AUR (en) - private-internet-access-vpn

Search Criteria

Enter search criteria

Search by

Keywords

Out of Date

Sort by

Sort order

Per page

Package Details: private-internet-access-vpn 3.4-2

Package Actions

Git Clone URL:	https://aur.archlinux.org/private-internet-access-vpn.git (read-only, click to copy)
Package Base:	private-internet-access-vpn
Description:	Installs VPN profiles for Private Internet Access Service
Upstream URL:	https://www.privateinternetaccess.com/
Keywords:	connman networkmanager openvpn python vpn
Licenses:	GPL
Submitter:	flamusdiu
Maintainer:	flamusdiu
Last Packager:	flamusdiu
Votes:	85
Popularity:	0.66
First Submitted:	2014-08-14 01:22 (UTC)
Last Updated:	2021-01-13 12:37 (UTC)

Dependencies (7)

openvpn (openvpn-xor-patched, openvpn-rrf, openvpn-pkcs11, openvpn-openssl-1.0, openvpn-git, openvpn-mbedtls, openvpn-password-save, openvpn-xor-git)
python (python38, python36, python37, python3.7, nogil-python, python311, python39)
python-docopt
python-setuptools
git (git-git, git-vfs, git-run-command-patch-git) (make)
connman (connman-git) (optional) – Enables PIA for Connman
networkmanager (networkmanager-secure, networkmanager-consolekit, networkmanager-git, networkmanager-iwd) (optional) – Enables PIA for Network Manager (needs a openvpn plugin)

Required by (0)

Sources (9)

Latest Comments

Auerhuhn commented on 2022-04-25 16:18 (UTC)

@flamusdiu Here’s a patch you can apply directly: https://github.com/claui/aur-private-internet-access-vpn/commit/0b6bab05fa74e53038c5342189452d0c72319e3e.patch

bader commented on 2021-03-22 10:55 (UTC) (edited on 2021-03-22 10:56 (UTC) by bader)

steps to fixing the error

==> ERROR: Failure while creating working copy of python-pia git repo
    Aborting...
error making: private-internet-access-vpn

navigate to the local cache folder for the package

$HOME/.cache/yay/private-internet-access-vpn
edit the PKGBUILD file
locate the line contaning the git pull request\

"git+https://github.com/flamusdiu/python-pia.git#tag=${pkgver}"
modify the url by changing tag=${pkgver} to tag=v${pkgver}

"git+https://github.com/flamusdiu/python-pia.git#tag=v${pkgver}"
Save the file
In the package cache directory build the package using the command

makepkg -si

RogueToad50 commented on 2021-01-25 11:48 (UTC)

The package is unfortunately still broken, but it seems that the solution proposed by hyness still works (prepending a v to the tag on that github link). Please update?

flamusdiu commented on 2021-01-14 16:57 (UTC)

Woops. I'll get that updated.

hyness commented on 2021-01-14 16:48 (UTC)

I got the following error when building

-> Creating working copy of python-pia git repo...
Cloning into 'python-pia'...
done.
fatal: invalid reference: 3.4

I was able to fix it by prepending a vto the tag

"git+https://github.com/flamusdiu/python-pia.git#tag=v${pkgver}"

flamusdiu commented on 2020-12-20 14:05 (UTC)

Looks like they removed a bunch of configuration as well. Hmm, working out removing the other configuration options since they do not work.

flamusdiu commented on 2020-12-17 03:41 (UTC)

Hmm, okay. I have some work to do. Apparently, PIA changed the file names and moves stuff around. Let me see how I want to work this out.

mijoharas commented on 2020-12-15 23:18 (UTC)

sorry, the comment I just made was actually for the dev version of this package, I'll cross post it there.

mijoharas commented on 2020-12-15 23:17 (UTC)

Seems even more broken than usual. So I got it working by changing the egrep line in the PKGBUILD to:

    host=$(grep -Po "(?<=remote )[-a-zA-Z.]+" "$file")

I also had to modify python-pia before a could call sudo pia -a. I had to change line 85 in pia/applications/hooks.py to :

        return [h.fqdn for h in properties.get_default_hosts_list() if h.name == re.sub('_', ' ', config_id)][0]

(note the swapped '_' and ' ' there). That seems to have done the trick, but man was this a pain. Either way, vpn working again.

smallpotato commented on 2020-09-10 21:55 (UTC) (edited on 2020-09-10 21:57 (UTC) by smallpotato)

Installation fails:

:: (1/1) Parsing SRCINFO: private-internet-access-vpn
==> Making package: private-internet-access-vpn 3.3.3-12 (Thu 10 Sep 2020 05:45:21 PM EDT)
==> Retrieving sources...
  -> Downloading ip-lport-3.3.3-12.zip...
   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                  Dload  Upload   Total   Spent    Left  Speed
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (22) The requested URL returned error: 404 Not Found
==> ERROR: Failure while downloading https://www.privateinternetaccess.com/openvpn/openvpn-ip-lport.zip
    Aborting...
error downloading sources: private-internet-access-vpn

prometheus commented on 2020-07-15 19:09 (UTC)

Installation fails:

==> Validating source files with sha256sums...
    ip-lport-3.3.3-12.zip ... FAILED
    default-3.3.3-12.zip ... FAILED
    strong-3.3.3-12.zip ... FAILED
    login-example.conf ... Passed
    pia-example.conf ... Passed
    restart.conf ... Passed
    vpn.sh ... Passed
    pia.8.gz ... Passed
    python-pia ... Skipped
    openvpn-update-resolv-conf ... Skipped
==> ERROR: One or more files did not pass the validity check!
Error downloading sources: private-internet-access-vpn

nihilazo commented on 2020-04-13 14:38 (UTC)

The changes to the PKGBUILD mean that the server list is now blank when it installs. This isn't a problem if I roll back a commit to before the PKGBUILD changed.

shnee commented on 2019-12-02 21:08 (UTC)

My vpn-hosts.txt file is empty.

I think the change to "while read -d $"\0" file" from "while read -d $'\0' file" is causing the issue.

dylanmtaylor commented on 2019-11-23 22:21 (UTC)

Not installing for me :(

==> Validating source files with sha256sums... ip-lport-3.3.3-11.zip ... FAILED default-3.3.3-11.zip ... FAILED strong-3.3.3-11.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped ==> ERROR: One or more files did not pass the validity check! Error downloading sources: private-internet-access-vpn

Ataraxy commented on 2019-11-04 07:21 (UTC)

==> Validating source files with sha256sums...
    ip-lport-3.3.3-11.zip ... FAILED
    default-3.3.3-11.zip ... FAILED
    strong-3.3.3-11.zip ... FAILED

ionspin2 commented on 2019-10-24 08:48 (UTC)

Latest working signatures:

sha256sums=('1438516a12e4d35e2d0415919702597e7f6660140406a38496c4d8b385246c62' 'c1b9abb870a002541237e61bb35f57b1b2db910175b490c2da7679fa1e84b9c5' '92ffa86db3343119c4f5ac1829bebf6744bb64e7665f0aa9172030f3924b9cb7' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

flamusdiu commented on 2019-10-18 22:57 (UTC)

What the heck, I thought I updated the hashes. I will fix it again tonight/tomorrow when I get a break.

skrat commented on 2019-10-18 20:20 (UTC)

if you don't monitor those PIA provided OVPN configuration archives for changes, and don't intend to update the checksums, what's the point? Just download them in the build/package step with curl and don't checksum them if PIA doesn't provide checksum files. There's zero point in verifying that.

Storm_FireFox1 commented on 2019-10-04 03:18 (UTC) (edited on 2019-10-04 03:19 (UTC) by Storm_FireFox1)

Fixed the package, simply updated the SHA256 sums.

Use these: sha256sums=('76cfc03b9ba09e5f3d6eddc1275833163f102816f85652fa1c23dca36d78ec4e' 'c6383f35d6b09bc6e3440963c6612388ee204b1c92d12744f1e807addcee8098' '309bb37dc278f079f27ef99b4e4b2da8867a316c002bd3e5c552ee1ea9bc7af6' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

dylanmtaylor commented on 2019-04-12 19:40 (UTC)

I can't get this package to install. The checksums are failing.

Cloning into bare repository '/var/tmp/pamac-build-dylan/private-internet-access-vpn/openvpn-update-resolv-conf'... ==> Validating source files with sha256sums... ip-lport-3.3.3-8.zip ... FAILED default-3.3.3-8.zip ... FAILED strong-3.3.3-8.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped ==> ERROR: One or more files did not pass the validity check!

S1G1 commented on 2019-03-09 15:52 (UTC)

@crashandburn4: Thanks, you're the real MVP here :)

crashandburn4 commented on 2019-03-04 00:48 (UTC)

sha256sums=('95a5b33ba7ed36d7ae7b71730074fa20c97fc6b0c5e12d3e57787d5174fe1945' '2db040c198d8657c92e5c0b106546a337c7857f2b1f021e5c5affe4fe775814e' '2ef624636369709ea7866117a33f32aaa83f57ec3f446b758dc9d45f3aef57eb' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

flamusdiu commented on 2018-12-16 13:58 (UTC)

@mouncer: dang it. I'll have to update it again.

@dej: I read the thread but seems to be last year. However, I'll look at adding it to the configuration.

dej commented on 2018-12-13 16:07 (UTC)

Can we add this config to prevent NetworkManager DNS leaks?

[ipv4]
dns-priority=-42
dns-search=
method=auto

Source: https://bugs.launchpad.net/network-manager/+bug/1624317/comments/81

mouncer commented on 2018-12-12 15:11 (UTC)

sha256sums=('79033607c2c17972644aac95ffd12f64b9febb395e3bf10c54f176f952d5f988' '391516aa82e76d6ad4b24513ecc4246a94e1e75d7b54fdec321f8a1515feea3f' 'b6df224f5d23f27c8b14cc62c2c87602133edba65c850656de7652d980e97dca' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

latest sums to replace by editing PKGBUILD for working build

flamusdiu commented on 2018-11-28 02:39 (UTC)

I just updated it. Sorry, I thought I did already. PIA seems to update these hashes alot (at least of late).

ZAKhan commented on 2018-11-02 03:57 (UTC)

this hash is not working either.

sha256sums=('e02bbac2def42fc278f5102cb728c83f46c4394997caf1b3fbc98dbcd977d33e' 'f7337fe856bc37f57ad8a0c6b65668d88dc07bcc9924cc1476319b6047c94d82' 'd826de48c49b76d9d88dde52fffd2eab61f8790923aca93eacf4ceabc3aa95b8' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

==> Validating source files with sha256sums... ip-lport-3.3.3-8.zip ... FAILED default-3.3.3-8.zip ... FAILED strong-3.3.3-8.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped ==> ERROR: One or more files did not pass the validity check!

BoneTone commented on 2018-09-25 02:59 (UTC)

@flamusdiu: any idea on when you may be able to update this package?

JDCNS commented on 2018-09-13 05:51 (UTC)

@dslink: I am using yaourt here, and it would only build using the checksums you provided. Thanks.

dslink commented on 2018-09-09 18:15 (UTC)

trizen might be the problem

dslink commented on 2018-09-09 18:11 (UTC)

Updated sums

Also I just did it on another machine using yaourt and it built when I did the PKGBUILD edit when yaourt asked instead of just from the PKGBUILD makepkg -s in a clean dir

flamusdiu commented on 2018-09-09 12:47 (UTC)

@Dslink: I am unsure why that's failing. I'll try and take a look tonight.

dslink commented on 2018-09-09 07:33 (UTC)

Here for anyone sick of waiting for the checksums to be updated https://raymii.org/s/snippets/Arch_Linux_AUR_PKGBUILD_generate_new_checksums.html

I had a problem it wouldn't want to fetch the login-example.conf after I updated the checksum but I had the temp directory from the aur helper in this case trizen (something new I started using because of mkeedlinger's post before I was packer/yaourt) and it had the login-example.conf from the failed fetch/build so I just moved the updated PKGBUILD into that directory and it worked fine. Here is the output on the failure after updating the PKGBUILD and running makepkg -s in a clean directory.

makepkg -s ==> Making package: private-internet-access-vpn 3.3.3-7 (Sun 09 Sep 2018 03:28:53 AM EDT) ==> Checking runtime dependencies... ==> Checking buildtime dependencies... ==> Retrieving sources... -> Found ip-lport-3.3.3-7.zip -> Found default-3.3.3-7.zip -> Found strong-3.3.3-7.zip ==> ERROR: login-example.conf was not found in the build directory and is not a URL.

Here is it working once I moved the PKGBUILD into the old directory left by trizen in /tmp/trizen*

==> Creating package "private-internet-access-vpn"... -> Generating .PKGINFO file... -> Generating .BUILDINFO file... -> Generating .MTREE file... -> Compressing package... ==> Leaving fakeroot environment. ==> Finished making: private-internet-access-vpn 3.3.3-7 (Sun 09 Sep 2018 03:27:14 AM EDT)

mkeedlinger commented on 2018-08-20 15:26 (UTC) (edited on 2018-08-20 15:26 (UTC) by mkeedlinger)

I am currently still getting validation errors:

==> Validating source files with sha256sums...
    ip-lport-3.3.3-7.zip ... Passed
    default-3.3.3-7.zip ... FAILED
    strong-3.3.3-7.zip ... FAILED
    login-example.conf ... Passed
    pia-example.conf ... Passed
    restart.conf ... Passed
    vpn.sh ... Passed
    pia.8.gz ... Passed
    python-pia ... Skipped
    openvpn-update-resolv-conf ... Skipped
==> ERROR: One or more files did not pass the validity check!

I currently use trizen to update. Is this package out of date right now?

jkartchner commented on 2018-08-10 15:42 (UTC)

Still no valid checksum - ZAKhan's hash below isn't valid for this release

==> Validating source files with sha256sums... ip-lport-3.3.3-6.zip ... FAILED default-3.3.3-6.zip ... FAILED strong-3.3.3-6.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped ==> ERROR: One or more files did not pass the validity check!

ZAKhan commented on 2018-07-31 01:29 (UTC)

give error again , can you please update the keys.

rwd commented on 2018-07-15 09:00 (UTC) (edited on 2018-07-15 09:00 (UTC) by rwd)

Current sha256sums:

sha256sums=('cbd3e7ffeb11531fd3ae184196c6a2abe1b7ccef4079069b8d370a9da42e6df4' '2b26a343bf79760c6e0245531b4d4cebf98218f3319dacaedd6e8609d19d0bb5' 'a67aaaf6d5aeeb6694615eadc6991b1e6fa536d6f0ecbd29dd764f9675e5dbc2' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

flamusdiu commented on 2018-06-08 07:59 (UTC)

yeah, finally got it updated.

hayitsbacon commented on 2018-06-06 20:52 (UTC)

New sha256sum output:

sha256sums=('fa88e540481711f9dadb6e1bae4f0e405c349b58fbbb033c644f87580ded85b0' 'c33c8f2b83f07c418e277b6f399869a7eb347e475de718988807d6eac020af3d' '767aff9e6691768fcfcefc523b6e1e9ec5f92c3ed2af70ac7a5b154bad534efa' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

petertrotman commented on 2018-05-03 10:08 (UTC)

New SHA sums:

sha256sums=('68de7ba3c2a3ce1a720af9ec33a36a1e07ce60fcd9d61c49dd6f098f958cffd2' '2f0571f19c3546cd0dea9aab0c99ba6a540d02e900bb006b0c28c1a1594b85be' '6cb0b0e4f424d7c2e0787a7dab344266d51931fdb310c0e6dd75e4ea33ed5008' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

flamusdiu commented on 2018-04-24 11:45 (UTC)

Thanks, brokenmawkpkg. I am not in the country. I'll see if I can get them updated tonight if the wifi works for me.

brokenmawkpkg commented on 2018-04-23 22:08 (UTC)

New shas

sha256sums=('93600a4fecbf9af4e102ac551fbd9dcb440f2ffc44b83d6ec9ff657781580b72' 'e66ea606536ae8932870c0e665c8d1d7f2473482a8fd3f50141e8120f7992001' 'b4b120450ccae70dec1a72f52a79105bc1863371831b33cc7323a2137fae2ef4' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

ZAKhan commented on 2018-04-22 16:46 (UTC)

Not work :(

Cavsfan commented on 2018-04-15 22:47 (UTC)

Thanks kleshas! Worked great on brand new install! :-)

kleshas commented on 2018-03-20 20:58 (UTC) (edited on 2018-03-20 21:02 (UTC) by kleshas)

The three that fail for me are ip-lport-3.3.3-5.zip (openvpn-ip-lport.zip), default-3.3.3-5.zip (openvpn.zip), strong-3.3.3-5.zip (openvpn-strong.zip) (in order as below).

