ProtonVPN/linux-cli

ProtonVPN ask for VPN secrects and fails to connect

Dyrimon opened this issue · 10 comments

OS: Fedora 35 KDE Plasma, X11 server

protonvpn-cli command doesn't connect to the server instead asks for password. After entering my system user password it waits and asks for it for several times. At the end it fails to connect.
Screenshot_20211222_121612

At the end it shows, You have reached your maximum device limit. Please disconnect another device to connect this one or upgrade to PLUS to get up to 10 devices connected at the same time at https://account.protonvpn.com/dashboard . I'm using the connection only in one device, not in multiple, but it still complains about multiple device.

Entering the openvpn password for ProtonVPN in the dialog box connects to the server successfully. But I have to do this manually. Why is proton failing to get vpn secrects from kwalllet? It's clearly stated there along with the protonvpn username.

@Dyrimon, which version?

@Dyrimon, which version?

ProtonVPN CLI v3.11.0 (protonvpn-nm-lib v3.7.0; proton-client v0.7.1)

This doesn't happen every time, but occasionally.

The same version. Debian 11.2 xfce.
The message about 10 devices also appeared a couple of times. In one case, I agreed to enter the saved password, but the password prompt appeared again. The second time I canceled the password entry, and despite this, the connection was established. I could not reproduce this on purpose.
And after disconnecting from the ProtonVPN server and turning off the device, the connection is established on the second attempt. To avoid this, you need to turn off the kill switch in the configuration.

The same version. Debian 11.2 xfce. The message about 10 devices also appeared a couple of times. In one case, I agreed to enter the saved password, but the password prompt appeared again. The second time I canceled the password entry, and despite this, the connection was established. I could not reproduce this on purpose.

By the "saved password" I hope you mean the openvpn configuration password you get for protonvpn from your proton account. Because no other password will work

And after disconnecting from the ProtonVPN server and turning off the device, the connection is established on the second attempt. To avoid this, you need to turn off the kill switch in the configuration.

I never disconnect from the server before turning off my device. I poweroff and on next reboot protonvpn autoconnects to the fastest server as a cron job and it works fine in most cases. The issue appears when I switch to a different server from the current one (happens with killswitch on both --on/permanent mode). Surely there is a flaw in the configuration if I have to disable the killswitch protection to make this work?

By the "saved password" I hope you mean the openvpn configuration password you get for protonvpn from your proton account. Because no other password will work

OpenVPN / IKEv2 password
Screenshot_2021-12-25_00-43-17
In the "Authentication required" window I do not press any button, and after a minute the output appears in the terminal: "You have reached your maximum device limit ..."

Surely there is a flaw in the configuration if I have to disable the killswitch protection to make this work?

To avoid this, you I need to turn off the kill switch in the configuration.

liu2g commented

I have the same issue but it happens every time without manually entering in OpenVPN password.

System info

  • OS: Arch Linux x86_64
  • Kernel: 5.15.12-arch1-1
  • WM: i3

Proton-VPN related packages are installed from AUR

  • protonvpn metapackage v1.0.0-2
  • protonvpn-cli v3.11.0-1
  • protonvpn-gui v1.7.0-1
  • python-proton-client v0.7.1-1
  • python-protonvpn-nm-lib v3.7.0-1

I have networkmanager and network-manager-applet installed but don't have gnome-keyring or KDE-Wallet as I assume they are not required in the dependencies.

Manually entering the password in works but it would be ideal to get a fix on this such that I don't have to every time trying to connect.


Update: A temporary solution I use as an alternative to gnome-keyring or KDE-Wallet is to use KeePassXC's freedesktop.org secret service integration, but hope this issue get patched soon.

Hi @calexandru2018, sorry to ping you again, but is there any progress on this? Right now the solution is to disable the killswitch completely or logout from the cli and then login again.

Same problem here, sometime the authentication window appears making the service unusable. Disabling killswitch didn't help in my case. Logging out and logging in again, yes. Thanks.

1

I'm having a very similar issue with the 3.13.0 CLI except I don't get a message about too many devices upon failure but instead "Couldn't reach API". This only happens for some servers, more and more as time goes. I'm on the PLUS plan.