Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error: Connection activation failed: No valid secrets #104

Open
Thomas-Walker-Lynch opened this issue Feb 28, 2021 · 3 comments
Open

Error: Connection activation failed: No valid secrets #104

Thomas-Walker-Lynch opened this issue Feb 28, 2021 · 3 comments

Comments

@Thomas-Walker-Lynch
Copy link

Here is the client machine which is running Gnome and the Network Manager.

[ClientUser@ClientHostName ~]$ lsb_release -a
LSB Version:	:core-4.1-amd64:core-4.1-noarch
Distributor ID:	Fedora
Description:	Fedora release 33 (Thirty Three)
Release:	33
Codename:	ThirtyThree

I edited the client /etc/ssh/ssh_config:

$ grep unnel /etc/ssh/ssh_config
Tunnel yes
#   TunnelDevice any:any

And edited the server /etc/ssh/sshd_config:

# grep unnel /etc/ssh/sshd_config 
# To disable tunneled clear text passwords, change to no here!
PermitTunnel yes

Showing that SSH to the server works fine. The server is running Debian.

[ClientUser@ClientHostName ~]$ ssh root@<server-domain-name>
Linux <server-domain-name> 4.19.0-13-cloud-amd64 #1 SMP Debian 4.19.160-2 (2020-11-28) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun Feb 28 17:04:16 2021 from 90.78.7.14

2021-02-28T17:06:09Z root@<server-hostname>§~§
# exit
logout
Connection to <server-domain-name> closed.

Bringing up the SSH-agent VPN, and getting the dreaded 'No valid secrets' error:

[ClientUser@ClientHostName ~]$ eval ssh-agent $SHELL
[ClientUser@ClientHostName ~]$ ssh-add ~/.ssh/vpn_test
Identity added: /home/ClientUser/.ssh/vpn_test (ClientUser@ClientHostName)
[ClientUser@ClientHostName ~]$ nmcli con
NAME                UUID                                  TYPE      DEVICE      
Wired connection 1  f5afc77e-4a39-3391-8071-eb9db2c439fb  ethernet  enp0s20f0u3 
TLatRTVPN           c46cebc0-db10-4bb8-afbf-3a4f01807110  vpn       --          
[ClientUser@ClientHostName ~]$ nmcli con up id TLatRTVPN
Error: Connection activation failed: No valid secrets
Hint: use 'journalctl -xe NM_CONNECTION=c46cebc0-db10-4bb8-afbf-3a4f01807110 + NM_DEVICE=enp0s20f0u3' to get more details.

The VPN configuration file. This is pretty much just the defaults. The only thing I had to add was the server name. Whenever I put in the server name the Network Manager translated that to the 4 quad IP address, as we seen in the configuration. DNS did not lie, it is the correct address.

[ClientUser@ClientHostName ~]$ sudo cat /etc/NetworkManager/system-connections/VPN\ 1.nmconnection 
[sudo] password for ClientUser: 
[connection]
id=TLatRTVPN
uuid=c46cebc0-db10-4bb8-afbf-3a4f01807110
type=vpn
autoconnect=false
permissions=user:ClientUser:;

[vpn]
auth-type=ssh-agent
local-ip=172.16.40.2
netmask=255.255.255.252
remote=<server-ip-quad>
remote-ip=172.16.40.1
service-type=org.freedesktop.NetworkManager.ssh

[ipv4]
dns-search=
method=auto

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
method=auto

[proxy]
[ClientUser@ClientHostName ~]$

As promised, the log file on the client has a bit more information. I do not show the logs on the server, because I can not find that there are any messages there. It is as if the like the client never tried to contact the server.

[ClientUser@ClientHostName ~]$ journalctl -f
-- Logs begin at Sun 2021-02-28 08:10:09 EST. --
...
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <info>  [1614532272.3404] audit: op="connection-activate" uuid="c46cebc0-db10-4bb8-afbf-3a4f01807110" name="TLatRTVPN" pid=14564 uid=1000 result="success"
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <info>  [1614532272.3527] vpn-connection[0x56225df78700,c46cebc0-db10-4bb8-afbf-3a4f01807110,"TLatRTVPN",0]: Started the VPN service, PID 14628
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <info>  [1614532272.3738] vpn-connection[0x56225df78700,c46cebc0-db10-4bb8-afbf-3a4f01807110,"TLatRTVPN",0]: Saw the service appear; activating connection
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <error> [1614532272.4822] vpn-connection[0x56225df78700,c46cebc0-db10-4bb8-afbf-3a4f01807110,"TLatRTVPN",0]: final secrets request failed to provide sufficient secrets
Feb 28 12:11:12 ClientHostName NetworkManager[1142]: <info>  [1614532272.4851] vpn-connection[0x56225df78700,c46cebc0-db10-4bb8-afbf-3a4f01807110,"TLatRTVPN",0]: VPN plugin: state changed: stopped (6)

Any tips on how to get this running would very much be appreciated, I have been mucking with it for the better of two days with no luck at getting past the 'No valid secrets' error. Folks on freenode #fedora could not think of anything more to be done either.
@mostafabarmshory
Copy link

I have faced the same issue on OpenSuse. Do you fix this?

@brotherJ4mes
Copy link

Same issue here....

Would love to hear if anyone has resolved this.

@0xj0hn
Copy link

0xj0hn commented May 28, 2024

Same issue. Waiting to fix.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mostafabarmshory @brotherJ4mes @0xj0hn @Thomas-Walker-Lynch