If you want it to work now, enter these three SHA256sums into the top three in the PKGBUILD (say yes to editing PKGBUILD on install):

697cdc812c5cf1d7ee694e4b0dc447846c9de08b43e2fe3f4c24448a81a2c5f7

6f899ff3a040be09499c90091f1f91859487ab176c54c610f6d4be2c74e5f32f

084feed448cba46230ee572174d732bf05f541c52e2b995914b9063485100806

To get these, I downloaded them from the list on this page under the Sources (10) area, then ran sha256sum on them.

flamusdiu commented on 2018-03-19 10:29 (UTC)

I am aware of it. PIA updated the zips again. It will be a few days for me to update it due to RL stuff.

slothrop commented on 2018-03-18 12:33 (UTC)

I'm having the same issue, zip files do not pass the validity check (not using any packaging manager for AUR):

==> Validating source files with sha256sums... ip-lport-3.3.3-5.zip ... FAILED default-3.3.3-5.zip ... FAILED strong-3.3.3-5.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped ==> ERROR: One or more files did not pass the validity check!

justinnichols commented on 2018-03-14 21:13 (UTC)

Occurred again:

Det commented on 2018-01-30 13:08 (UTC)

https://wiki.archlinux.org/index.php/PKGBUILD#Sources source=('unique_package_name::file_uri')

flamusdiu commented on 2018-01-25 20:15 (UTC)

@bramswenson: I don't have any issue when using aura and the way it caches packages. Technically, it's pacaur way of caching. Either way, changed the PKGBUILD. I update the pkgrel everytime the PIA changes the zip for one reason or another.

@tom.swartz07: Yeah, I knew about that. Thanks for the link to refresh my memory.

tom.swartz07 commented on 2018-01-25 00:13 (UTC)

The files that are conflicting should be updated to use the alternative uri path:

https://wiki.archlinux.org/index.php/PKGBUILD#Sources source=('unique_package_name::file_uri')

bramswenson commented on 2018-01-22 15:44 (UTC)

This build script should not require end users to remove cached packages. It should download the packages with the version name in the downloaded file name. You can do this with the correct formatting of source array entries. This would download the files with some unique id rather than having the same name for every version. Problem solved. Please update your PKGBUILD file so users don't have to repair it manually each time. This is within your power.

Gelmo commented on 2018-01-11 02:19 (UTC)

@10479 This is because pacaur is using the old assets from your cache. I corrected this by deleting my pacaur cache for my user:

rm -rf ~/.cache/pacaur/*

After doing this, it works for me with pacaur -S private-internet-access-vpn

slip commented on 2018-01-10 18:49 (UTC) (edited on 2018-01-10 18:49 (UTC) by slip)

I was stuck on version 3.3.2-5 (now 3.3.3-4) because every week when I run updates, this package doesn't pass the checks. It still worked fine so I didn't really care to mess with it. Anyway, pacaur hates this package for some reason, but grabbing the snapshot and using makepkg worked without a problem. Thanks to the maintainer though for putting in all of the work on this.

flamusdiu commented on 2018-01-10 17:07 (UTC)

Updated the ZIPs again.

mkeedlinger commented on 2018-01-10 01:46 (UTC)

I am having the same issue as @ZAKhan just now.

flamusdiu commented on 2018-01-03 16:11 (UTC)

@ZAKhan, looks like they were updated (again). Fixed now.

ZAKhan commented on 2018-01-03 06:41 (UTC)

I did a clean install as per @flamusdiu instructions still getting errors

==> Validating source files with sha256sums... openvpn-ip-lport.zip ... FAILED openvpn.zip ... FAILED openvpn-strong.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped ==> ERROR: One or more files did not pass the validity check!

jD91mZM2 commented on 2017-12-22 11:00 (UTC)

Works like a charm! I would suggest updating the version's rel so people with failed caches don't have to clear those, but it's no big deal.

BoneTone commented on 2017-12-22 04:04 (UTC)

@flamusdiu: thank you. I guess my git pull wasn't clean. My first time hitting this issue, so I apologize for the faulty report. Thanks for the guidance and for maintaining the package.

Cheers!

flamusdiu commented on 2017-12-21 19:22 (UTC) (edited on 2017-12-21 19:23 (UTC) by flamusdiu)

@BoneTone: are you sure it was a clean git pull? I just pulled it and it passed and built fine.

1) git clone https://aur.archlinux.org/private-internet-access-vpn.git

2) makepkg -sr --cleanbuild --force

'-sr' adds and removed any depends via Pacman

'--cleanbuild' ensures $srcdir is removed

'--force' forces the build (helpful when I am testing the same build over and over)

BoneTone commented on 2017-12-21 19:03 (UTC)

I just did a git pull, and am getting the following errors on makepkg -si

==> Validating source files with sha256sums... openvpn-ip-lport.zip ... FAILED openvpn.zip ... FAILED openvpn-strong.zip ... FAILED

chipmunkboogie commented on 2017-12-20 19:53 (UTC)

Thanks for the update. The package is running well on my end.

flamusdiu commented on 2017-12-20 17:58 (UTC)

Oops ... I managed not to upload a new SRCINFO file. =P

jD91mZM2 commented on 2017-12-20 15:43 (UTC)

Vailidity check still not fixed. Just gonna BUMP :)

peasaretheworst commented on 2017-12-18 23:23 (UTC)

Fails validity check 12/18/17.

-> Updating openvpn-update-resolv-conf git repo... Fetching origin ==> Validating source files with sha256sums... openvpn-ip-lport.zip ... FAILED openvpn.zip ... FAILED openvpn-strong.zip ... FAILED

:: failed to verify private-internet-access-vpn integrity

Cavsfan commented on 2017-12-17 18:00 (UTC)

Thank you for supporting this and all the work that entails. This works on my system like a charm.

flamusdiu commented on 2017-12-16 20:26 (UTC)

@stfd23f23/chipmunkboogie: that's fixed. They updated/changed some files in the zip.

@nocturnus: try it now.

sfd23f23 commented on 2017-12-15 19:41 (UTC) (edited on 2017-12-15 19:41 (UTC) by sfd23f23)

failed validity check here

openvpn-ip-lport.zip ... FAILED, openvpn.zip ... FAILED, openvpn-strong.zip ... FAILED

chipmunkboogie commented on 2017-12-15 17:38 (UTC)

Currently some files are not passing the validity check:

openvpn-ip-lport.zip ... FAILED openvpn.zip ... FAILED openvpn-strong.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped

nocturnus commented on 2017-12-13 23:08 (UTC)

@flamusdiu Thanks, thats what i was suspecting regarding NM, as i have had success not so long ago with your package. I am actually importing the OpenVPN configs your packages creates for use. I simply have to save a copy with appropriate permissions for me to import and they are good to go in NetworkManager. This is actually much easier than downloading and configuring directly.

flamusdiu commented on 2017-12-13 12:41 (UTC) (edited on 2017-12-13 12:41 (UTC) by flamusdiu)

@nocturmus/Veras: I have no idea why you were downloading those directly. There was no issues when running pia -a with creating the OpenVPN configurations. Also, see https://github.com/flamusdiu/python-pia/issues/38. I'll fix this as soon as I can get a new build up. I guess NM must have changed their paths or something which is why the script isn't creating the NM configurations.

nocturnus commented on 2017-12-12 04:37 (UTC)

@flamusdiu appreciate you taking a look, as @veras said, this can certainly be done manually, but damn if this way isnt convenient.

@Veras appreciate you confirmimg I wasnt off my rocker here. I'll be loading them manual for now until @flamusdiu is able to investigate.

veras commented on 2017-12-11 05:59 (UTC)

@nocturnus I was having the same problem, as a temporary solution I downloaded the OpenVPN config files directly from the site and imported them to NetworkManager. Link: https://www.privateinternetaccess.com/openvpn/openvpn.zip

flamusdiu commented on 2017-12-10 23:11 (UTC)

nocturnus, umm, not sure, I'll have to spin up my Arch box (or docker). I am traveling so I'll let you know something soon.

nocturnus commented on 2017-12-10 22:48 (UTC) (edited on 2017-12-10 22:48 (UTC) by nocturnus)

Anyone got any thoughts on why its not generating NetworkManager configs? Or where I should look for possible error output? Debug option currently doensnt provide any info.

It is buildings the OpenVPN configs, and i can manually initate those from console, yet no NM configs. I have tried both without a pia.conf file (thus defaults to all configs) and with, specifing apps variable = nm, but no luck.

Importing OpenVPN configs as described in Troubleshooting on wiki only works if files are copied from '/etc/openvpn/client' and permissions reset to that of user performing the import.

flamusdiu commented on 2017-11-12 19:54 (UTC)

'/etc/connman/connman-vpn.conf' adds some general opts for 'connman-vpn'. Using connman-vpn provides a front-end GUI through applications that hook into it. It's on a matter of prefs. Running 'pia -a' generates the .config files required by connman-vpn and the files for OpenVPN connections.

jD91mZM2 commented on 2017-11-12 08:10 (UTC)

Hey! Sorry for the useless comment, I just wanted to thank you for this awesome package :) It's really helped me a ton! Also, a question: I'm currently using openvpn to connect. Is there any advantage with using connman-vpn? And why isn't `sudo pia -a` creating `/etc/connman/connman-vpn.conf` (using empty config, but also tried one with `hosts` set)?

flamusdiu commented on 2017-10-09 15:28 (UTC)

@ProfessorKaos64: that's odd, I wonder why you have to reboot since in the past that isn't the case. @Everyone: I should post a new update next few days since I am back in the states. =D

ProfessorKaos64 commented on 2017-10-09 02:40 (UTC)

If anyone gets an error about tun0, reboot after pia -a to configure.

BeardyBainton commented on 2017-09-14 05:38 (UTC)

Thanks for maintaining this, it has made PIA much easier for me, it works without any complaints all the way from build to internet-ing now. A reminder that if anyone is struggling, follow the wiki page for this package. https://wiki.archlinux.org/index.php/Private_Internet_Access/AUR

jonascj commented on 2017-09-01 21:07 (UTC) (edited on 2017-09-01 21:11 (UTC) by jonascj)

It might be obvious, but openvpn* is required for this to work. Without openvpn installed '# pia -a' will return success, but no config files will be installed. I'm no PKGBUILD expert, but this one seems to have openvpn as an optional dependency, shouldn't it be a regular dependency? See https://github.com/flamusdiu/python-pia/issues/33 as well. * https://www.archlinux.org/packages/?q=openvpn

veras commented on 2017-08-31 03:52 (UTC)

@asynec https://wiki.archlinux.org/index.php/Private_Internet_Access/AUR

async commented on 2017-08-31 03:49 (UTC)

I'm not sure I understand how to use this package. After installing it, should I be seeing a list of VPN servers I can connect to?

uberscientist commented on 2017-07-31 23:29 (UTC)

I needed to install https://www.archlinux.org/packages/core/any/openresolv/ or else I get: /etc/openvpn/update-resolv-conf.sh: line 56: -x: command not found Might be a good idea to add it to dependencies

boina commented on 2017-07-04 17:12 (UTC)

Hi there!!! Thanks for this package!! It installed and worked perfect!! I have one problem/question. At the university I can't connect. I have red that trying port 443 with the TCP protocol could work. The problem I have is that if I change these values manually from network manager it doesn't connect (not even at home where is normally working). Could some one give me a hand with setting up this VPN with tcp port 443?? Best, jose.

commented on 2017-06-14 14:57 (UTC)

For those, who see "Germany" not working: https://www.privateinternetaccess.com/forum/discussion/24134/private-internet-access-is-temporarily-discontinuing-its-german-exit-gateway

machfour commented on 2017-05-25 13:14 (UTC)

@flamusdiu Ah, yes I deleted the old build files and started again, and everything built just fine :) Thanks!

flamusdiu commented on 2017-05-24 20:18 (UTC)

Just reran the build process and I don't see any issues with the zips.

machfour commented on 2017-05-13 09:07 (UTC)

The checksums don't match anymore... ==> Validating source files with sha256sums... openvpn-ip-lport.zip ... FAILED openvpn.zip ... FAILED openvpn-strong.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped ==> ERROR: One or more files did not pass the validity check!

Cavsfan commented on 2017-05-12 16:31 (UTC)

@newbOnArch, I always have used an alias and just enter 'upd' in terminal: #get all updates even from the AUR alias upd='yaourt -Syua' Works a treat.

newbOnArch commented on 2017-05-11 21:19 (UTC)

@flamusdiu I just had trouble updating through pacaur -Syu, while validating source files openvpn-ip-lport.zip, openvpn.zip, and openvpn-strong.zip they all failed. Then I ran through yaourt -Syu --aur everything passed and now I'm updated. I believe there might be fault with pacaur -Syu when you try to update. I'm not sure but I would request you to look into it. Here is my Ghostbin link: https://ghostbin.com/paste/exncf I have posted troubles while updating and how it just updated.

flamusdiu commented on 2017-04-30 16:31 (UTC)

@chmeresmoreira: Actually, I am extracting ONLY the certificates PIA uses. That line extracts the configs that I use to build which end-points PIA uses. They are not copied outside the building process. I used to copy and stop doing that a long time ago to give the options of different ports and strong encryption. Under [configure] section, you can add "strong_encryption=true" to use the strong encryption stuff. *Note: Looks like I forgot to update the Wiki. Oops. =P

commented on 2017-04-29 23:36 (UTC)

@flamusdiu Hey, why didn't you chose the strongest and more secure config files? In this line: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=private-internet-access-vpn#n53 you are extracting the default config files with the default security level, maybe you could add an option to ask during the installation process what security level to user wants. Anyway, thank you for maintaining this package!

Cavsfan commented on 2017-04-16 17:43 (UTC)

My ISP is Spectrum, formerly Brighthouse. It seems that Charter has merged with Time Warner Cable and Bright House Networks to form Spectrum. More monopolies. :( But, my problem is probably not related to Arch and this package because it does the exact same thing on Xubuntu and there is an installer for Debian based systems https://www.privateinternetaccess.com/installer/download_installer_linux There is an applet in the top panel that lets you connect, etc. It does the exact same in Xubuntu as it does in Arch: receives but, does not send email from the same ISP that works good on Windows 10. The conky also behaves the same way: no weather info when PIA is running. But, I never tried conky in Windows and have no interest it it. I have a ticket opened for Linux so, maybe the problem is on their end. Yes, he wrote this: https://aur.archlinux.org/packages/conky-cairo/

flamusdiu commented on 2017-04-15 20:46 (UTC)

@Cavsfan: flagged due to the zips ... I need to get docker running to fix it. Stuck with a Win Laptop atm and away for work. ::cries:: Wait, he wrote conky-cairo?? Whoa, it's been a while but I have used that before. It's very dam odd that your ISP doesn't work with PIA. Which ISP is it?

Cavsfan commented on 2017-04-15 15:10 (UTC)

@flamusdiu: I tried a bunch of different locations if that is what you meant and they all do the same: they don't work any better. How come it says this package is flagged out of date as of 2017-04-13?

