rerun configuration at any time, fast-type with keyboard and copy&paste stuff from the server because I can always remote into it via ssh. On mobile, it will take me a lot of time to test.

Server.conf

port 1194
proto udp
dev tun

ca /etc/ssl/vpn/ca.crt
cert /etc/ssl/vpn/raspy.crt
key /etc/ssl/vpn/raspy.key
dh /etc/ssl/vpn/dh2048.pem
key-direction 1
tls-auth /etc/ssl/vpn/ta.key 0 # This file is secret
cipher AES-256-CBC   # AES


client-config-dir ccd
ifconfig-pool-persist ipp.txt
client-to-client
push "route 192.168.192.0 255.255.255.0 vpn_gateway"
keepalive 10 120
comp-lzo


user nobody
group nogroup
persist-key
persist-tun


status openvpn-status.log
log  /var/log
verb 6 #helps me troubleshoot

Client.conf

dev tun
proto udp
remote raspy.example.me 1194

resolv-retry infinite


nobind


user nobody
group nogroup


persist-key
persist-tun


<ca>
-----BEGIN CERTIFICATE-----
Matches the CA certificate deployed on server
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
This is the client certificate that I have signed with common CA
I assume this part of the setup is fine
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN RSA PRIVATE KEY-----
Client private key
-----END RSA PRIVATE KEY-----
</key>


<dh>
-----BEGIN DH PARAMETERS-----
Matches the content of /etc/ssl/vpn/dh2048.pem
-----END DH PARAMETERS-----
</dh>
cipher AES-256-CBC
remote-cert-tls server


<tls-auth>
-----BEGIN OpenVPN Static key V1-----
matches /etc/ssl/vpn/ta.key
-----END OpenVPN Static key V1-----
</tls-auth>


cipher AES-256-CBC


comp-lzo


log         /var/log/openvpn.log
verb 6

I am confident that the certificates are set correctly, but in the meantime I will re-test them with OpenSSL to make sure the chain is fine.

Connecting, I find the following logs

Server

Tue Jul 28 11:02:25 2020 us=457781 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 28 11:02:25 2020 us=458025 TLS Error: incoming packet authentication failed from [AF_INET]xxx:46976
Tue Jul 28 11:02:27 2020 us=732637 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 28 11:02:27 2020 us=732832 TLS Error: incoming packet authentication failed from [AF_INET]xxx:46976

Client

Tue Jul 28 11:02:25 2020 UDP WRITE [42] to [AF_INET]xxx:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #2 ] [ ] pid=0 DATA len=0
Tue Jul 28 11:02:29 2020 UDP WRITE [42] to [AF_INET]xxx:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #3 ] [ ] pid=0 DATA len=0
Tue Jul 28 11:02:37 2020 UDP WRITE [42] to [AF_INET]xxx:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #4 ] [ ] pid=0 DATA len=0
Tue Jul 28 11:02:53 2020 UDP WRITE [42] to [AF_INET]xxx:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #5 ] [ ] pid=0 DATA len=0

What may be wrong in this setup? How should I fix this?

Research

I have found this topic that claims to be solved

bznelson wrote: ↑
Mon Apr 09, 2018 10:52 pm
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0

bznelson wrote: ↑
Mon Apr 09, 2018 10:52 pm
<tls-crypt>

Ah yes, the tls-auth/tls-crypt, that's it! Thank you so much! I was running a 2.3 server, but I had initially installed 2.4 and I guess there was some cross pollination.

I'm running OpenVPN 2.4.0 on both hosts. I don't know how that linked thread may help me

And in the same topic someone said about the error

This usually means you have the wrong ta.key installed somewhere.

