Too many openvpn configuration files on client
Posted: Mon Mar 02, 2020 12:51 am
Hello,
I noticed that if I completely deleted the /etc/openvpn folder in my Ubuntu 18.04 client, I can still use network manager to connect to my openvpas server using network manager, so I'm at a loss as to which configuration file is in use when openvpn is running on Ubuntu.
I then checked all the files in my Ubuntu 18.04 install and see the following, all in lib/systemd/system
openvpn-client@.service
openvpn-server@.service
openvpn.service
openvpn@.service
all in /lib/systemd/system
This is what I'm seeing with ps | aux grep openvpn:
root 3222 0.1 0.0 233444 8868 ? Sl 19:46 0:00 /usr/lib/NetworkManager/nm-openvpn-service --bus-name org.freedesktop.NetworkManager.openvpn.Connection_2
nm-open+ 3228 0.2 0.0 44576 7388 ? S 19:46 0:00 /usr/sbin/openvpn --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 1194 tcp-client --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --comp-lzo no --connect-timeout 4 --nobind --dev tun --dev-type tun --cipher AES-256-CBC --auth-nocache --tls-auth /home/xx/.cert/nm-openvpn/client-tls-auth.pem 1 --ns-cert-type server --reneg-sec 604800 --verb 1 --syslog nm-openvpn --script-security 2 --up /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --debug 0 3222 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_2 --tun -- --up-restart --persist-key --persist-tun --management /var/run/NetworkManager/nm-openvpn-d35xxx38-10ab-xxxx-xxxx-xxxxbff7xx3 unix --management-client-user root --management-client-group root --management-query-passwords --auth-retry interact --route-noexec --ifconfig-noexec --client --ca /home/xx/.cert/nm-openvpn/client-ca.pem --cert /home/xx/.cert/nm-openvpn/client-cert.pem --key /home/xx/.cert/nm-openvpn/client-key.pem --user nm-openvpn --group nm-openvpn --chroot /var/lib/openvpn/chroot
I'm not opposed to doing a complete new install on the client, but am a bit hesitant because I've found in the past that using standard Ubuntu purge and remove procedures leaves a lot of things lingering behind. . .
I noticed that if I completely deleted the /etc/openvpn folder in my Ubuntu 18.04 client, I can still use network manager to connect to my openvpas server using network manager, so I'm at a loss as to which configuration file is in use when openvpn is running on Ubuntu.
I then checked all the files in my Ubuntu 18.04 install and see the following, all in lib/systemd/system
openvpn-client@.service
openvpn-server@.service
openvpn.service
openvpn@.service
all in /lib/systemd/system
This is what I'm seeing with ps | aux grep openvpn:
root 3222 0.1 0.0 233444 8868 ? Sl 19:46 0:00 /usr/lib/NetworkManager/nm-openvpn-service --bus-name org.freedesktop.NetworkManager.openvpn.Connection_2
nm-open+ 3228 0.2 0.0 44576 7388 ? S 19:46 0:00 /usr/sbin/openvpn --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 1194 tcp-client --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --remote xx.xx.xx.xx 443 udp --comp-lzo no --connect-timeout 4 --nobind --dev tun --dev-type tun --cipher AES-256-CBC --auth-nocache --tls-auth /home/xx/.cert/nm-openvpn/client-tls-auth.pem 1 --ns-cert-type server --reneg-sec 604800 --verb 1 --syslog nm-openvpn --script-security 2 --up /usr/lib/NetworkManager/nm-openvpn-service-openvpn-helper --debug 0 3222 --bus-name org.freedesktop.NetworkManager.openvpn.Connection_2 --tun -- --up-restart --persist-key --persist-tun --management /var/run/NetworkManager/nm-openvpn-d35xxx38-10ab-xxxx-xxxx-xxxxbff7xx3 unix --management-client-user root --management-client-group root --management-query-passwords --auth-retry interact --route-noexec --ifconfig-noexec --client --ca /home/xx/.cert/nm-openvpn/client-ca.pem --cert /home/xx/.cert/nm-openvpn/client-cert.pem --key /home/xx/.cert/nm-openvpn/client-key.pem --user nm-openvpn --group nm-openvpn --chroot /var/lib/openvpn/chroot
I'm not opposed to doing a complete new install on the client, but am a bit hesitant because I've found in the past that using standard Ubuntu purge and remove procedures leaves a lot of things lingering behind. . .