Cavsfan commented on 2017-04-14 20:12 (UTC)

@flamusdiu: Actually all I think I've tried is Florida. I guess I should try some more and see if that works. I never thought about it. The Conky is Conkywx from a friend who is an amazing programmer Paramvir Likhar. He writes it in perl, lua and a few other things. Here is his site: http://foreverquest.blogspot.com/ I am part of his testing group and before the next version is released (version 6.0 now) we test it for months until it is perfect. This conky has actual scrolling text. It takes a movie to show it; a picture doesn't cut it. He also wrote his own conky for Arch which in the AUR called conky-cairo. I can run 13 conkys and the CPU usage is about 15-20%. I am currently using http://www.usnews.com/rss/news for my news but, any site that has an RSS feed can be used. I'll try some different sites and report back. I use Thunderbird with the same setup and ISP as in my Linux distros. So, that is why I didn't get it either. Thanks!

flamusdiu commented on 2017-04-14 18:56 (UTC)

@Cavsfan: that's strange. I use the same configurations that should be used on Windows. What VPN endpoints have you tried? As for Conky: what sites?

Cavsfan commented on 2017-04-14 18:03 (UTC)

@flamusdiu: do you know of any reason why Thunderbird cannot send mail while connected to the VPN? It will receive but, not send. Also my conkys do not work with weather and news sites. I cannot figure it out. I have opened tickets with PIA https://www.privateinternetaccess.com/ but, I do not think Linux is their forte. They added my outgoing SMTP server to their whitelist but, it still doesn't work and I don't even know why they should have to add it to a whitelist. In Windows 10 it works a dream but, in Arch and Xubuntu I have the exact same problem. Thanks for all of your efforts

flamusdiu commented on 2017-04-13 20:14 (UTC)

@chappjc: I never tried -- but seems like that works to. I doubt there would be any issues with it.

chappjc commented on 2017-04-13 17:19 (UTC)

Can the zip files use HTTPS instead of HTTP? They are less likely to be blocked that way, but worse the zips can download with junk contents if a firewall wants to when using http.

flamusdiu commented on 2017-04-06 20:25 (UTC)

@Solstice: Oops, I didn't realize that. ha! Thanks for pointing it out. I'll have to see about fixing it through docker since I am not home atm.

solsticedhiver commented on 2017-04-05 21:43 (UTC)

There is a typo. Systemd files should be in /usr/lib/systemd/system not in /usr/lib/system/systemd the patch to the PKGBUILD --- PKGBUILD 2016-10-16 02:39:08.000000000 +0200 +++ PKGBUILD.new 2017-04-05 23:39:35.878484391 +0200 @@ -64,8 +64,8 @@ package() { cd "${srcdir}" - install -D -m 644 restart.conf "${pkgdir}/usr/lib/system/openvpn@.service.d/restart.conf" - install -D -m 755 vpn.sh "${pkgdir}/usr/lib/system/systemd/system-sleep/vpn.sh" + install -D -m 644 restart.conf "${pkgdir}/usr/lib/systemd/openvpn@.service.d/restart.conf" + install -D -m 755 vpn.sh "${pkgdir}/usr/lib/systemd/system/system-sleep/vpn.sh" install -D -m 644 pia.8.gz "${pkgdir}/usr/share/man/man8/pia.8.gz"

zachoooo commented on 2017-03-26 00:03 (UTC)

Awesome package! Thank you so much!

flamusdiu commented on 2017-03-06 01:57 (UTC)

@meticulo, the PKGBUILD file has the exact checksums of the files to build the package by. This is used to ensure proper building of the package when files are downloaded.

meticulo commented on 2017-03-05 03:51 (UTC)

@flamusdiu: I used the command you suggested, and the install was a success, but I was hasty and neglected to clone the package. The checksums in the now working PKGBUILD are included below. Forgive my lack of understanding -- would you be willing to explain what this problem was all about? I'm a little daft about these AUR packages. I use the command: cower -vdfu to check for updates and overwrite old stuff. Might that be the source of the problem? Thanks! sha256sums=('c7c21e690a836fb42adae0addce45ea97a25d12ffd03d9fde04392933c33f36d' '1f57eb735141b767f19d653ffa434ffa2d1108c2a5b74fe61c72542056360c77' '9d28e1883d5f2e1b017789c051c6377b1e97ed86f72f84f3ca33b15a909947c7' '4322a2a4bc3e206c6ab7e1df87a8805032b76c177c1ed9dd3501260ed32ccb30' '797dbdb6e3aadc86f97262e26d61cf4847caf85dda4b7a97cac59088cb912b27' '246fc4dc3218f56b4c70014df6801b10fc2a573d6545962b7fce05f16908c54e' '7f4a5ee1fb8ea4d0e69ed2a8217c575cf335f21e90082f6e423c769eca4a7a46' 'dd15ff9d020d6779c51bff560c8571b462cc7ca3f4d2a92b8103056be4b2e0fd' 'SKIP' 'SKIP')

flamusdiu commented on 2017-03-05 02:31 (UTC) (edited on 2017-03-05 02:54 (UTC) by flamusdiu)

@meticulo: whoops. you can clone the package and run updpkgsums. Update: I just did this and got the same check sums. I wonder if something is wrong when you download it. If you do the command above, post the checksums for me if you get it to install afterwards.

meticulo commented on 2017-03-04 03:06 (UTC) (edited on 2017-03-04 14:31 (UTC) by meticulo)

@flamusdiu: Thank you for actively developing this package! Very useful! I have been using and updating for awhile, but I have not been able to upgrade lately due to the following errors (below) following the command: makepkg -sci. Would you kindly explain how I can correct these invalid files and install the new build? Thanks again! ==> Validating source files with sha256sums... openvpn-ip-lport.zip ... FAILED openvpn.zip ... FAILED openvpn-strong.zip ... FAILED

flamusdiu commented on 2017-02-28 03:22 (UTC)

@finch: cool you got it working. If you for some reason do not want to run NetworkManager, you can run Connman or openvpn directly. choice is up two you.

finch commented on 2017-02-26 14:39 (UTC)

@flamusdiu - I don't know much about Docker, so I decided to troubleshoot the network connection instead. I'm using NetworkManager and wasn't able to find any conflicting networkd or dhcpcd services running. However, after I got NetworkManager installed the first time, I have been using WiFi. I plugged into LAN, removed the private-internet-access directory and started again. This time I was able to successfully install your package. I did have one final hiccup. When running pia -a as root, I was informed I needed to run systemctl daemon-reload. After doing that, all VPN connections failed. I rebooted, and everything seems good now. Thanks for your help!

flamusdiu commented on 2017-02-23 12:57 (UTC) (edited on 2017-02-23 13:16 (UTC) by flamusdiu)

@finch: very odd. It seems to do something with the setuptools. If I kill my network connection, then try and install it, then I get a similar error. I created a docker container on my windows box to test out installing it in a clean Arch. Docker here: https://hub.docker.com/r/flamusdiu/archlinux-devel/ I create the container then: docker -it flamusdiu/archlinux-devel /bin/fish (or bash) Then you can run the git commands or run "aura -Aakx private-internet-access-vpn"

finch commented on 2017-02-22 01:09 (UTC)

@flamusdiu - here's full output. Looks like everything goes fine right up until "install." http://pastebin.com/wMXfgWGz If there's another way you want me to get output, let me know.

flamusdiu commented on 2017-02-21 22:22 (UTC)

I would not use IPv6 with the VPN. To my knowledge it doesn't work properly. See: https://www.privateinternetaccess.com/forum/discussion/21565/ipv6-leaking-despite-ipv6-leak-protection I would disable IPv6 and then do the tests and let me know. See: https://wiki.archlinux.org/index.php/IPv6#Disable_IPv6

newbOnArch commented on 2017-02-21 17:41 (UTC)

@flamusdiu I looked into these links you provided me https://wiki.archlinux.org/index.php/Private_Internet_Access_VPN#Troubleshooting and https://github.com/flamusdiu/python-pia/issues/13. They still cause dns and ipv6 to leak. The weird thing is I'm two websites https://www.dnsleaktest.com/ and http://dnsleak.com/ the first one tells me it's leaking but the second one which is link provided by pia says i'm not. I'm not sure what to do here.

flamusdiu commented on 2017-02-21 11:17 (UTC)

@finch: Here's my output when I install it: http://pastebin.com/svR07fpf I am using "--cleanbuild --force" to ensure the build process is new and because I already have it installed. It appears to not be able to reach some URL but the out put doesn't say. Can you post the whole build process for me?

finch commented on 2017-02-21 03:13 (UTC)

@flamusdiu: Apologies if I'm misunderstanding. I ran 'git clone' to download the package first, then cd to the new directory. From there, I ran 'makepkg -sri' to attempt to install.

flamusdiu commented on 2017-02-20 22:44 (UTC)

@flinch: what command did you do for the install?

finch commented on 2017-02-20 20:15 (UTC)

Hello! New arch install, running openbox with NetworkManager. When I try to install this particular package, I wind up with this error: ==> Starting package()... Traceback (most recent call last): File "/usr/lib/python3.6/urllib/request.py", line 1318, in do_open encode_chunked=req.has_header('Transfer-encoding')) File "/usr/lib/python3.6/http/client.py", line 1239, in request self._send_request(method, url, body, headers, encode_chunked) File "/usr/lib/python3.6/http/client.py", line 1285, in _send_request self.endheaders(body, encode_chunked=encode_chunked) File "/usr/lib/python3.6/http/client.py", line 1234, in endheaders self._send_output(message_body, encode_chunked=encode_chunked) File "/usr/lib/python3.6/http/client.py", line 1026, in _send_output self.send(msg) File "/usr/lib/python3.6/http/client.py", line 964, in send self.connect() File "/usr/lib/python3.6/http/client.py", line 1392, in connect super().connect() File "/usr/lib/python3.6/http/client.py", line 936, in connect (self.host,self.port), self.timeout, self.source_address) File "/usr/lib/python3.6/socket.py", line 704, in create_connection for res in getaddrinfo(host, port, 0, SOCK_STREAM): File "/usr/lib/python3.6/socket.py", line 743, in getaddrinfo for res in _socket.getaddrinfo(host, port, family, type, proto, flags): socket.gaierror: [Errno -2] Name or service not known During handling of the above exception, another exception occurred: Traceback (most recent call last): File "setup.py", line 21, in <module> ez_setup.use_setuptools() File "/home/finch/Downloads/GitClones/AUR/private-internet-access-vpn/src/python-pia/ez_setup.py", line 160, in use_setuptools version = _resolve_version(version) File "/home/finch/Downloads/GitClones/AUR/private-internet-access-vpn/src/python-pia/ez_setup.py", line 368, in _resolve_version resp = urlopen(meta_url) File "/usr/lib/python3.6/urllib/request.py", line 223, in urlopen return opener.open(url, data, timeout) File "/usr/lib/python3.6/urllib/request.py", line 526, in open response = self._open(req, data) File "/usr/lib/python3.6/urllib/request.py", line 544, in _open '_open', req) File "/usr/lib/python3.6/urllib/request.py", line 504, in _call_chain result = func(*args) File "/usr/lib/python3.6/urllib/request.py", line 1361, in https_open context=self._context, check_hostname=self._check_hostname) File "/usr/lib/python3.6/urllib/request.py", line 1320, in do_open raise URLError(err) urllib.error.URLError: <urlopen error [Errno -2] Name or service not known> ==> ERROR: A failure occurred in package(). Aborting... I've triple checked dependencies and have also installed python-pia.git just in case. That didn't seem to make a difference either way. I haven't been able to find much relevant info on this particular issue, either on the internet at large or the wiki related to this package. I have previously (about 6-8 months ago) installed this with no issues on 2 other machines with similar configurations. Any help would be appreciated.

Cavsfan commented on 2017-02-16 20:01 (UTC)

@flamusdiu, I will keep that in mind. Thanks for your help and thanks for taking the time maintaining this package! Good work! :-)

flamusdiu commented on 2017-02-16 18:47 (UTC)

It's good you got it worked out. Just a note: '/etc/opnevpn/pia.conf' doesn't do anything. 'pia.conf' lives in '/etc/private-internet-access/' folder.

Cavsfan commented on 2017-02-16 17:17 (UTC)

That fixed it. Thank you. I had to change it to 1197 from UDP/1197 in both /etc/openvpn/pia.conf and /etc/private-internet-access/pia.conf? I changed it in /etc/openvpn/pia.conf, rebooted and it still didn't work. Then I changed it in the /etc/private-internet-access/pia.conf file and it worked without rebooting.

flamusdiu commented on 2017-02-16 11:18 (UTC)

@Cavsfan: Use "1197" instead of "UDP/1197". Each port can only be paired with each protocol so I removed the option for setting the protocol that way. See: https://helpdesk.privateinternetaccess.com/hc/en-us/articles/225274288-Which-encryption-auth-settings-should-I-use-for-ports-on-your-gateways- @newbOnArch: You shouldn't leak but depending on certain things, you could. See https://wiki.archlinux.org/index.php/Private_Internet_Access_VPN#Troubleshooting and https://github.com/flamusdiu/python-pia/issues/13.

newbOnArch commented on 2017-02-16 02:36 (UTC) (edited on 2017-02-16 02:38 (UTC) by newbOnArch)

@flamusdiu I had everything uninstalled for couple days and manually deleted any files that were left on my computer. I reinstalled everything on computer right now and did the same things now it works and the all the vpn connections are in '/etc/NetworkManager/system-connections,' but thanks for your helps. I was wondering if you guys had the script to prevent dns and ipv6 leaking in the vpn files. I remember seeing it somewhere either inside openvpn or somewhere else.

Cavsfan commented on 2017-02-15 18:42 (UTC)

Just updated and got this: $ sudo pia -a Traceback (most recent call last): File "/usr/bin/pia", line 11, in <module> load_entry_point('pia==3.3.1', 'console_scripts', 'pia')() File "/usr/lib/python3.6/site-packages/pia/command_line.py", line 23, in main pia.run.run() File "/usr/lib/python3.6/site-packages/pia/run.py", line 53, in run properties.parse_conf_file() File "/usr/lib/python3.6/site-packages/pia/conf/properties.py", line 271, in parse_conf_file props.port = getattr(configure_section, "port", [props.default_port])[0] File "/usr/lib/python3.6/site-packages/pia/conf/properties.py", line 158, in port config = self._config_lookup[self._port_lookup[value]['config']] KeyError: 'UDP/1197'

flamusdiu commented on 2017-02-15 11:09 (UTC)

@newOnArch: OpenVPN and NetworkManager store configurations in different places. OpenVPN's configurations are in '/etc/openvpn/client' while NetworkManager is in '/etc/NetworkManager/system-connections'. Did you create a '/etc/private-internet-access/pia.conf'? If so, can you post it here. NetworkManager is strange sometimes on how it views connections. Though, as noted here (https://github.com/flamusdiu/python-pia/issues/24) it works with NetworkManager even with the 2.4 update to OpenVPN.

newbOnArch commented on 2017-02-13 00:06 (UTC) (edited on 2017-02-14 05:34 (UTC) by newbOnArch)

Hi, I'm new on arch linux. I'm trying set up my vpn with your packages and followed all the instructions on arch wiki to set up private internet access. I already have all the packages installed like private-internet-access-vpn and networkmanager-openvpn. Even after setting it up, the list of connections for vpns are not showing up on networkmanager. One of the instructions says that after running pia -a as root and restarting the network manager the .conf files should show up in /etc/openvpn but i saw all the .conf files in /etc/openvpn/client. I'm not sure what to do next please help me set this up. I'm using i3. I'm not sure which files are needed to be added to network-connections folder in network manager.

flamusdiu commented on 2017-02-10 09:27 (UTC)

@kelshas: true, or you can just DL the PKGBUILD and run "updpkgsums" in the folder which will download and update them for you automatically without having to edit the PKGBUILD file directly.

kleshas commented on 2017-02-09 21:10 (UTC)

wjrivera - If you didn't know, you can download those 3 files, run sha256sum against them in a command line, and edit the PKGBUILD (entering those new derived sums) during the private-internet-access build.

wjrivera commented on 2017-02-08 05:40 (UTC)

I'm having the same problem as @kleshas ==> Validating source files with sha256sums... openvpn-ip-lport.zip ... FAILED openvpn.zip ... FAILED openvpn-strong.zip ... FAILED ... did not pass the validity check!

flamusdiu commented on 2017-02-07 15:54 (UTC)

kleshas, looks like they might have updated the zip files. I can't fix it till this weekend. Thanks for letting me know.

kleshas commented on 2017-02-07 06:42 (UTC)

Reinstalled arch. No problems reinstalling various other applications, from AUR and otherwise. private-internet-access-vpn fails every time at "Validating source files with sha256sums" for openvpn-ip-lport.zip, openvpn.zip and openvpn-strong.zip. Happens with various AUR servers (ran reflector on canada and US servers), and with the dev version.

flamusdiu commented on 2017-01-17 15:41 (UTC)

@TimeQuelch: Dam "d" eating gnomes! =P I'll get an update pushed up. @Cavsfan: dang it. Let me check it again locally.

