running openvpn client as non-root user?
Hello,
I have just finished installing openvpn server on my router machine running Debian Testing. For now I can connect from a client machine using openvpn client but only as a root user (or by using sudo). The client is an Ubuntu machine. Since I am new to all this openvpn stuff, I have a few basic questions regarding the clients: Do all clients need to run openvpn client command as root or by using sudo? If not, then what is the right way to do so as a non-root user? If yes, then what is the best way to go about it? Do I set up sudo for all users to be able to use openvpn command without having to sudo explicitly? Thanks. -- Please reply to this list only. I read this list on its corresponding newsgroup on gmane.org. Replies sent to my email address are just filtered to a folder in my mailbox and get periodically deleted without ever having been read. -- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org |
running openvpn client as non-root user?
H.S. wrote:
Hello, I have just finished installing openvpn server on my router machine running Debian Testing. For now I can connect from a client machine using openvpn client but only as a root user (or by using sudo). The client is an Ubuntu machine. Since I am new to all this openvpn stuff, I have a few basic questions regarding the clients: Do all clients need to run openvpn client command as root or by using sudo? If not, then what is the right way to do so as a non-root user? If yes, then what is the best way to go about it? Do I set up sudo for all users to be able to use openvpn command without having to sudo explicitly? On Netbook Remix, so I assume also the mainstream version, the Network Manager can set up connections to OpenVPN (it needs a plug-in), and it did not ask me for a password on each use. It was certainly willing to store the client certificate private key passphrase. I don't have the machine at the moment, and I can't recall if I even needed root credentials to configure the connection. -- Joe -- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org |
running openvpn client as non-root user?
On Sat, Nov 07, 2009 at 12:46:01AM -0500, H.S. wrote:
> Hello, > > I have just finished installing openvpn server on my router machine > running Debian Testing. > > For now I can connect from a client machine using openvpn client but > only as a root user (or by using sudo). The client is an Ubuntu machine. > > Since I am new to all this openvpn stuff, I have a few basic questions > regarding the clients: > Do all clients need to run openvpn client command as root or by using sudo? > If not, then what is the right way to do so as a non-root user? > If yes, then what is the best way to go about it? Do I set up sudo for > all users to be able to use openvpn command without having to sudo > explicitly? I think openvpn must have some privileges, as it can modify the route table. I use it with sudo at home. But, I know that NetworkManager can open VPN connections. Here I think it involves a daemon, running as root, and a desktop applet, running as the user, which talk to the daemon. |
running openvpn client as non-root user?
Gilles Mocellin wrote:
> On Sat, Nov 07, 2009 at 12:46:01AM -0500, H.S. wrote: >> Hello, >> >> I have just finished installing openvpn server on my router machine >> running Debian Testing. >> >> For now I can connect from a client machine using openvpn client but >> only as a root user (or by using sudo). The client is an Ubuntu machine. >> >> Since I am new to all this openvpn stuff, I have a few basic questions >> regarding the clients: >> Do all clients need to run openvpn client command as root or by using sudo? >> If not, then what is the right way to do so as a non-root user? >> If yes, then what is the best way to go about it? Do I set up sudo for >> all users to be able to use openvpn command without having to sudo >> explicitly? > > I think openvpn must have some privileges, as it can modify the route > table. > I use it with sudo at home. > > But, I know that NetworkManager can open VPN connections. Here I think > it involves a daemon, running as root, and a desktop applet, running as the user, which talk to the > daemon. The client in my case is a laptop and it is running wicd, not network-manager. IIRC, wicd deals better with wpa and wpa2 in wireless connection (at it least when I installed it to replace networ-manager). I have since tried to give sudo access to openvpn command to the users. That has not worked as well, I think it needed sudo access to some additional commands (e.g. routing, as you mention). -- Please reply to this list only. I read this list on its corresponding newsgroup on gmane.org. Replies sent to my email address are just filtered to a folder in my mailbox and get periodically deleted without ever having been read. -- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org |
running openvpn client as non-root user?
Gilles Mocellin wrote:
> On Sat, Nov 07, 2009 at 12:46:01AM -0500, H.S. wrote: >> Hello, >> >> I have just finished installing openvpn server on my router machine >> running Debian Testing. >> >> For now I can connect from a client machine using openvpn client but >> only as a root user (or by using sudo). The client is an Ubuntu machine. >> >> Since I am new to all this openvpn stuff, I have a few basic questions >> regarding the clients: >> Do all clients need to run openvpn client command as root or by using sudo? >> If not, then what is the right way to do so as a non-root user? >> If yes, then what is the best way to go about it? Do I set up sudo for >> all users to be able to use openvpn command without having to sudo >> explicitly? > > I think openvpn must have some privileges, as it can modify the route > table. > I use it with sudo at home. > > But, I know that NetworkManager can open VPN connections. Here I think > it involves a daemon, running as root, and a desktop applet, running as the user, which talk to the > daemon. Okay, I removed wicd and installed network-manager. I have configured the VPN parameters but the manager gives an error something like no secret key found. Searching google showed that not entering the password while setting up the manager's VPN parameters helps. No go that way either. BTW, in nm, I do not get a choice of setting up X.509 type of connection. Is that normal? -- Please reply to this list only. I read this list on its corresponding newsgroup on gmane.org. Replies sent to my email address are just filtered to a folder in my mailbox and get periodically deleted without ever having been read. -- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org |
| All times are GMT. The time now is 08:05 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.