Results 1 to 1 of 1
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- May 2011
OpenVPN auth_failed and remote authentication script issue
I managed to get a script for remote authentication using wordpress db as my base access details storage. However I cannot seem to get past AUTH-FAILED issue. Possible source of conflict might be my database query inside the script which returns nothing.
Hope someone with enough knowledge of scripting and database querying can help me here.
here is my vpn_auth.sh:
#!/bin/bash ### Database Informations DBUSER='dbuser' DBPASS='dbpass' DBHOST='host.ip' DBNAME='dbname' ### OpenVPN get's send the filename to the script, with the script's first parameter = $1 ### The file contains 2 lines, Username and Password what the client sent to the server ( --auth-user-pass ) ### When the script finished, the file will be removed vpnnev=`head -n1 $1 | tail -1` # Get the First line -> Username vpnjelszo=`head -n2 $1 | tail -1 ` # Get the Second line -> Password ### Name + Password sqlnev=`mysql -u $DBUSER -p$DBPASS -h $DBHOST --skip-column-name -e "SELECT user_login FROM wp_users WHERE ((user_login = '$vpnnev') AND (user_pass = PASSWORD('$vpnjelszo')));" $DBNAME` ### If the MySQL Query failed, the "sqlnev" variable contains nothing! If the "sqlnev" contains Bob's username, ## we are good to go! If this script exit with errorcode 0, that means the script is successful, OpenVPN will ## If the exit code IS NOT "0", OpenVPN will destroy the tunnel. ## if [ "$sqlnev" == "$vpnnev" ]; then exit 0 else exit 1 fi
Here is my server.conf:
port 9200 proto udp dev tun0 cipher BF-CBC tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 script-security 2 auth-user-pass-verify "/etc/openvpn/vpn_auth" via-file tmp-dir "/etc/openvpn" ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt cert /etc/openvpn/easy-rsa/2.0/keys/server.crt key /etc/openvpn/easy-rsa/2.0/keys/server.key dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem status /etc/openvpn/onlineusers.log 5 client-cert-not-required username-as-common-name server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1" push "dhcp-option DNS 184.108.40.206" push "dhcp-option DNS 220.127.116.11" reneg-sec 0 keepalive 5 30 comp-lzo persist-key persist-tun status server.log verb 3 mute 10
script-security 2 auth-user-pass-verify "/etc/openvpn/vpn_auth" via-file
Im having problem with the following sql query if its right or wrong:
sqlnev=`mysql -u $DBUSER -p$DBPASS -h $DBHOST --skip-column-name -e "SELECT user_login FROM wp_users WHERE ((user_login = '$vpnnev') AND (user_pass = PASSWORD('$vpnjelszo')));" $DBNAME`
Please note that:
are columns for the table "wp_users", which is inside my wordpress db.
Any help on solving this mysql query problem or restructuring of vpn_auth.sh is of great help to me.