TimQuelch commented on 2017-01-17 02:07 (UTC) (edited on 2017-01-17 02:10 (UTC) by TimQuelch)

install -D -m 644 restart.conf "${pkgdir}/usr/lib/system/openvpn-client@.service.d/restart.conf" install -D -m 755 vpn.sh "${pkgdir}/usr/lib/system/systemd/system-sleep/vpn.sh" I think these should be: install -D -m 644 restart.conf "${pkgdir}/usr/lib/systemd/system/openvpn-client@.service.d/restart.conf" install -D -m 755 vpn.sh "${pkgdir}/usr/lib/systemd/system-sleep/vpn.sh"

Cavsfan commented on 2017-01-16 15:43 (UTC)

@flamusdio, nothing changed. I did "sudo pacman -Rs private-internet-access-vpn", which removed it. I don't know what pip is. I tried to look it up to no avail. Anyway I get the same thing. When I enter "pia --version" it just says 3.3 but, when I enter "$ pacman -Qs private-internet-access-vpn local/private-internet-access-vpn 3.3.1-2 But, I still get the same exact errors when I do "sudo pia -a". I have networkmanager, connman and openvpn all 3 installed and before I entered "pia -a" I started the connman-vpn.service.

Cavsfan commented on 2017-01-16 15:18 (UTC)

@flamusdio, I'll give that a try and report back. Thank you

flamusdiu commented on 2017-01-16 15:01 (UTC)

@Cavslan: Should be 3.3.1. However in the error you posted, it was showing 3.3b for some reason. I went back and check to make sure that I didn't leave something in the code for the version (I have a bad habit of doing that) but didn't notice anything. Can you remove the package and make sure there isn't a version still installed through pip after removal?

Cavsfan commented on 2017-01-16 14:56 (UTC)

Here's what I get: $ pia --version 3.3 No errors.

flamusdiu commented on 2017-01-16 03:27 (UTC)

@Cavslan: what do you get when you do `pia --version`?

Cavsfan commented on 2017-01-15 19:04 (UTC)

I had ConnMan installed already so I started it and entered "sudo pia -a". These are the errors I got and pretty sure the same as I got before: $ sudo pia -a Traceback (most recent call last): File "/usr/bin/pia", line 11, in <module> load_entry_point('pia==3.3b0', 'console_scripts', 'pia')() File "/usr/lib/python3.6/site-packages/pia/command_line.py", line 23, in main pia.run.run() File "/usr/lib/python3.6/site-packages/pia/run.py", line 53, in run properties.parse_conf_file() File "/usr/lib/python3.6/site-packages/pia/conf/properties.py", line 271, in parse_conf_file props.port = getattr(configure_section, "port", [props.default_port])[0] File "/usr/lib/python3.6/site-packages/pia/conf/properties.py", line 158, in port config = self._config_lookup[self._port_lookup[value]['config']] KeyError: 'UDP/1197' Guess, I'll just stick to OpenVPN for now at least.

bennysdad commented on 2017-01-12 19:45 (UTC) (edited on 2017-01-13 01:05 (UTC) by bennysdad)

Hopefully, this will help someone. I could not connect after the last update and sudo pia -a did not help. Neither did a reboot or systemctl restart NetworkManager. I'm lazy and did not want to manually edit all 36 config files as Cavsfan did, so I waited... I'm not patient either... So, it turns out all I had to do was edit one. When I used the NetworkManager "Configure VPN" on the VPN host I usually use, it was looking for the CA Certificate in the old location. Once I told it the new location is /etc/openvpn/client, all the other hosts magically became available with the correct certificate location too. Could the problem have occurred because I had that VPN host connected when I updated the first time?

flamusdiu commented on 2017-01-11 20:09 (UTC) (edited on 2017-01-11 20:09 (UTC) by flamusdiu)

TUN/TAP is just how VPNs work. Any VPN software will create these interfaces to push traffic through (which then gets the traffic encrypted). Yes, OpenVPN works from the CLI. Only ConnMan and NM will work from a GUI. It's all a matter of pref.

Cavsfan commented on 2017-01-11 19:45 (UTC)

@flamusdio, I see that OpenVPN is designed to work with the TUN/TAP virtual networking interface. I guess I am OK using OpenVPN right? I also see that OpenVPN Allows running configurations from command-line (from above). Which is probably why I have only CLI options.

flamusdiu commented on 2017-01-11 04:06 (UTC)

@Cavsfan: yeah, I run OpenVPN directly for testing but use Connman usually. You can also use nm-cli or connmanctl as well. Plenty of options depending on what your needs are.

Cavsfan commented on 2017-01-10 14:11 (UTC) (edited on 2017-01-10 14:13 (UTC) by Cavsfan)

@flamusdio, as I stated I did run from terminal 'sudo pia -a' and I got some errors. But, it all worked out after I took the steps I mentioned. I'm pretty sure it uses OpenVPN as I see that in the terminal output when connecting but, when I connect and look at Network Manager it says I'm connected with Interface: tun0 and the terminal says "TUN/TAP device tun0 opened". I guess I'm good with the cli connection method.

flamusdiu commented on 2017-01-10 04:15 (UTC)

Cavsfan: You have to run 'pia -a' from the command line to generate your configurations. However, you can use Connman or NetworkManager to control OpenVPN. Or even systemd. If there are other network managers, I would need to add hooks for them before they would see the configurations.

flamusdiu commented on 2017-01-10 03:14 (UTC)

How did you download the package? Downloading it from here directly or through aura, I don't get those being miss-matched (usually happens when PIA updates their zip files).

apastuszak commented on 2017-01-10 00:48 (UTC)

Getting the following error when I try and install this package: Unpacking objects: 100% (73/73), done. ==> Validating source files with sha256sums... openvpn-ip-lport.zip ... FAILED openvpn.zip ... FAILED openvpn-strong.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped ==> ERROR: One or more files did not pass the validity check! ==> ERROR: Makepkg was unable to build private-internet-access-vpn. ==> Restart building private-internet-access-vpn ? [y/N]

Cavsfan commented on 2017-01-07 22:48 (UTC) (edited on 2017-01-07 22:51 (UTC) by Cavsfan)

@flamusdio This was odd. I figured since Svante got it to work I updated it and entered 'sudo pia -a' (I got some errors that I did not notate) and rebooted. I tried one and it got errors. So I had to manually move the config files from /etc/openvpn to /etc/openvpn/client. Then I had to manually tell each of the 36 config files that ca.rsa.2048.crt and crl.rsa.2048.pem were now in the client directory. Then I had to manually update my 36 aliases with the new client directory too. After doing all that it worked. I have always used an alias in a terminal and left that open as long as necessary. It there supposed to be a GUI way of running this. I don't mind the CLI way but, just asking.

Svante commented on 2017-01-07 19:27 (UTC)

@flamusdio Doesn't matter now. I ran 'sudo pia -a' and rebootet. It works fine now :-)

flamusdiu commented on 2017-01-07 19:06 (UTC)

@Svante: /etc/private-internet-access-vpn/pia.conf

Svante commented on 2017-01-07 09:12 (UTC)

@flamusdiu I have updated two computers now with the same problem. Am I the only one with this problem? Can't find pia.conf. Where is this file located?

flamusdiu commented on 2017-01-06 18:27 (UTC)

@Svante, can you post your pia.conf and which ever OpenVPN configuration file you are using?

Svante commented on 2017-01-06 06:03 (UTC)

@flamusdio It says something like "country" VPN-connection didn't succeed and VPN-connection was stopped. I'm using Manjaro KDE.

flamusdiu commented on 2017-01-06 03:41 (UTC)

@Cavsfan: yes, I have fixed the change OpenVPN made already.

Cavsfan commented on 2017-01-05 23:02 (UTC)

And without updating PIA still seems to work well.

Cavsfan commented on 2017-01-05 22:59 (UTC) (edited on 2017-01-05 23:01 (UTC) by Cavsfan)

I've got that package on hold after I seen atrotors statement. Openvpn was recently updated. I got this message when I updated openvpn: This upgrade from openvpn 2.3.14-1 to openvpn 2.4.0-2 made changes that require administrative interaction: -> Configuration is expected in sub directories now. Move your files from /etc/openvpn/ to /etc/openvpn/server/ or /etc/openvpn/client/. -> The plugin lookup path changed, remove extra 'plugins/' from relative paths. -> The systemd unit openvpn@.service was replaced with openvpn-client@.service and openvpn-server@.service. Restart and reenable accordingly. I hope this helps.

flamusdiu commented on 2017-01-05 22:07 (UTC)

Svante: can you give me more information on what happens when you try and connect?

Svante commented on 2017-01-05 08:43 (UTC) (edited on 2017-01-05 10:11 (UTC) by Svante)

After the update today, I can't connect to VPN's anymore :-(

atrotors commented on 2017-01-01 02:25 (UTC)

systemctl start openvpn@YOUR_CITY doesn't work with new openvpn update. you need to do openvpn-clien@YOUR_CITY and put conf files in /etc/openvpn/client dev branch is already doing this, use that until this merges

flamusdiu commented on 2016-12-31 04:21 (UTC)

@Hydeh: just kill the OpenVPN process to disconnect from the tunnel. Not really any other way if running OpenVPN directly.

Hydeh commented on 2016-11-16 15:26 (UTC)

@flamusdiu ok so I backed up my files uninstalled private-internet-access-vpn-3.2.2-1 then re-installed pia and everything installed, I just used the command "makepkg -si" to install pia, I had no issue with the installation then I moved the login.conf to the "private-internet-access" folder in the /etc/ dir and then I ran the "pia -a" command through my root account and it worked just fine, So in my /etc/ dir I have only one folder for pia "private-internet-access" no others. I have another question once I connected to a server and closed the terminal I used to make that connection how do I diconnect from it?

flamusdiu commented on 2016-11-16 08:17 (UTC)

@Hydeh: That's odd. Can you uninstall PIA and archive the folder(s)? Then, reinstall it? I want to make sure there isn't some issue where the app is creating the extra folder.

Hydeh commented on 2016-11-15 10:42 (UTC)

@flamusdiu Hi, so I left working on this for a little bit, and after coming back to it I found the problem and fix it and now the vpn is fully working my problem was something really silly there were 2 folder in /etc/ and all I had to do was copy the login.conf file to the 2nd pia folder and now it works fine, thank you :)

Hydeh commented on 2016-10-31 16:46 (UTC) (edited on 2016-11-01 05:30 (UTC) by Hydeh)

@flamusdiu after trying with Sweden.conf at the end I get this output,"Options error: --auth-user-pass fails with '/etc/private-internet-access/login.conf': No such file or directory Options error: Please correct these errors" I must have set it up wrong but I followed your instruction 1, create a login.conf file 2, give it the 0600 permissions so only the root user and root group owns it 3, have only 2 lines top line for username and bottom line for password nothing else, right?

flamusdiu commented on 2016-10-30 07:56 (UTC)

@Hydeh: make sure you choose a endpoint at then end. For example: sudo openvpn --config /etc/private-internet-access-vpn/US_East.conf It's probably giving the error since the end point conf file. OpenVPN will create/bring up the TUN/TAP device for you.

Hydeh commented on 2016-10-29 22:13 (UTC)

@flamusdiu I tried it again and I'm gettng a different error this time, so I typed in "sudo openvpn --config /etc/private-internet-access-vpn/" and got this output "Options error: You must define TUN/TAP device (--dev)" I don't know if you may know how to set the TUN/TAP device but atleast things are progressing. I think deleting that extra PIA file helped resolve the previous error, thank you :D

flamusdiu commented on 2016-10-28 21:15 (UTC)

@Hydeh running OpenVPN just makes sure the configuration is set right. Now, this really only matters if you are using Connman since most of the OpenVPN options are set within NetworkManager's conf files (it doesn't use the OpenVPN configurations at all). Usually running the OpenVPN command provides feedback if there is an issue with this package.

Hydeh commented on 2016-10-27 16:37 (UTC)

@flamusdiu I created the login.conf file yes, I havan't run sudo openvpn --config /etc/openvpn/sweden.conf/ yet I didn't know I was suppose to run that, after typing sudo openvpn --config /etc/openvpn/sweden.conf' what do I do after that?

flamusdiu commented on 2016-10-27 15:28 (UTC)

@Hydeh, Thanks you for posting it. It looks right. Did you create the login.conf? Does OpenVPN ask you for your username/password when running 'sudo openvpn --config /etc/openvpn/sweden.conf'?

Hydeh commented on 2016-10-26 23:54 (UTC)

@flamusdiu client dev tun proto udp remote sweden.privateinternetaccess.com 1197 resolv-retry infinite nobind persist-key persist-tun cipher aes-256-cbc auth sha256 tls-client remote-cert-tls server auth-user-pass /etc/private-internet-access/login.conf comp-lzo verb 1 reneg-sec 0 crl-verify /etc/openvpn/crl.rsa.4096.pem ca /etc/openvpn/ca.rsa.4096.crt disable-occ auth-nocache script-security 2 up /etc/openvpn/update-resolv-conf.sh down /etc/openvpn/update-resolv-conf.sh

flamusdiu commented on 2016-10-26 01:11 (UTC) (edited on 2016-10-26 01:15 (UTC) by flamusdiu)

@Hydeh:Copy/Paste one from '/etc/openvpn' Umm,OTH, you shouldn't have a '/etc/PIA/private-internet-access-vpn' folder. It should be '/etc/private-internet-access'.

Hydeh commented on 2016-10-25 19:48 (UTC)

When I cd to this location "/etc/PIA/private-internet-access-vpn/" there are 2 openvpn.zip files, do I un-zip one and copy the details of them when they are un-zipped? Or do I go to "/etc/openvpn/" and copy paste one of the files from there here?

flamusdiu commented on 2016-10-25 18:55 (UTC)

@Hydeh: can you post one of the OpenVPN configs?

Hydeh commented on 2016-10-25 00:02 (UTC)

@flamusdiu Hi flamusdiu thank you for the help thus far, I managed to solve the issue with the traceback error by just uninstalling NetworkManager, OpenVPN, and Pia then reinstalling them all again one of the commenters below had the same issue and solved it the same way, but when running the command "pia -a" it can't find the login.conf file, that file only has 2 lines like you said was needed for pia to recognize the details have you ever encountered this problem and do you know of any solution and if anyone reading this maybe able to help I would appreciate it.

flamusdiu commented on 2016-10-18 18:34 (UTC)

@Svante: haha, that's good. Seems, my laptop is crashed atm. Going to be a little bit to get it working. I have some more things to fix too.

Svante commented on 2016-10-18 05:54 (UTC)

After the latest update, my problem is solved :-) Thank you, @flamusdiu

commented on 2016-10-16 13:45 (UTC)

Thank you for your passion, flamusdiu.

flamusdiu commented on 2016-10-16 12:50 (UTC)

Finally got the latest version pushed. I'll keep working on the problems as well.

flamusdiu commented on 2016-10-16 08:20 (UTC)

@Light2Yellow: That is NOT intended. Working on setting up docker on my window's box to work on the issue. I really, really want to put Arch on this laptop but I am in school and don't want to break the laptop (first install on new hardware could have issues).

simthadim commented on 2016-10-16 03:04 (UTC) (edited on 2016-10-16 03:07 (UTC) by simthadim)

Thank you very much for your work. Unfortunately the certificate issue is still there in 3.2-1, see your comment (commented on 2016-10-04 17:54). On a side note, I can connect if I change the config files to 2048 keychains, but for some reason my browsers will not work. ping -c3 www.google.com yields a great result. in Chrome/Firefox --> www.google.com yields a timeout (keeps hanging at 'establishing secure connection'). You guys know what this may be?

