Package Details: cyberghostvpn 1.4.1-12

Git Clone URL: https://aur.archlinux.org/cyberghostvpn.git (read-only, click to copy)
Package Base: cyberghostvpn
Description: CyberGhost VPN
Upstream URL: https://www.cyberghostvpn.com
Licenses: custom:cyberghostvpn
Submitter: safeith
Maintainer: moormaster
Last Packager: moormaster
Votes: 10
Popularity: 0.057690
First Submitted: 2021-02-18 20:46 (UTC)
Last Updated: 2024-12-04 18:08 (UTC)

Pinned Comments

moormaster commented on 2024-08-09 22:32 (UTC) (edited on 2024-08-09 22:33 (UTC) by moormaster)

The problems connecting to openvpn are unrelated to the kernel version. They occur if one uses the updated default /etc/sudoers content.

There has been an update recently: https://gitlab.archlinux.org/archlinux/packaging/packages/sudo/-/commit/4791df5c3deb6355e6a1fe0b40a13ef27ad060b0

that changes

# Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

to

Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

Activating the secure_path setting will prevent cyberghostvpn from running the /usr/local/cyberghost/openvpn wrapper. This means the original /usr/bin/openvpn wrapper gets called with the unsupported --ncp-disable parameter again - and fails.

To make cyberghostvpn work again with openvpn

a) either comment out the Defaults secure_path=... line in /etc/sudoers again

b) or add /usr/local/cyberghost to the beginning of that line

/etc/sudoers

Defaults secure_path="/usr/local/cyberghost:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

c) or downgrade openvpn to <2.6 - that makes it support the --ncp-disable command line parameter again

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 Next › Last »

SR-G commented on 2023-04-11 14:15 (UTC)

Ok, just saw the message you've written just before mine ;) So yes, it's working, good job / good investigations on your isde about having found that issue (indeed, seems quite cyberghostvpn related + it has been a change on their side compared to ubuntu 16 version)

SR-G commented on 2023-04-11 14:11 (UTC)

Well, i have the feeling that with the latest .6 package, the wireguard connection is now working

root@moon ~# cyberghostvpn --country-code FR --wireguard --connect
Prepare Wireguard connection ...
Select server ... marseille-s407-i10
Connecting ... 
VPN connection established.
root@moon ~# cyberghostvpn --status                               
Wireguard connection found.

Was the folder change (that it seems you have applied in the wrapper script) enough to correct the issue (regarding the ../certs/ location of the certificates) ? Good catch, then.

moormaster commented on 2023-04-11 14:10 (UTC)

I did some analyzing. The problem is that cyberghostvpn estabilishes an https connection with verification of the correct ssl certificate. The certificate to check against is expected to be located at a relative path '../certs/wireguard/ca.crt'. But the package does not contain any ca.crt file for wireguard - only for openvpn.

This is why wireguard connections also fail under ubuntu.

As a workaround the ssl certificate can be extracted from one of cyberghosts vpn servers and be placed in a location where the cyberghostvpn binary expects it to find '../certs/wireguard/ca.crt'.

Both - the fact that the binary is using a relative path to look for the ca.crt and the fact that the certificate is missing in the current downloads of the cyberghostvpn - indicates that this is an issue that should be fixed on the side of cyberghostvpn.

Until then the aur package tries to create the missing ca.crt file on its own. Could you please test if a wireguard connection is now possible for you?

SR-G commented on 2023-04-10 10:18 (UTC)

Well, it was working with latest cyberghostvpn at some point in time (some weeks/months ago), so the problem seems clearly related to the other libraries at OS level under archlinux (not compatible anymore in some way with the cyberghost binaries). + the fact that Cyberghost does not officially support Arch Linux + the fact that they are not very active regarding their linux releases + the fact that their software is probably not 100% robust (that kind of issues should generate a clear error message (with some directions about the issue) and not a silent failing)

Otherwise i'm indeed willing to use wireguard and not openvpn (wireguard is way faster and is one of the reason i went for Cyberghost in the first place).

moormaster commented on 2023-04-10 10:10 (UTC)

I get the same behaviour when trying to connect under Ubuntu 20.04 with wireguard. May be this is not a packaging issue but rather a bug? Have you tried to open a ticket to address the wireguard issue at the cyberghostvpn support?

If you don't depend on using wireguard you could try to omit the --wireguard start parameter so that openvpn is used instead. This should work.

SR-G commented on 2023-04-10 09:14 (UTC)

Well, thanks for the repackaging, but in my case, that latest version is still not working :

11:10 root@moon ~# cyberghostvpn --country-code FR --wireguard --connect
Perform authentication ...
Prepare Wireguard connection ...
Select server ... paris-s421-i14
Connecting ... 
11:10 root@moon ~# cyberghostvpn --status                               
No VPN connections found.

I still have to use the "ubuntu1604" 1.4.1 version, which seems to be the only one working on my (up-to-date) archlinux system.

moormaster commented on 2023-04-09 18:46 (UTC)

Cyberghostvpn updated the zip at the download location - the hash value is now updated in AUR accordingly

Bussiii commented on 2023-04-09 17:55 (UTC)

Hash of the zip is still incorrect

==> Validating source files with sha256sums...
    cyberghostvpn-ubuntu-20.04-1.4.1.zip ... FAILED

moormaster commented on 2023-04-04 10:33 (UTC)

openvpn >=2.6 refuses to connect when used with start parameter --ncp-disable. According to the documentation

https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#Option:--ncp-disableStatus:RemovedinOpenVPNv2.6

this parameter is not necessary anymore and can be ommitted. Until cyberghost updates its utility this package now contains an openvpn wrapper as workaround which remove the "--ncp-disable" start parameter before calling the real openvpn command.

This should enable the cyberghostvpn cli utility to work with the most recent openvpn package.

keibak commented on 2023-03-26 12:53 (UTC) (edited on 2023-03-26 13:04 (UTC) by keibak)

Currently this package fails to install. Seems that hash of zip-file is wrong:

  -> Downloading cyberghostvpn-fedora-32-1.4.1.zip...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 5876k  100 5876k    0     0  6298k      0 --:--:-- --:--:-- --:--:-- 6298k
==> Validating source files with sha256sums...
    cyberghostvpn-fedora-32-1.4.1.zip ... FAILED
==> ERROR: One or more files did not pass the validity check!
 -> error downloading sources: cyberghostvpn