OpenVPN: ERROR: could not read Auth username from stdin

Posted by user56231 on Server Fault See other posts from Server Fault or by user56231
Published on 2010-10-11T18:47:14Z Indexed on 2011/11/26 9:59 UTC
Read the original article Hit count: 447

Filed under:

I managed to setup openvpn but now I want to integrate a user/pass authentication method so, even though I haven't added the auth-nocache in the server config, whenever I try to connect it returns with the following message on the client side:

ERROR: could not read Auth username from stdin

My server.conf file contains basic stuff, everything works up untill I try to implement this for of authentication.

mode server
dev tun
proto tcp
port 1194

keepalive 10 120

plugin /usr/lib/openvpn/openvpn-auth-pam.so login

client-cert-not-required
username-as-common-name

auth-user-pass-verify /etc/openvpn/auth.pl via-env

ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem

user nobody
group nogroup
server 10.8.0.0 255.255.255.0

persist-key
persist-tun
#persist-local-ip

status openvpn-status.log
verb 3
client-to-client

push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
log-append /var/log/openvpn
comp-lzo

I searched all over the net for a solution and all answers seems to be related to the auth-nocache param which I haven't set.

The directive auth-user-pass-verify /etc/openvpn/auth.pl via-env points to a script which is executed to perform the authentication. A false authentication should result in a exit 1 while a true one should result with exit 0. For testing, that script auth.pl returns exit 0 no matter what the input is but it seems that the file is not executed before the error raises.

auth.pl file contents:

#!/usr/bin/perl


my $user = $ENV{username};
my $passwd = $ENV{password};

printf("$user : $passwd\n");
exit 0;

Any ideas?

© Server Fault or respective owner

Related posts about openvpn