Svante commented on 2016-10-12 05:53 (UTC)

Hi. I don't know if it's a problem with the package, but I can't connect. I have installed Private Internet Access on my Computer. I have followed the installation guide from Arch. I can see all the VPN networks, but when I try to connect to any of them, I get an error that says something like "the service that delivered the VPN connection is stopped". I have never seen this error before. I have another computer, that doesn't get this error. What could be wrong?

commented on 2016-10-05 10:00 (UTC)

@flamusdiu it didn't solve the issue, unfortunately. Created a conf, ran sudo pia -a, both login.conf and pia.conf are owned by root, nm was restarted. Still when I edit one of the vpn connections through nm gui it shows me my login, no password and no certificate. However, if I manually enter the password (in the gui) and choose 2048 crt it connects normally. Is this intended?

flamusdiu commented on 2016-10-04 17:55 (UTC)

@Hydeh: oops, try "Sweden" instead. I think that's a capitalization problem. Let me know if that works for you.

flamusdiu commented on 2016-10-04 17:54 (UTC)

@Pikr: sorry about that issue. I have fixed it in 3.2.1; however, I can't update the PKG on AUR just yet to push the new version.

Hydeh commented on 2016-10-04 12:23 (UTC) (edited on 2016-10-04 13:43 (UTC) by Hydeh)

@pikr @flamusdiu What is the scripts for connecting to a server I've been using "pia -a sweden" Am I doing something wrong here? Everytime I run pia -a sweden I get this message. Traceback (most recent call last): File "/usr/bin/pia", line 11, in <module> load_entry_point('pia==3.0', 'console_scripts', 'pia')() File "/usr/lib/python3.5/site-packages/pkg_resources/__init__.py", line 567, in load_entry_point return get_distribution(dist).load_entry_point(group, name) File "/usr/lib/python3.5/site-packages/pkg_resources/__init__.py", line 2604, in load_entry_point return ep.load() File "/usr/lib/python3.5/site-packages/pkg_resources/__init__.py", line 2264, in load return self.resolve() File "/usr/lib/python3.5/site-packages/pkg_resources/__init__.py", line 2270, in resolve module = __import__(self.module_name, fromlist=['__name__'], level=0) File "/usr/lib/python3.5/site-packages/pia/__init__.py", line 21, in <module> from . import utils, run File "/usr/lib/python3.5/site-packages/pia/utils/__init__.py", line 1, in <module> from . import log, misc File "/usr/lib/python3.5/site-packages/pia/utils/log.py", line 21, in <module> from pia.conf import settings File "/usr/lib/python3.5/site-packages/pia/conf/__init__.py", line 19, in <module> from . import properties, settings File "/usr/lib/python3.5/site-packages/pia/conf/properties.py", line 302, in <module> props = Props() # creates global property object File "/usr/lib/python3.5/site-packages/pia/conf/properties.py", line 60, in __init__ self._pia_hosts_list = get_pia_hosts_list() File "/usr/lib/python3.5/site-packages/pia/conf/properties.py", line 296, in get_pia_hosts_list h, d = host.replace('\n', '').split(',') ValueError: not enough values to unpack (expected 2, got 1)

pikr commented on 2016-10-04 10:38 (UTC) (edited on 2016-10-04 11:09 (UTC) by pikr)

EDIT: solved my Problem by setting the certificate in Settings>Network>Switzerland>identity>certificate to ca.rsa.2048.crt (ca.rsa.4096.crt doesn't work). Still don't know if it is intended to work that way. Hi, so I followed the guide on the arch wiki (https://wiki.archlinux.org/index.php/Private_Internet_Access_VPN) and I can't connect to any server with the networkmanager applet (nothing happens). So I try to launch a connexion manually as explained in the wiki and I got the following error(s): Options error: --ca fails with '/etc/openvpn/ca.rsa.2096.crt': No such file or directory Options error: --crl-verify fails with '/etc/openvpn/crl.rsa.2096.pem': No such file or directory Options error: Please correct these errors. So I looked in /etc/openvpn/ and there are indeed just the files crl.rsa.2048.crt/pem and crl.rsa.4096.crt/pem. Next thing I did is changing /etc/openvpn/Switzerland.conf so that the lines: crl-verify /etc/openvpn/crl.rsa.2096.pem ca /etc/openvpn/ca.rsa.2096.crt now contained 4096 instead of 2096. Didn't work. Changed it to 2048 and this time it worked. (it connects and typing 'what is my ip' on google shows Switzerland) The problem now is I can only connect through the command-line which isn't that handy (and I have to change all the .conf files). Any Idea on how i could get it to work through nm-applet? My pia.conf file: [pia] openvpn_auto_login=true

flamusdiu commented on 2016-10-03 16:55 (UTC)

@Hydeh: I don't use nmcli to configure NM. I generate the configuration through a python script (python-pia) and place them where NM expect them. Then, they should populate in NM. @Light2Yellow: At a min, you need to create pia.conf with the following informaiton: [pia] openvpn_auto_login=true Then, run pia -a.

commented on 2016-10-03 11:43 (UTC)

In nm, different vpn connections are no longer populated with needed information (for example, the lack of password) and so it's no longer possible to just choose your vpn connection and it'll work. I don't use pia.conf, my login.conf is configured according to archwiki.

Hydeh commented on 2016-10-03 10:30 (UTC) (edited on 2016-10-03 11:14 (UTC) by Hydeh)

@flamusdiu So I've been looking through the scripts for nmcli and I have no idea how to use that to configure NetworkManager and in turn configure PIA, what are the scripts I would use to configure PIA on the GNOME Dev fourm about nmcli there is nothing on using nmcli to configure PIA, I lost at this point This is the source I was using https://developer.gnome.org/NetworkManager/stable/nmcli.html

Cavsfan commented on 2016-10-02 19:41 (UTC)

@flamusdiu, I thought that was where you had to put the hosts for pia -a to find them. I thought it only build conf files for the hosts in that file. If not there is there any where else we need to add the hosts or is it done automatically? I'll try strong with 1197 but, I could not find the PKGBUILD with which to build a working version. I tried but, ended up with the same thing I had before. I'll wait until you get back and can push a PKG update. Thanks and sorry for butting in.

flamusdiu commented on 2016-10-02 19:00 (UTC)

Updated Issue #17: https://github.com/flamusdiu/python-pia/issues/17 Looks like I will be able to fix it as soon as I can get to my Linux box.

flamusdiu commented on 2016-10-02 18:53 (UTC)

I added it here -> https://github.com/flamusdiu/python-pia/releases/tag/v3.0 Did some other fixes later on. If strong encryption isn't working, please let me know. Or better yet, post an issue on GitHub.

flamusdiu commented on 2016-10-02 18:50 (UTC)

@Cavsfan: Strong *should* be working. That one uses 1197. Also, why do you list all the hosts in your configuration?

Cavsfan commented on 2016-10-02 18:46 (UTC)

@MrOats, you need to change openvpn_auto_login = False to True This will not require password. Also port = UDP/1198 This is the correct port to use. As flamusdiu said pia -l will list all the valid locations, some drop off and some are added. I believe strong_encryption is not working but, I could be wrong. Here's the contents of my /etc/private-internet-access/pia.conf file: [pia] openvpn_auto_login = True strong_encryption = False [configure] apps = cm hosts = AU Melbourne, AU Sydney, Brazil, CA Montreal, CA Toronto, Denmark, Finland, France, Germany, Hong Kong, India, Ireland, Israel, Italy, Japan, Mexico, Netherlands, New Zealand, Norway, Romania, Singapore, Sweden, Switzerland, Turkey, UK London, UK Southampton, US California, US Chicago, US East, US Florida, US Midwest, US New York City, US Seattle, US Silicon Valley, US Texas, US West port = UDP/1198

MrOats commented on 2016-10-02 17:44 (UTC)

It also does not set the correct 1197 port for NetworkManager

MrOats commented on 2016-10-02 17:30 (UTC)

The network manager configuration seems to not include the password or certificate file when doing pia -a. [pia] openvpn_auto_login = False strong_encryption = True [configure] apps = nm hosts = Brazil, US Chicago, US Seattle, US East, US Midwest, US West

flamusdiu commented on 2016-10-01 18:30 (UTC)

@Cavsfan: I see. Just merged the fix. I can't push a PKG update just yet due to traveling but you can use the Version 3.2.1 in the PKGBUILD for now.

Cavsfan commented on 2016-10-01 16:17 (UTC)

@flamusdiu, What toppy reported: Checked the .conf files ... full path to crt and pem is there but they are listed as ...2096.crt (.pem) .. whoops ! :-) Should be 2048 or 4096. I get this same error. the file names are wrong and I cannot edit the file or it still doesn't work. I'm using the non-dev version. Am I supposed to be using the dev version? Thank you!

flamusdiu commented on 2016-10-01 10:56 (UTC)

Dev version -> https://aur.archlinux.org/packages/private-internet-access-vpn-dev/ You can submit issues on Github -> https://github.com/flamusdiu/python-pia

flamusdiu commented on 2016-10-01 10:44 (UTC) (edited on 2016-10-01 10:51 (UTC) by flamusdiu)

@Kakashi, oops that was a fix up stream breaking that. Edit: Removed patch.

Kakashi-sensei commented on 2016-10-01 04:51 (UTC)

-> Patching update-resolv-conf ... patching file /tmp/yaourt-tmp-james/aur-private-internet-access-vpn/src/openvpn-update-resolv-conf/update-resolv-conf.sh Reversed (or previously applied) patch detected! Skipping patch. 1 out of 1 hunk ignored -- saving rejects to file /tmp/yaourt-tmp-james/aur-private-internet-access-vpn/src/openvpn-update-resolv-conf/update-resolv-conf.sh.rej ==> ERROR: A failure occurred in prepare().

flamusdiu commented on 2016-10-01 01:04 (UTC)

@Cavsfan: which error was that? I was looking through the comments but I only notice the mis-named files (which was fixed).

Cavsfan commented on 2016-09-30 20:45 (UTC)

@flamusdiu: I corrected the place names in /etc/private-internet-access/pia.conf and pia -a ran OK. But, am now getting the same error that toppy got. And you cannot edit the file to correct it either.

flamusdiu commented on 2016-09-29 20:56 (UTC)

@Hydeh: there is a ubuntu installer (which this is not). This uses either NetworkManager or Conman as the GUI. As for the 'apps' option, it's not required, but allows you to configure a single application (instead of both applications for those that wanted to do that). I added the info to the Wiki since it was missing. Also, port 80 isn't working for me, so the application won't configure it. However, you can also run 'pia -a' then manually change the port in the configuration file found under /etc/openvpn/ and let me know if it works for you.

Hydeh commented on 2016-09-29 20:05 (UTC)

@flamusdiu ok, I have more questions, can I use PIA with the GUI that one would get with the windows version of PIA? And if I create a new pia.conf file with these settings would that be enough for me to connect to a swedish server? [pia] openvpn_auto_login = True [configure] apps = cm hosts = Sweden port = 80 also what is this "apps = cm"?

flamusdiu commented on 2016-09-29 19:09 (UTC) (edited on 2016-09-29 19:11 (UTC) by flamusdiu)

@Cavsfan: haha, well, must have vanished. =P yes, the OpenVPN configurations should be 600 readable by root only.

flamusdiu commented on 2016-09-29 19:09 (UTC)

@Hydeh: you need to make any configuration changes you want to customize your installation in /etc/private-internet-access/pia.conf and if you want to auto-login, create your login creds in /etc/private-internet-access/login.conf , then run 'pia -a' to generate your configs.

Cavsfan commented on 2016-09-29 17:39 (UTC)

That was CA_North_York (North York, Toronto, ON, Canada) not New York City. :P But, thanks for the way to find out what hosts there are. I'll make note of that.

Hydeh commented on 2016-09-29 17:39 (UTC)

@flamusdiu I followed the wiki like you said and managed to complete the installation, are there any other steps I need to take after installation? I've tried opening the the icon launcher from the application menu and it does nothing.

Cavsfan commented on 2016-09-29 17:31 (UTC)

Ok, tried California and got the same error toppy got: Options error: --ca fails with '/etc/openvpn/ca.rsa.2096.crt': No such file or directory Options error: --crl-verify fails with '/etc/openvpn/crl.rsa.2096.pem': No such file or directory In the /etc/openvpn/ directory it only has these: ca.rsa.2048.crt, ca.rsa.4096.crt and crl.rsa.2048.pem, crl.rsa.4096.pem. Also the conf file has this in it and I'm not sure about the script-security 2 part. It did give me a warning about other scripts being able to be executed by this script. Or something to that effect. client dev tun proto udp remote us-california.privateinternetaccess.com 1198 resolv-retry infinite nobind persist-key persist-tun cipher aes-128-cbc auth sha1 tls-client remote-cert-tls server auth-user-pass /etc/private-internet-access/login.conf comp-lzo verb 1 reneg-sec 0 crl-verify /etc/openvpn/crl.rsa.2096.pem ca /etc/openvpn/ca.rsa.2096.crt disable-occ auth-nocache script-security 2 up /etc/openvpn/update-resolv-conf.sh down /etc/openvpn/update-resolv-conf.sh I was also wondering if all of these conf files in /etc/openvpn/ are supposed to be only viewable by root?

flamusdiu commented on 2016-09-29 17:26 (UTC) (edited on 2016-09-29 17:27 (UTC) by flamusdiu)

Oh, you can check which VPNs hosts are usable by looking in /etc/private-internet-access/vpn-hosts.txt or 'pia -l'

flamusdiu commented on 2016-09-29 17:26 (UTC)

CA_NEW_YORK should really be US_NEW_YORK_CITY =P

Cavsfan commented on 2016-09-29 17:15 (UTC)

@flamusdiu OK, thanks I'll remember not to reboot from now on. You were right that one was the only one that errored; guess that one dropped off the list. It would have been nice to know that in advance, but then again if we wanted everything to be easy we wouldn't be running Arch Linux would we lol? I have one more little issue. let me try it and I'll get back to you.

flamusdiu commented on 2016-09-29 17:09 (UTC)

@Cavsfan: also, you don't need to reboot when you re-install it.

Cavsfan commented on 2016-09-29 17:03 (UTC)

OK I'll skip that one and see what happens. Thanks flamusdiu

kleshas commented on 2016-09-29 16:58 (UTC) (edited on 2016-09-29 17:01 (UTC) by kleshas)

Cavsfan - I don't have a CA_North_York.conf file (and the pia -a CA_North_York command failed with the same error as yours). I checked pia -a Montreal and it worked fine.

Cavsfan commented on 2016-09-29 16:34 (UTC)

@flamusdiu I installed the non-dev version and rebooted. Then I went about building the conf files one by one and when it hit CA_North_York, it still got errors: $ sudo pia -a CA_North_York Traceback (most recent call last): File "/usr/bin/pia", line 11, in <module> load_entry_point('pia==3.1b0', 'console_scripts', 'pia')() File "/usr/lib/python3.5/site-packages/pia/command_line.py", line 23, in main pia.run.run() File "/usr/lib/python3.5/site-packages/pia/run.py", line 55, in run [globals()[k]() for k, v in props.commandline.__dict__.items() if File "/usr/lib/python3.5/site-packages/pia/run.py", line 56, in <listcomp> not k == 'hosts' and getattr(props.commandline, k, None)] File "/usr/lib/python3.5/site-packages/pia/run.py", line 104, in auto_configure app.config(config) File "/usr/lib/python3.5/site-packages/pia/applications/appstrategy.py", line 86, in config self.app.config(config_id) File "/usr/lib/python3.5/site-packages/pia/applications/hooks.py", line 161, in config '##remote##': ApplicationStrategyOPENVPN.get_remote_address(config_id), File "/usr/lib/python3.5/site-packages/pia/applications/hooks.py", line 74, in get_remote_address return [h.fqdn for h in properties.props.default_hosts_list if h.name == re.sub('_', ' ', config_id)][0] IndexError: list index out of range

flamusdiu commented on 2016-09-29 16:33 (UTC)

@Cavlsfan: just pushed a minor fix to the Dev branch. See if that fixes the issue. =D Just remember setting the hosts from command line, you need to do one of the things: 1) encapsulate multiple words in quotes, 2) escape the space with "\", or 3) replace the space with a "_"

flamusdiu commented on 2016-09-29 15:43 (UTC)

If you are on the dev version, try the non-dev one, I think it might be a bit a head when I had some issues last night after building it.

