Здравствуйте. Имею сервер со следующей конфигурацией:
local 194.xx.xx.xx
port 443
proto udp
dev tun
ca keys/ca.crt
cert keys/server.crt
key keys/server.key
dh keys/dh2048.pem
tls-auth keys/ta.key 0
server 172.16.10.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
max-clients 32
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log-append /var/log/openvpn/openvpn.log
verb 4
mute 20
Конфигурация клиента:
client
dev tun
proto udp
remote 194.xx.xx.xx 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/client/ca.crt
cert /etc/openvpn/client/client2.crt
key /etc/openvpn/client/client2.key
dh /etc/openvpn/client/dh2048.pem
tls-client
tls-auth /etc/openvpn/client/ta.key 0
float
keepalive 10 120
#comp-lzo
verb 3
Запускаю сервер вот так:
openvpn --config /etc/openvpn/client/client.conf
Mon Oct 21 13:39:23 2019 WARNING: Ignoring option 'dh' in tls-client mode, please only include this in your server configuration
Mon Oct 21 13:39:23 2019 WARNING: file '/etc/openvpn/client/client2.key' is group or others accessible
Mon Oct 21 13:39:23 2019 WARNING: file '/etc/openvpn/client/ta.key' is group or others accessible
Mon Oct 21 13:39:23 2019 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2019
Mon Oct 21 13:39:23 2019 library versions: OpenSSL 1.1.1 11 Sep 2018, LZO 2.08
Mon Oct 21 13:39:23 2019 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Oct 21 13:39:23 2019 Error: private key password verification failed
Mon Oct 21 13:39:23 2019 Exiting due to fatal error
При генерации ключей пароль не задавал. В логах на сервере пусто. Из под винды с домашнего компа подключение устанавливается. Подскажите, в какую сторону копать?
