Installed openVPN, client fails when it asks for password

Installed OpenVPN server and client, the server runs without any
problem, when I try to run client, it stops at this location by asking
password (below prompt), I didn't configure for any password on server
side, any idea, how to disable this password prompt when client
connects to server.

Enter Private Key Password:


Thanks in advance.

GS wrote:
> Installed OpenVPN server and client, the server runs without any
> problem, when I try to run client, it stops at this location by asking
> password (below prompt), I didn't configure for any password on server
> side, any idea, how to disable this password prompt when client
> connects to server.
>
> Enter Private Key Password:

You probably generated the SSL key pair with a password.
Use OpenSSL to remove it.

Thanks Allen,

you think I have to download OpenSSL on top of OpenVPN on both sides to
disable password authentication, thanks.

GS.

GS wrote:
> Thanks Allen,
>
> you think I have to download OpenSSL on top of OpenVPN on both sides to
> disable password authentication, thanks.

If the private key is protected by a password, you need the password to
decrypt the private key. You can decrypt the private key and store it
in decrypted form if you want. OpenSSL is one way to do this.

The public/private key pair is probably what the client is using to
authenticate to the server. However, if the private key is encrypted,
the client needs the password to decrypt it before it can use it.

The server doesn't care how the client gets the key.

DS

Finally the password is fixed, Now I am getting, "TLS error: handshake
failed" error.

Installed OpenVPN package on server side and client side, generated all
ca.key, server.key and server.crt using the procedure given in the
openVPN HowTO. I am keep getting this "TLS handshake failed", I kept my
server.conf and client.conf files, also I kept the command what I am
giving command-line is below. This log on server side:

Sun Oct 8 16:22:23 2006 59.144.73.140:32822 Expected Remote Options
hash (VER=V4): '70f5b3af'
Sun Oct 8 16:22:23 2006 59.144.73.140:32822 TLS: Initial packet from
192.168.0.66:32822, sid=4f11dbcd 6924dbc6
Sun Oct 8 16:22:26 2006 59.144.73.140:32822 VERIFY ERROR: depth=0,
error=unable to get local issuer certificate:
/C=KG/ST=NA/O=OpenVPN-TEST/CN=Test-Client/emailAddress=(E-Mail Removed)
Sun Oct 8 16:22:26 2006 59.144.73.140:32822 TLS_ERROR: BIO read
tls_read_plaintext error: error:140890B2:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
Sun Oct 8 16:22:26 2006 59.144.73.140:32822 TLS Error: TLS object ->
incoming plaintext read error
Sun Oct 8 16:22:26 2006 59.144.73.140:32822 TLS Error: TLS handshake
failed
Sun Oct 8 16:22:26 2006 59.144.73.140:32822 SIGUSR1[soft,tls-error]
received, client-instance restarting


Server.conf
=======
port 1194
proto udp
dev tun
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/server.crt
key easy-rsa/keys/server.key # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
tls-auth ta.key 0 # This file is secret
persist-key
persist-tun
status openvpn-status.log
verb 3
~

client.conf
=======
client
dev tun
proto udp
remote 192.168.0.68 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/client.crt
key easy-rsa/keys/client.key
tls-auth ta.key 1
verb 3
~

server command
==========
openvpn --config sample-config-files/server.conf --dh
sample-keys/dh1024.pem --tls-auth easy-rsa/keys/ta.key

client command
===========
openvpn --client --dev tun --config sample-config-files/client.conf
--tls-auth easy-rsa/keys/ta.key