Cavsfan commented on 2016-09-29 15:29 (UTC)

@flamusdiu I take that back, the CA_North_York conf does not work and it got the error when built.

Cavsfan commented on 2016-09-29 15:25 (UTC)

I was going to say that it still seems to work but the errors are misleading. Should I stay with the dev version or go with the non-dev version. Thanks flamusdiu!

flamusdiu commented on 2016-09-29 15:16 (UTC)

Okay, thanks for letting me know. Let me see about that one. I probably screwed it up somehow. =\

Cavsfan commented on 2016-09-29 15:10 (UTC)

I was going to build them one at a time, but the 1st that errored before still errors now: $ sudo pia -a CA_North_York Traceback (most recent call last): File "/usr/bin/pia", line 11, in <module> load_entry_point('pia==3.1b0', 'console_scripts', 'pia')() File "/usr/lib/python3.5/site-packages/pia/command_line.py", line 23, in main pia.run.run() File "/usr/lib/python3.5/site-packages/pia/run.py", line 55, in run [globals()[k]() for k, v in props.commandline.__dict__.items() if File "/usr/lib/python3.5/site-packages/pia/run.py", line 56, in <listcomp> not k == 'hosts' and getattr(props.commandline, k, None)] File "/usr/lib/python3.5/site-packages/pia/run.py", line 104, in auto_configure app.config(config) File "/usr/lib/python3.5/site-packages/pia/applications/appstrategy.py", line 86, in config self.app.config(config_id) File "/usr/lib/python3.5/site-packages/pia/applications/hooks.py", line 161, in config "##remote##": ApplicationStrategyOPENVPN.get_remote_address(config_id), File "/usr/lib/python3.5/site-packages/pia/applications/hooks.py", line 74, in get_remote_address return [h.fqdn for h in properties.props.default_hosts_list if h.name == re.sub('_', ' ', config_id)][0] IndexError: list index out of range

Cavsfan commented on 2016-09-29 14:40 (UTC)

@flamusdiu I just tried sudo openvpn --config /etc/openvpn/AU_Melbourne.conf and it worked. Wonder why it won't work with all the locations.

Cavsfan commented on 2016-09-29 14:30 (UTC)

pia -a does not work for all of the location provided by pia: sudo pia -a AU_Melbourne AU_Sydney Brazil CA_North_York CA_Toronto Denmark Finland France Germany Hong_Kong India Ireland Israel Italy Japan Mexico Netherlands New_Zealand Norway Romania Singapore Sweden Switzerland Turkey UK_London UK_Southampton US_California US_East US_Florida US_Midwest US_New_York_City US_Seattle US_Silicon_Valley US_Texas US_West I tried dropping one by one and when I added the first 4 - pia -a AU_Melbourne AU_Sydney Brazil CA_North_York It got this error (same as when I add more): Traceback (most recent call last): File "/usr/bin/pia", line 11, in <module> load_entry_point('pia==3.1b0', 'console_scripts', 'pia')() File "/usr/lib/python3.5/site-packages/pia/command_line.py", line 23, in main pia.run.run() File "/usr/lib/python3.5/site-packages/pia/run.py", line 55, in run [globals()[k]() for k, v in props.commandline.__dict__.items() if File "/usr/lib/python3.5/site-packages/pia/run.py", line 56, in <listcomp> not k == 'hosts' and getattr(props.commandline, k, None)] File "/usr/lib/python3.5/site-packages/pia/run.py", line 104, in auto_configure app.config(config) File "/usr/lib/python3.5/site-packages/pia/applications/appstrategy.py", line 86, in config self.app.config(config_id) File "/usr/lib/python3.5/site-packages/pia/applications/hooks.py", line 161, in config "##remote##": ApplicationStrategyOPENVPN.get_remote_address(config_id), File "/usr/lib/python3.5/site-packages/pia/applications/hooks.py", line 74, in get_remote_address return [h.fqdn for h in properties.props.default_hosts_list if h.name == re.sub('_', ' ', config_id)][0] When I dropped of the 4th one and went with 3, it did not error - sudo pia -a AU_Melbourne AU_Sydney Brazil I did not create the conf files with pia -a I used before but and am now and cannot get it to work.

flamusdiu commented on 2016-09-29 14:22 (UTC)

For /etc/openvpn/US_California.conf: client dev tun proto udp remote us-california.privateinternetaccess.com 1198 resolv-retry infinite nobind persist-key persist-tun cipher aes-128-cbc auth sha1 tls-client remote-cert-tls server auth-user-pass /etc/private-internet-access/login.conf comp-lzo verb 1 reneg-sec 0 crl-verify /etc/openvpn/crl.rsa.2048.pem ca /etc/openvpn/ca.rsa.2048.crt Should look like that. When you run 'pia -a' with 'openvpn_auto_login' set to true, then it should auto configure the 'auth-user-pass' for you. The crl-verify and ca should be setup when it installs. disable-occ

flamusdiu commented on 2016-09-29 00:30 (UTC)

If it's asking for the user name, then you didn't either 1) run pia -a or 2) on the auth-pass line of the config, you need to put the full path to your login creds. The cache password warning is because the default configs on the PIA website do not have the no cache option in it.

Cavsfan commented on 2016-09-28 22:21 (UTC)

@flamusdiu Tried adding full path to both crt and pem and it then asked for my uid and password. I had the 2048 and 2096 files but once I entered the uid and password. It could not connect to anything. It gave a msg that it could be caching my password and to use an option so it would not be cached, but I know it's supposed to read the uid and password from /etc/private-internet-access/login.conf. I am using the dev version (private-internet-access-vpn-dev 3.1b-1) if that matters.

toppy commented on 2016-09-28 22:02 (UTC)

@flamusdiu Just updated and unable to connect to PIA Checked the .conf files ... full path to crt and pem is there but they are listed as ...2096.crt (.pem) .. whoops ! :-) Should be 2048 or 4096 Thanks flamusidiu

flamusdiu commented on 2016-09-28 19:44 (UTC)

For the CA certs, you need the full path in the config files.

Cavsfan commented on 2016-09-28 17:07 (UTC)

I tried kleshas' suggestion and went back to the dev version that works. I got the conf files from the website like kleshas mentioned, but I had to change each extension on each and add an underscore so it was continuous: e.g. US California.ovpn I changed to US_California.conf, etc. Here is my alias for this one: alias california='sudo openvpn --config /etc/openvpn/US_California.conf' I rebooted and tried it and it got these errors: $ california [sudo] password for cavsfan: Options error: --ca fails with 'ca.rsa.2048.crt': No such file or directory Options error: --crl-verify fails with 'crl.rsa.2048.pem': No such file or directory Options error: Please correct these errors. Use --help for more information. Here is my /etc/openvpn/pia.conf: [pia] openvpn_auto_login = True [configure] apps = cm hosts = AU Melbourne, AU Sydney, CA North York, CA Toronto, Denmark, Finland, France, Germany, Hong Kong, India, Ireland, Israel, Italy, Japan, Mexico, Netherlands, New Zealand, Norway, Romania, Singapore, Sweden, Switzerland, Turkey, UK London, UK Southampton, US East, US Florida, US Silicon Valley, US Midwest, US Texas, US California, US New York City, US West, US Seattle, port = UDP/1198 And here is my /etc/openvpn/US_California.conf: client dev tun proto udp remote us-california.privateinternetaccess.com 1198 resolv-retry infinite nobind persist-key persist-tun cipher aes-128-cbc auth sha1 tls-client remote-cert-tls server auth-user-pass comp-lzo verb 1 reneg-sec 0 crl-verify crl.rsa.2048.pem ca ca.rsa.2048.crt disable-occ It errored on crl.rsa.2048.pem and ca.rsa.2048.crt even though they are both in the folder: /etc/openvpn/crl.rsa.2048.pem /etc/openvpn/ca.rsa.2048.crt Perhaps I should have done something else? pia -a did not work on all of the places. Let me know if you need anything else and if I should do anything else.

flamusdiu commented on 2016-09-28 15:12 (UTC) (edited on 2016-09-28 15:17 (UTC) by flamusdiu)

@Cavsfan: I tried 2.9 but that didn't work. It was giving me the same error. Can you post your OpenVPN config and alias, please?

Cavsfan commented on 2016-09-28 14:08 (UTC)

I initially installed private-internet-access-vpn version 2.9-2 and it worked fine using my aliases to connect through terminal and then leave that running while using it. It used port 80 by default. It wasn't until yesterday that I upgraded private-internet-access-vpn (2.9-2 -> 3.0-2) and that's when it would no longer work.

flamusdiu commented on 2016-09-28 13:16 (UTC)

Looks like 2.9 and 2.8.2 also have the same issue =(

flamusdiu commented on 2016-09-28 12:58 (UTC)

Looks like there is something different in the OpenVPN binaries on both the Window and Android clients that allow it to work over the other ports. It doesn't seem to handshake the same way. In Windows, I couldn't even see the handshake in Wireshark. So frustrating.

flamusdiu commented on 2016-09-28 10:37 (UTC)

The only one that I would probably use is 8080 because some ISP actually speed that up. 8080 is used by some proxies and for some odd reason they do that. Other then that you probably wouldn't. My issue is why the heck does it work on my Phone with the different points but not using OpenVPN directly? OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed => Points to a mismatched certification on that port. I'll have to keep digging.

kleshas commented on 2016-09-28 06:29 (UTC)

Can you speak to why one would want to choose TCP/502 over UDP/1198 beyond the possible port blocking by an ISP?

flamusdiu commented on 2016-09-28 05:36 (UTC)

Well, so far only the following ports seem to work for me: default = TCP/502, UDP/1198 strong encryption configs => TCP/501, UDP/1197

flamusdiu commented on 2016-09-28 05:12 (UTC)

For some reason the Android version allows connections over port 80, but apparently something missing for it to work here. I'll keep looking to find a solution.

flamusdiu commented on 2016-09-28 04:49 (UTC) (edited on 2016-09-28 04:50 (UTC) by flamusdiu)

Odd, let me check the ports, they should work. PIA uses different ports depending on what you need. Port 1198 is just the default. Ports 80, 8080, 443, and a few others work as well. However, strong encryption only uses 1197.

kleshas commented on 2016-09-27 23:46 (UTC) (edited on 2016-09-27 23:47 (UTC) by kleshas)

@Cavsfan - same error that I got. Check the .conf in /etc/openvpn that you use. Make sure it's udp, port 1198, sha1, aes-128-cbc, 2048 for the pem and crt. That's what fixed the error in dev for me. I checked these settings by downloading the ovpns from the pia site - Support/Client Download and Support/EASY Setup Guides.. (bottom of page)/Advanced OpoenVPN SSL Usage Guides/OpenVPN Configuration Files (Recommended Defaults) and making sure that was the same as the .conf in /etc/openvpn. Looks like you've got port 80 in the .conf, like I did, when port 1198 is what works.

Cavsfan commented on 2016-09-27 21:52 (UTC)

OK, so I installed the non-dev and tried US east with non-strong and it could not connect. I have this alias: alias east='sudo openvpn --config /etc/openvpn/US_East.conf' I get this error over and over again: $ east Tue Sep 27 17:42:57 2016 OpenVPN 2.3.12 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Aug 24 2016 Tue Sep 27 17:42:57 2016 library versions: OpenSSL 1.0.2i 22 Sep 2016, LZO 2.09 Tue Sep 27 17:42:57 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Tue Sep 27 17:42:57 2016 Attempting to establish TCP connection with [AF_INET]209.222.18.35:80 [nonblock] Tue Sep 27 17:42:58 2016 TCP connection established with [AF_INET]209.222.18.35:80 Tue Sep 27 17:42:58 2016 TCPv4_CLIENT link local: [undef] Tue Sep 27 17:42:58 2016 TCPv4_CLIENT link remote: [AF_INET]209.222.18.35:80 Tue Sep 27 17:42:58 2016 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=OH, L=Columbus, O=Private Internet Access, CN=Private Internet Access CA, emailAddress=secure@privateinternetaccess.com Tue Sep 27 17:42:58 2016 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed Tue Sep 27 17:42:58 2016 TLS_ERROR: BIO read tls_read_plaintext error Tue Sep 27 17:42:58 2016 TLS Error: TLS object -> incoming plaintext read error Tue Sep 27 17:42:58 2016 TLS Error: TLS handshake failed Tue Sep 27 17:42:58 2016 Fatal TLS error (check_tls_errors_co), restarting Tue Sep 27 17:42:58 2016 SIGUSR1[soft,tls-error] received, process restarting Tue Sep 27 17:43:03 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Tue Sep 27 17:43:03 2016 Attempting to establish TCP connection with [AF_INET]108.61.68.154:80 [nonblock] Tue Sep 27 17:43:04 2016 TCP connection established with [AF_INET]108.61.68.154:80 Tue Sep 27 17:43:04 2016 TCPv4_CLIENT link local: [undef] Tue Sep 27 17:43:04 2016 TCPv4_CLIENT link remote: [AF_INET]108.61.68.154:80 Tue Sep 27 17:43:05 2016 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=OH, L=Columbus, O=Private Internet Access, CN=Private Internet Access CA, emailAddress=secure@privateinternetaccess.com Tue Sep 27 17:43:05 2016 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed Tue Sep 27 17:43:05 2016 TLS_ERROR: BIO read tls_read_plaintext error Tue Sep 27 17:43:05 2016 TLS Error: TLS object -> incoming plaintext read error Tue Sep 27 17:43:05 2016 TLS Error: TLS handshake failed Tue Sep 27 17:43:05 2016 Fatal TLS error (check_tls_errors_co), restarting Tue Sep 27 17:43:05 2016 SIGUSR1[soft,tls-error] received, process restarting All I know is it worked until I updated it.

Cavsfan commented on 2016-09-27 20:54 (UTC)

I uninstalled the non-dev and installed the dev ran sudo pia -a for all the places I had before and it got about the same error. Then I ran just sudo pia -a US_West US_East and it did not error but, neither of them worked. They got an error and tried to connect again, got the same error and so on...

