Wednesday, 22 October 2008

call for testing: network-manager-vpnc update

I've been working on a patch to network-manager-vpnc to better support one-time-passwords (OTP), as suggested by Dan Williams on the NetworkManager discussion list:

If anyone is a little familiar with NetworkManager, and more specifically connecting to VPNs (using the VPNC plugin), then I'd really appreciate if you could test the two updated packages I've built for Intrepid; network-manager-gnome and network-manager-vpnc. Using OTPs to connect to the VPN is a plus.

Some of the major changes are in the vpn connection configuration dialog, where you can setup the type of password to use for the user password and for the group password. The options in both cases are either "Default", for the standard behavior, or static passwords that can be saved to the gnome keyring; "OTP", for one-time-passwords which will be prompted for at every connection (technically saved in the keyring if you choose to do so, but ignored and reprompted every time), or "Unused", for a password that's not actually being used in a particular connection type (I may have missed something there, this is also a case I'd like to test more thoroughly).

Along with the changes above, the authentication dialog only shows the passwords that are OTP or not in keyring, unless it is a "reprompt", in which case even known passwords are shown again, to get a chance to fix spelling mistakes.

The packages are found on my PPA, can be retrieved by using the following lines in /etc/apt/sources.list:

deb intrepid main
deb-src intrepid main
And can be downloaded separately:

- 0.7~~svn20081020t000444-0ubuntu2~ppaintrepid1 (i386)
network-manager-vpnc - 0.7~~svn20081015t024626-0ubuntu2~ppaintrepid1 (i386)

If you'd prefer to apply the patches yourself, I also have them available on Launchpad, in my bzr code branch shortly: lp:~mathieu-tl/+junk/patches. I'll check it again later, bazaar is still giving me trouble.

Thanks to anyone who comments and gives me constructive criticism... :)

5 comments: said...

Hello Matt,

I was testing your version of network-manager-vpnc. I was not able to connect to the VPN with the following error

The VPN connection failed because there were no valid VPN secrets.

I am using Ubuntu8.10. I have configured my password as OTP and group password as Default. Please note that during the initial configuration I had submitted both the password and group password. Whenever I try to connect, there is no prompt for me to enter my OTP.

matt said...

thanks. I did notice some similar issues, for various reasons. I think they happen when there are some secrets already in the session keyring, so restarting network-manager may help. Otherwise, it could be passwords saved to the gnome keyring... In any case, I`ll retest this, verify that the latest version is up, and see if it resolves the problem.

Can I know exactly which version of the package you are using? said...

OK. I have verified the following.. there were no password in the gnome keyring.. neither it was the case of session keys being saved as i had rebooted twice and everything. I was using the 0.7~~svn20081015t024626-0ubuntu2~ppaintrepid1 version from your PPA.

Timmy.Norris said...

Great share Matt. I loved how you simplified everything. Thank you very much.
usa vpn

Marshal Drake said...

Please note that during the initial configuration, it could be passwords saved to the gnome keyring. Thanks for sharing this post.

colocation chicago