But I have checked three times. The keys are the same but the very difference is that one is on a file, one is inlined

I have tried to completely remove the tls-auth from client and server. The error is fixed and I have the next error to care about. So, the above linked forum was correct, there is some mess between the two identical keys

usr-local-ΕΨΗΕΛΩΝ
  • 4,742
  • Try adding the cipher AES-256-CBC option on both the client and server config. – NeonMan Jul 28 '20 at 09:57
  • @NeonMan thank you. It was present in the original file but I have involuntarily stripped out from my post, which is now up to date – usr-local-ΕΨΗΕΛΩΝ Jul 28 '20 at 11:17
  • I had the same issue just recently. – NeonMan Jul 28 '20 at 12:00
  • @NeonMan There's no point in using anything higher than AES128, as it will remain uncrackable until at least 2030; all an AES256 CBC cipher is going to do on an embedded/IoT device is massively slow throughput, even with AES-NI (an AES256 GCM cipher will benefit significantly, but not CBC). To take advantage of AES-NI, and faster throughput in general, use EC TLS ciphers only (SSL cipher should still be listed in the config for fall-back). – JW0914 Jul 09 '21 at 11:16
  • tls-crypt should always be used, as it prevents MITM attacks (tls-auth was depreciated). You're also missing auth SHA256 (if CPU is x64, use SHA512) and TLS cipher specification [tls-cipher]. To troubleshoot, proto tcp needs to be used, not udp, and when issues with the PSK exist, it's almost always an unintentional copy/paste error (encoding, LF vs CR/LF, etc.) – JW0914 Jul 09 '21 at 11:28
  • The addendum under the Research heading should probably be posted as an answer and self-accepted. – Greenonline Jul 28 '22 at 10:32

3 Answers3

1

Both client and server configuration need to share the same cipher configuration. The line:

cipher AES-256-CBC

Must be present on both.

NeonMan
  • 163
  • 1
  • 1
  • 13
  • This may be an answer in another case. The line was already present in both my files, but I wrongfully deleted it when I posted the question on SU. The question contained wrong code, but still applied – usr-local-ΕΨΗΕΛΩΝ Jul 28 '20 at 13:19
  • I have fixed this problem by deleting both TLS keys. I want to point out that these keys are identical, but declared differently. The server loads a file, while the client has it inline – usr-local-ΕΨΗΕΛΩΝ Jul 28 '20 at 13:20
  • After fixing this problem I am still investigating why I can't connect, because of further errors – usr-local-ΕΨΗΕΛΩΝ Jul 28 '20 at 13:21
  • You can also remove the tls-auth directive (both sides) if it is giving you trouble. It is in most cases entirely optional. – NeonMan Jul 29 '20 at 08:14
  • @NeonMan There's no point in using anything higher than AES128, as it will remain uncrackable until at least 2030; all an AES256 CBC cipher is going to do on an embedded/IoT device is massively slow throughput, even with AES-NI (an AES256 GCM cipher will benefit significantly, but not CBC). To take advantage of AES-NI, and faster throughput in general, use EC TLS ciphers only (SSL cipher should still be listed in the config for fall-back). – JW0914 Jul 09 '21 at 11:17
  • @usr-local-ΕΨΗΕΛΩΝ tls-crypt should always be used, as it prevents MITM attacks (tls-auth was depreciated). You're also missing auth SHA256 (if CPU is x64, use SHA512) and TLS cipher specification [tls-cipher]. To troubleshoot, TCP needs to be used, not UDP, and when issues with the PSK exist, it's almost always an unintentional copy/paste error (encoding, LF vs CR/LF, etc.) – JW0914 Jul 09 '21 at 11:26
0

In my case it was the authentication digest algorithm. Pfsense had a more secure default than the server, so that had to be aligned. SHA-1 is the insecure default, SHA256 seems a better option.

John White
  • 151
0

Maybe your ta.key generate was wrong.

openvpn --genkey tls-auth ta.key (this is wrong!)

please refer official website https://openvpn.net/community-resources/how-to/#hardening-openvpn-security

screenshot: what is tls-auth use for

In my case openvpn 2.5.4

WARNING: Using --genkey --secret filename is DEPRECATED. Use --genkey secret filename instead. EasyRSA Shell

openvpn --genkey secret ta.key

after add following config, it works.

screenshot: tls-auth config

ongyanjin
  • 1
  • 1
  • 1
    Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center. – Community Dec 10 '21 at 20:57
  • Add the config as text *not* as a image. Text in an image can not be copied nor searched. – Greenonline Dec 10 '21 at 22:42