Cavsfan commented on 2016-09-27 20:31 (UTC)

I upgraded and get this error: $ sudo pia -a Traceback (most recent call last): File "/usr/bin/pia", line 11, in <module> load_entry_point('pia==3.0', 'console_scripts', 'pia')() File "/usr/lib/python3.5/site-packages/pia/command_line.py", line 23, in main pia.run.run() File "/usr/lib/python3.5/site-packages/pia/run.py", line 59, in run [globals()[k]() for k, v in props.commandline.__dict__.items() if File "/usr/lib/python3.5/site-packages/pia/run.py", line 60, in <listcomp> not k == 'hosts' and getattr(props.commandline, k, None)] File "/usr/lib/python3.5/site-packages/pia/run.py", line 104, in auto_configure app.config(config) File "/usr/lib/python3.5/site-packages/pia/applications/appstrategy.py", line 86, in config self.app.config(config_id) File "/usr/lib/python3.5/site-packages/pia/applications/hooks.py", line 161, in config "##remote##": ApplicationStrategyOPENVPN.get_remote_address(config_id), File "/usr/lib/python3.5/site-packages/pia/applications/hooks.py", line 74, in get_remote_address return [h.fqdn for h in properties.props.pia_hosts_list if h.name == re.sub('_', ' ', config_id)][0] IndexError: list index out of range So, It doesn't work any more.

flamusdiu commented on 2016-09-27 18:51 (UTC) (edited on 2016-09-27 18:53 (UTC) by flamusdiu)

I have seen that error message before, but I haven't seen the network crash. I'll run some testing on it then. I will merge the changes tonight from the dev branch to fix the first issue and I will have to see if there is anything about the crashing. Thanks for letting me know.

kleshas commented on 2016-09-27 15:51 (UTC) (edited on 2016-09-27 16:25 (UTC) by kleshas)

@flamusdiu - I definitely ran pia -a, not -r. I just uninstalled non-dev, and installed -dev. Ran sudo pia -a, and it created the .conf in /etc/openvpn. Non-strong works fine. Same error with Strong settings (port 501, using 4096 cert and pem) - after a few seconds of torrenting, I get Authenticate/Decrypt packet error: bad packet ID and the network stack crashes. Everything is fine when browsing. I suspect this error is nothing to do with the AUR package, rather PIA itself. I'll stick with non-strong, UDP for now. Thanks for your help.

flamusdiu commented on 2016-09-27 12:03 (UTC) (edited on 2016-09-27 12:37 (UTC) by flamusdiu)

@keshas: Were you running 'pia -r' by chance? Apparently, when I added a few other things, I managed to break it which caused it to remove the certifications. Can you try again please?

flamusdiu commented on 2016-09-27 12:02 (UTC)

@Hydeh: that's using the Ubuntu based install provided by PIA. More information about this package can be read from the Wiki: https://wiki.archlinux.org/index.php/Private_Internet_Access_VPN apt-get commands are normally not handled by Arch. Although is possible to get apt-get to work, it's not recommended to run both apt-get and pacman. As for the two packages: libxss1 => libxss (which you can install using pacman -S) and libappindicator is on AUR => https://aur.archlinux.org/packages/?O=0&SeB=nd&K=libappindicator&outdated=&SB=n&SO=a&PP=50&do_Search=Go

Hydeh commented on 2016-09-27 07:05 (UTC)

Hi, have an issue with installing pia on an arch distro when I type ./pia-64v-installer.sh into the terminal it gives me this result, Extracting files... Installing dependencies... Running: sudo apt-get install -y libxss1 libappindicator1 sudo: apt-get: command not found Installation complete! Is there anyway to solve the (apt-get install -y libxss1 libappindicator1) without using the apt-get? I tried using pacman -S but had no luck there. Thanks.

kleshas commented on 2016-09-27 03:52 (UTC) (edited on 2016-09-27 04:25 (UTC) by kleshas)

the -dev app worked a little better - pia -a did create the .conf this time (unlike the non-dev version). I still get the error with certificate verify failure. Maybe that issue from a few weeks back with certificates and port 80? edit: I tried using the downloaded settings found in the ovpn files from PIA, none work (connection refused, or crashing the network stack).

flamusdiu commented on 2016-09-27 02:53 (UTC)

@cryzed/klesha: can you try https://aur.archlinux.org/packages/private-internet-access-vpn-dev/ and see if it works for you. If you have no host list in pia.conf, do a "pia -a" to generate the OpenVPN configurations.

flamusdiu commented on 2016-09-27 01:30 (UTC) (edited on 2016-09-27 01:58 (UTC) by flamusdiu)

@Kleshas: oops, sorry about that. Fixed.He's doing the revert on the AUR Git Repo (not the Github one).

cryzed commented on 2016-09-27 00:06 (UTC)

@kleshas I mentioned in my previous comment how to revert the recent changes. You can also configure "PKGDEST" in /etc/makepkg.conf to store the created package for next time.

kleshas commented on 2016-09-27 00:04 (UTC) (edited on 2016-09-27 00:11 (UTC) by kleshas)

Your github page has the wrong date after 3.0: https://github.com/flamusdiu/python-pia/releases shows 2016-10-25. Been trying to work out how to revert this package - yaourt uses /tmp for the cache as I understand it, so I cannot revert after a reboot as Arch has /tmp in RAM, and I don't see any place to download an older version. @cryzed - you just said you reverted to c145... but not how. I've no idea what that file/version is or where to get it.

flamusdiu commented on 2016-09-26 13:56 (UTC)

@cryzed: I opened an issue on the Github page for it. I'll work it out soon. You can post info there (or check the status).

flamusdiu commented on 2016-09-25 18:29 (UTC)

Well, I don't extract the OpenVPN configurations anymore because I auto-generate them. However, I messed up some of the OpenVPN stuff and forgot to actually push out the configs. I'll have to work on this later (college first!).

cryzed commented on 2016-09-25 15:26 (UTC) (edited on 2016-09-25 15:31 (UTC) by cryzed)

It's broken again... the configuration files don't get installed into /etc/openvpn for me, causing the systemd unit for OpenVPN fail to start. Reverting to c14506f20311df3c4ad30b10aab6582c2d272d3b fixes the problem temporarily. Added to IgnorePkg again for now.

flamusdiu commented on 2016-09-25 14:53 (UTC)

@Colibris: changed the protocol to fix that issue.

Colibris commented on 2016-08-24 20:35 (UTC)

Hello, For those who have an enterprise or university firewall, I suggest you to change the git protocol to the https protocol. When I do this in the PKGBUILD, I get this error message: patch: **** Can't reopen file /tmp/yaourt-tmp-colibris/aur-private-internet-access-vpn/src/openvpn-update-resolv-conf/update-resolv-conf.sh : No such file or directory I report it here as it seems to be related to the PKGBUILD. Thanks, and have a nice day!

flamusdiu commented on 2016-08-01 01:14 (UTC)

@slopechaz: Well, it doesn't happen to me and I have idea really why that is. I guess I'll remove the hooks (shrugs).

flamusdiu commented on 2016-07-30 23:01 (UTC)

@slopechaz: grr ... thought only the dev package was doing that. I will look at it when I get back tonight.

slopechaz commented on 2016-07-30 19:03 (UTC)

I get the following message; 'error: unable to run hook pia-install.hook: could not satify dependencies Transaction successfully finished. Running pia -a as root does not work

flamusdiu commented on 2016-07-26 22:17 (UTC)

Alright, I added a new package -> https://aur.archlinux.org/packages/private-internet-access-vpn-dev/ Please use Github to report issues. There isn't a changelog just yet, but plenty of changes here. This enables the "strong encryption" configs. You need to add "strong_encryption=True" under the "[pia]" section. When you do this, it will ignore any other configurations for ports, protocols, auth, and cipher. If there is any settings that work other then the defaults, please let me know.

flamusdiu commented on 2016-07-23 12:24 (UTC)

I am working on a solution to be able to switch between the "default" and "strong" encryption for those that want to use the other configuration.

flamusdiu commented on 2016-07-23 02:12 (UTC)

Cipher should be fixed for NM

rootusercyclone commented on 2016-07-20 11:31 (UTC)

What @anoa works perfectly for me

flomax commented on 2016-07-20 11:28 (UTC)

Well, that fix I suggested seems to no longer be working.. new patch must have changed something. pia.conf should indeed be blank before running "pia -a"

anoa commented on 2016-07-20 06:20 (UTC)

I managed to get it working by changing the Cipher in Network Manager's VPN Configure...> Edit <VPN Name> > VPN Tab > Advanced > Security > Cipher: Set to AES-128-CBC. Putting anything regarding the cipher in pia.conf would cause `pia -a` to fail for me.

anoa commented on 2016-07-20 06:13 (UTC)

@rootusercyclone If you're getting Messing Section Header errors copy the /etc/private-internet-access-vpn/pia-example.conf to pia.conf. You'll see the example file has section headers i.e. [pia] and [configure].

f8x2n3 commented on 2016-07-19 09:16 (UTC) (edited on 2016-07-19 09:16 (UTC) by f8x2n3)

The sha256sum of openvpn.zip is now 0ab48c38d1083362d4aaf3d7fb04ce7e1589f5a297675da6effe4f004e2e0b33.

ni3k commented on 2016-07-18 20:46 (UTC)

This is not working: private-internet-access-vpn 2.8.2-2 I had to downgrade, pls fix!

rootusercyclone commented on 2016-07-18 19:40 (UTC)

@flomax when I do that I get this error when I run "sudo pia -a": configparser.MissingSectionHeaderError: File contains no section headers. file: '/etc/private-internet-access/pia.conf', line: 1 'cipher aes-128-cbc\n'

cryzed commented on 2016-07-17 14:54 (UTC)

The openvpn.zip is again (or still) failing the validity check -- seems like upstream is making quite a few changes.

d0cc0m commented on 2016-07-17 01:24 (UTC)

It seems the openvpn.zip file is failing the validity check.. The sha256sum of the zip file is 'd318fb24aeefda24ad9057dd2955028972928172ed0b4683a10b20f0990e8180' and the sha256sum in the PKGBUILD is '9739d03ea56dff678d76c8b702c4daf51b671a805e9b8920859275bd47b094cd' Thanks!

flomax commented on 2016-07-16 16:58 (UTC) (edited on 2016-07-16 16:59 (UTC) by flomax)

@nicoroud All I did was write in that single line ("cipher aes-128-cbc") to /etc/private-internet-access/pia.conf ; sudo pia -a ; sudo systemctl restart NetworkManager.service .. no [pia] or [configure] in the file, just that single line. Worked fine on my laptop but haven't been home to try on my desktop yet.

flamusdiu commented on 2016-07-16 10:35 (UTC)

Ahh, NM. There is a pull request for the cipher addition. I didn't notice it due to me using mainly Connman. =P

SirusCloud commented on 2016-07-16 10:29 (UTC)

looks bugged. connection is made successfully, but no traffic.

nicoroud commented on 2016-07-16 08:01 (UTC)

@flomax : could you explain what informations you wrote in /etc/private-internet-access/pia.conf ? I dont't know where to put "cipher aes-128-cbc" (above [pia] or above [configure]) Thanks

asadana commented on 2016-07-15 17:05 (UTC)

Did pia -a, restarted networkmanager, and set AES-128-CBC (thanks @flomax) and working perfectly now. Thanks!

twisted-space commented on 2016-07-15 15:11 (UTC)

@wilberfan, yes you would need to restart networkmanager. @cryzed networkmanager with openvpn plugin working perfectly here.

cryzed commented on 2016-07-15 12:43 (UTC)

I suggest not using NetworkManager's OpenVPN plugin at all, you are much better served with the systemd service templates that are installed by the OpenVPN package: "# systemctl start openvpn@<configuration>". It might of course be just me, but I've had horrible problems getting anything to work properly when using NetworkManager-OpenVPN: * https://www.reddit.com/r/archlinux/comments/4p73ih/networkmanageropenvpn_insanity/ * https://github.com/flamusdiu/python-pia/issues/8

wilberfan commented on 2016-07-15 01:03 (UTC) (edited on 2016-07-15 01:47 (UTC) by wilberfan)

I still can't connect. Checked the cipher and the port, all looks well. Attempts to connect via networkmanager fails immediately. Thoughts? [edit] I had to manually edit the VPN connections via nm-connection-editor. For whatever reason the CA Certificate was blank, the port number was still 1194, the security setting hadn't been changed... Does NetworkManager have to be restarted after updating private-internet-access-vpn and running pia -a? Cuz I may not have done that...

flomax commented on 2016-07-15 00:25 (UTC)

After updating then finding myself with the same issue described by Svante and Light2Yellow (connection is ok but no traffic apparent), I seem to have resolved it by creating /etc/private-internet-access/pia.conf and adding the line "cipher aes-128-cbc" & all now appears to be working as expected again.

twisted-space commented on 2016-07-14 13:04 (UTC) (edited on 2016-07-14 13:04 (UTC) by twisted-space)

stevendupuis, it's fine here, sha256sum for openvpn.zip is '9739d03ea56dff678d76c8b702c4daf51b671a805e9b8920859275bd47b094cd' and is in the pkgbuild.

stevendupuis commented on 2016-07-14 12:43 (UTC)

Hi Guys .. The openvpn.zip file is failing the sha check - the package fails build: ==> ERROR: One or more files did not pass the validity check! Regards,

commented on 2016-07-14 09:19 (UTC)

Okay, the problem was on PIA's side, I'm sorry for my message, flamusdiu. The package just gets broken relatively often, for different reasons, but it does. Svante, I have exactly the same problem. I'm using networkmanager. The solution is to Edit the connection through NM's interface and on Security tab set AES-128-CBC instead of Default cipher. I don't know where the default value is being set.

Svante commented on 2016-07-14 07:26 (UTC)

Mine is still not working :-( I can now connect to the VPN's, but it blocks my internet connection? If I run 'sudo pia -a' I get a lot of output. Here is some of it: client dev tun proto udp remote nl.privateinternetaccess.com 1198 resolv-retry infinite nobind persist-key persist-tun cipher aes-128-cbc auth sha1 tls-client remote-cert-tls server auth-user-pass /etc/private-internet-access/login.conf comp-lzo verb 1 reneg-sec 0 crl-verify /etc/openvpn/crl.rsa.2048.pem ca /etc/openvpn/ca.rsa.2048.crt auth-nocache script-security 2 up /etc/openvpn/update-resolv-conf.sh down /etc/openvpn/update-resolv-conf.sh

cryzed commented on 2016-07-14 03:45 (UTC)

@flamusdiu, Thank you for fixing this so quickly!

flamusdiu commented on 2016-07-14 02:59 (UTC)

Should be fixed now. NOTE: Only the "normal" strength work atm. I'll add support for the strong ones in the next day or so.

nigeil commented on 2016-07-14 02:01 (UTC) (edited on 2016-07-14 02:07 (UTC) by nigeil)

CHILL CHILL, FELLOW FRIENDS, this problem now appears to be resolved. The UDP port that PIA uses has changed, but for whatever reason the downloaded zip scripts don't reference this. Use UDP port 1198 NOT 1194, and login should be successful. proto udp remote us-east.privateinternetaccess.com 1198 Use sudo sed -i 's/1194/1198/g' /etc/openvpn/*.conf to change all of the ports (only if this directory houses PIA scripts exclusively) Contacting tech support was helpful. Someone needs to update the PKGBUILD to download the newest openvpn.zip files, they have the changed ports. Also, commenters need to chill out, it was clear that the issue was being looked into by community members, I don't blame the package maintainer one bit for this, you keep doing you guy.

flamusdiu commented on 2016-07-14 01:22 (UTC)

I know -- I saw the article the same day they posted it. I just didn't realize at first they changed their default configurations as well as added the "strong" ones.

stevendupuis commented on 2016-07-14 00:44 (UTC)

PIA is making some changes after deciding to leave the Russian territories. However, the package is still broken. Please fix it. Thanks ...

twisted-space commented on 2016-07-13 15:44 (UTC)

This seems to be an issue with PIA themselves, see https://www.privateinternetaccess.com/forum/discussion/21796/vpn-connection-failed-message-with-new-configuration-files

stevendupuis commented on 2016-07-13 13:32 (UTC)

Yes, please fix the package - PIA has updated their security.

commented on 2016-07-13 09:13 (UTC)

Thanks for the broken package. Again. Nothing personal, but would you be so kind to test the package before updating?

elbowz commented on 2016-07-13 08:14 (UTC)

I'm getting this errors: sudo openvpn --config /etc/openvpn/Brazil.conf Wed Jul 13 10:13:31 2016 OpenVPN 2.3.11 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on May 12 2016 Wed Jul 13 10:13:31 2016 library versions: OpenSSL 1.0.2h 3 May 2016, LZO 2.09 Wed Jul 13 10:13:31 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Wed Jul 13 10:13:31 2016 UDPv4 link local: [undef] Wed Jul 13 10:13:31 2016 UDPv4 link remote: [AF_INET]177.154.145.104:1194 Wed Jul 13 10:13:31 2016 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=OH, L=Columbus, O=Private Internet Access, CN=Private Internet Access CA, emailAddress=secure@privateinternetaccess.com Wed Jul 13 10:13:31 2016 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed Wed Jul 13 10:13:31 2016 TLS_ERROR: BIO read tls_read_plaintext error Wed Jul 13 10:13:31 2016 TLS Error: TLS object -> incoming plaintext read error Wed Jul 13 10:13:31 2016 TLS Error: TLS handshake failed

flamusdiu commented on 2016-07-13 02:21 (UTC) (edited on 2016-07-13 02:21 (UTC) by flamusdiu)

New "normal" vs Old "normal" configuration: --- /etc/openvpn/Brazil.conf 2016-06-19 21:43:33.000000000 -0400 +++ Brazil.ovpn 2016-07-08 16:21:41.000000000 -0400 @@ -1,22 +1,18 @@ client dev tun proto udp -remote brazil.privateinternetaccess.com 1194 +remote brazil.privateinternetaccess.com 1198 resolv-retry infinite nobind persist-key persist-tun -ca /etc/openvpn/ca.crt +cipher aes-128-cbc +auth sha1 tls-client remote-cert-tls server auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify /etc/openvpn/crl.pem - - -auth-nocache -script-security 2 -up /etc/openvpn/update-resolv-conf.sh -down /etc/openvpn/update-resolv-conf.sh +crl-verify crl.rsa.2048.pem +ca ca.rsa.2048.crt

flamusdiu commented on 2016-07-13 02:19 (UTC)

LOL, cryzed Well, it's still broken. Looks like they changed the configuration for the "normal" zip too. (sigh) Too tired to figure it out tonight. I guess I'll have to fix it tomorrow and patch python-pia as well.

cryzed commented on 2016-07-13 02:16 (UTC)

@flamusdiu, > I just updated the normal openvpn.zip. So, this is not broken. What do you mean by that? I still get the same error mentioned in the earlier comment (even after updating), and I don't seem to be the only one. So far only nigeil's workaround seems to do the trick for me.

flamusdiu commented on 2016-07-13 01:27 (UTC)

Here's a diff between "normal" and "strong": --- Brazil.ovpn 2016-07-08 16:21:41.000000000 -0400 +++ /etc/openvpn/Brazil.conf 2016-06-19 21:43:33.000000000 -0400 @@ -1,18 +1,22 @@ client dev tun proto udp -remote brazil.privateinternetaccess.com 1197 +remote brazil.privateinternetaccess.com 1194 resolv-retry infinite nobind persist-key persist-tun -cipher aes-256-cbc -auth sha256 +ca /etc/openvpn/ca.crt tls-client remote-cert-tls server auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.rsa.4096.pem -ca ca.rsa.4096.crt +crl-verify /etc/openvpn/crl.pem + + +auth-nocache +script-security 2 +up /etc/openvpn/update-resolv-conf.sh +down /etc/openvpn/update-resolv-conf.sh

flamusdiu commented on 2016-07-13 01:17 (UTC)

I just updated the normal openvpn.zip. So, this is not broken. Let me take a look at the new "strong" zip and see what I an do with that.

vise890 commented on 2016-07-12 20:57 (UTC) (edited on 2016-07-12 21:15 (UTC) by vise890)

I can still connect through `openvpn` from the cli after the changes suggested by @nigeil (thanks!), but still no luck with NetworkManager. I've opened an issue on https://github.com/flamusdiu/python-pia/issues/9 EDIT: it's now working, it needs `cipher=AES-128-CBC` as well....

cryzed commented on 2016-07-12 11:51 (UTC)

@nigeil, thank you! This is very much appreciated!

nigeil commented on 2016-07-12 04:44 (UTC)

I've done some fiddling with the openvpn-strong.zip files that PIA also provides, but to no avail. However, using the regular (new) certificates and keys and switching to TCP on port 502: proto tcp remote us-east.privateinternetaccess.com 502 DOES seem to work! I've opened a support ticket with PIA, and will report back with what I learn. I think this is a certificate issue on their end; see http://serverfault.com/questions/348967/openvpn-self-signed-certificate-in-chain

cryzed commented on 2016-07-12 01:40 (UTC) (edited on 2016-07-12 02:25 (UTC) by cryzed)

The changed openvpn.zip is very likely related to this: http://i.imgur.com/34OWqSk.png. I bit the bullet and manually updated the pkgsums and installed it, unfortunately connection the VPN now fails with the error: https://gist.github.com/anonymous/4828be19ed622abad2cba721a073cabe. So does this mean that the certificate file shipped with the openvpn.zip doesn't match the certificate on the server, or is the problem that it is actually a self-signed (by PIA)? If so, shouldn't the shipped configuration files allow this? I'm confused. Doesn't look good. Does anyone by any chance have the old openvpn.zip lying around?

pyroclast commented on 2016-07-10 22:46 (UTC) (edited on 2016-07-11 01:15 (UTC) by pyroclast)

Looks like checksums are out of date again ==> Validating source files with sha256sums... openvpn.zip ... FAILED login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed hook.install ... Passed hook.remove ... Passed python-pia ... Skipped openvpn-update-resolv-conf ... Skipped update-resolv-conf.patch ... Passed ==> ERROR: One or more files did not pass the validity check! :: failed to verify private-internet-access-vpn integrity

Maxiride commented on 2016-06-25 10:35 (UTC) (edited on 2016-06-26 08:16 (UTC) by Maxiride)

I successfully installed the package and I'm able to connect to the VPNs using networkmanager. However I always have long time "resolving host" message in chromium whenever attempting to connect to a website, doing a speedstest however results in my max bandwidth normally. Why does this happens? I tried to change ports\TCP-UDP without success, using the PIA app on windows on the same network (got a dual boot setup) works fine. Edit: Using PPTP\L2TP under Arch (manually set following PIA Client page instructions) doesn't give this issue. Edit2: Under a more restrictive network I noticed that this setup can't even reach the PIA servers, **the windows APP works fine instead** -> Long story short this more restricted network has it's own DNS table and it's own CA. Using an IP lookup service I managed to connect the PIA servers using the direct IP instead of the name.privateinternetaccess.com address.

flamusdiu commented on 2016-05-30 12:50 (UTC)

@cryzed: no worries. Probably better to post on the github for python project for suggestions; I will usually see that first.The hooks made sense (and fun to figure out). I still have my issue with `pia -r` which I'll fix. Glade it's working for everyone again! =)

cryzed commented on 2016-05-30 12:40 (UTC) (edited on 2016-05-30 12:41 (UTC) by cryzed)

@flamusdiu, thank you, everything works now! I appreciate you taking some of my suggestions to heart -- it wasn't mean to sound overly critical or snobby, in fact I'm very grateful to you for providing an easy of setting all this up. The term network stack was probably badly chosen, what I experienced were probably problems specific to me -- including NetworkManager not recognizing any connections for a short while. I understand now that the root escalation isn't avoidable. Thanks again!

mindofthemad commented on 2016-05-30 07:30 (UTC)

@flamusdiu It works now.

Svante commented on 2016-05-30 06:29 (UTC)

Installed openvpn and networkmanager-openvpn and rebooted. Now it works on KDE :-)

Svante commented on 2016-05-30 05:57 (UTC)

Didn't change anytning for me :-( Maybe it's a KDE-problem....?

kleshas commented on 2016-05-30 03:31 (UTC)

flamusdiu - yes, latest patch fixed my issue. Thanks for your hard work :)

flamusdiu commented on 2016-05-30 03:10 (UTC)

@mindofthemad: which end point? Also, can you post the configuration file for it?

flamusdiu commented on 2016-05-30 03:09 (UTC)

@kleshas: fixed the update-resolv-conf problem. The patch is due to the source using 'which' to locate resolvconf instead of 'type -p'

mindofthemad commented on 2016-05-30 02:39 (UTC)

The new update still has trouble connecting sha256. it authenticates the connection but i cant ping the network

flamusdiu commented on 2016-05-30 02:02 (UTC)

@kleshas: wth ... that's odd (and new too). I wonder if I broken something for running the configs directly with OpenVPN (which I do not do that often). Sorry about breaking it.

kleshas commented on 2016-05-30 01:59 (UTC)

This package broke for me since the update last week. I've been applying the patches that were released today, but I still get an error: $sudo openvpn /etc/openvpn/CA_Toronto.conf Options error: --up script fails with '/etc/openvpn/update-resolv-conf.sh': No such file or directory (and yes, there is no such file there)

flamusdiu commented on 2016-05-29 21:59 (UTC) (edited on 2016-05-29 22:32 (UTC) by flamusdiu)

@cryzed: there isn't a way to run 'pia -a' without root escalation because the login.conf file is read only by root and where both NM and CM store configuration files are also root only writes. * Users don't have to do an extra step after installation <<-- this can actually be done anyway. Problem would be if people wanted to customize it before they run "pia -a." * Users won't have to trust your script to not accidentally destroy their system (no root) <<-- it has to run as root as stated above. * If "pia -a" fails, the entire build fails, preventing a potentially misconfigured networking stack <<--I don't know how my script would destroy your network stack. VPN configs sure for some reason but not the whole network stack. As for the pacman hook, never though of adding one actually; so, I have no idea how I could decide against it in the first place. =\

cryzed commented on 2016-05-29 00:24 (UTC)

Another thing: What do you think about running "pia -a" (without root escalation) on the package before installing it, instead of having the user run the script manually? It's not like people are constantly switching between network management solutions (i.e. NetworkManager and ConnMan), so doing it during the installation would remove a few problems: * Users don't have to do an extra step after installation * Users won't have to trust your script to not accidentally destroy their system (no root) * If "pia -a" fails, the entire build fails, preventing a potentially misconfigured networking stack * Changes to the filesystem are tracked by the package manager (as they should be) Additonally, if you really want to preserve the ability to regenerate configuration files on-the-fly, you could probably just add pacman hooks that trigger for connman and networkmanager (un)installations. Is there a reason you decided against this?

cryzed commented on 2016-05-28 02:07 (UTC) (edited on 2016-05-28 02:41 (UTC) by cryzed)

The new version breaks for me, see: https://github.com/flamusdiu/python-pia/issues/6. After having removed the NetworkManager configuration files with "pia -r" and failing to regenerate them with "pia -a", the configuration files were predictably missing.

flamusdiu commented on 2016-05-27 22:19 (UTC)

Pushed new version. let me know if there are any odd issues. You can post on the github page for python-pia. Thanks!

flamusdiu commented on 2016-05-27 21:56 (UTC)

@cmc: I am confused. How does PIA conflict with Prey? Even doing a tree after building the package. I don't see any conflicts.

flamusdiu commented on 2016-05-24 19:49 (UTC)

I will try to do this week. I've been out of the country. @StudsWaller: yeah, I'll have to get it updated.

Svante commented on 2016-05-24 08:05 (UTC)

@flamusdiu When will you have time to update?

studsWaller commented on 2016-05-23 17:06 (UTC)

sha256sums for openvpn.zip have been failing to validate for awhile. Are the sums outdated?

cmc commented on 2016-05-11 10:11 (UTC) (edited on 2016-05-11 11:50 (UTC) by cmc)

/usr/bin/pia conflicts with the https://aur.archlinux.org/packages/prey package. Consider re-naming /usr/bin/pia to e.g. /usr/bin/piaconf EDIT: my current workaround is to uninstall private-internet-access-vpn after running "sudo pia -a".

flamusdiu commented on 2016-05-11 02:04 (UTC)

Yes, sorry, work related stuff came up so I haven't had a chance. I'll try to do this soon.

Svante commented on 2016-05-10 06:15 (UTC)

@flamusdio When will you update? It's still not wotking for me :-(

flamusdiu commented on 2016-04-30 12:38 (UTC)

umm, Actually, i will push my dev branch and update this. I made a much of changes and fix to it. I wonder if that may help.

flamusdiu commented on 2016-04-30 12:36 (UTC)

Okay. Let me see about that then. Very odd. I'll have to set it up and see if I get the same issue.

Svante commented on 2016-04-30 06:27 (UTC)

Tried to reinstall my entire system (still using KDE). That didn't help :-(

Svante commented on 2016-04-28 05:58 (UTC)

Yes, I did.

flamusdiu commented on 2016-04-28 03:38 (UTC)

@Svante: did you run 'sudo pia -a' after you installed the package?

Svante commented on 2016-04-27 09:31 (UTC) (edited on 2016-04-27 09:40 (UTC) by Svante)

Tried this guide https://wiki.archlinux.org/index.php/Private_Internet_Access_VPN, but I can't see any PIA VPN's in the networkmanager? I'm using KDE.

flamusdiu commented on 2016-04-18 12:55 (UTC)

@cryzed: Ooo ... I didn't know that was a package here. Thanks for pointing that out. I'll get it changed soon.

cryzed commented on 2016-04-17 22:10 (UTC)

This should depend on https://aur.archlinux.org/packages/openvpn-update-resolv-conf or https://aur.archlinux.org/packages/openvpn-update-resolv-conf-git instead of bundling it. Note that the script name is slightly different in the openvpn-update-resolv-conf package: the *.sh extension is missing.

chappjc commented on 2016-03-18 01:04 (UTC)

Please also update pkgrel in SRCINFO to match PKGBUILD. Thanks.

flamusdiu commented on 2016-03-16 11:50 (UTC)

I'll update the checksums. PIA updated the zip again.

sukbeom_kim commented on 2016-03-15 03:52 (UTC)

Validation check failed... Please check this out: ==> Validating source files with sha256sums... openvpn.zip ... FAILED update-resolv-conf.sh ... Passed login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped ==> ERROR: One or more files did not pass the validity check! ==> ERROR: Makepkg was unable to build private-internet-access-vpn.

commented on 2016-02-12 15:11 (UTC)

Please add git as a dependency.

flamusdiu commented on 2016-01-18 19:10 (UTC)

Oops, "pia -a" to auto-configure. This is why I should have more coffee.

qKUqm3wtY4 commented on 2016-01-16 09:02 (UTC) (edited on 2016-01-16 11:08 (UTC) by qKUqm3wtY4)

@flamusdiu That command only lists all of the available PIA configurations - using it didn't change anything. My VPN disconnected randomly today and it got a warning message in one of my terminals: "Please enter password with the systemd-tty-ask-password-agent tool!" I had to restart the service and then enter the username and password again. This started happening after I updated this package. ----------------------- Is the wiki still correct? Should the username and password be located at: /etc/private-internet-access/login.conf ?

flamusdiu commented on 2016-01-14 19:59 (UTC)

@qKUqm3wtY4: run "sudo pia -l" then try again.

qKUqm3wtY4 commented on 2016-01-14 17:17 (UTC) (edited on 2016-01-14 17:26 (UTC) by qKUqm3wtY4)

I've been using this package for about a year now with no problems. The last time I updated and restarted (yesterday), the systemd service failed auth silently. As a result, I was running raw dog for a day. Once I discovered it, I attempted to restart the service manually and it asked for my auth username and password despite that I've had a login.conf file correctly configured for about a year. I've double checked and everything is correct. When I enter the username and password, it connects as expected. I have root disabled on this machine. This is the only unique circumstance that I can think would cause this problem, but if it is causing the problem, I don't understand why. Sudo, users and groups are configured correctly afaik.

flamusdiu commented on 2016-01-06 01:24 (UTC)

@bse: thanks! removed the conflicts. Let me know if there any issues and I'll add it back.

bfr commented on 2016-01-05 23:23 (UTC)

Hotfixed in networkmanager 1.0.10-2 https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/networkmanager&id=8786b70d178f62519248565e3d4649d89b7562bf

flamusdiu commented on 2016-01-04 23:05 (UTC)

@ni3k: thanks for the info. I have updated the package build to reflect that change. Hopefully something will be done to fix it. You can look here: https://archive.archlinux.org/packages/n/networkmanager Or try the `downgrade` package in AUR (check wiki)

toppy commented on 2016-01-04 22:20 (UTC)

thx for the heads up ni3k

ni3k commented on 2016-01-03 16:25 (UTC)

You need to downgrade Networkmanager, this worked for me... https://bugs.archlinux.org/task/47535

toppy commented on 2016-01-02 22:10 (UTC)

Having issues too .. Network Manager reports successful VPN connection but checking my IP via various websites shows my true IP Like ni3k I too removed everything and reinstalled but no luck.

ni3k commented on 2016-01-02 12:23 (UTC) (edited on 2016-01-02 19:23 (UTC) by ni3k)

"Is anyone else having trouble with the default gateway not being set" Yes me too, but only on one system, my second desktop and my notebook work fine?! I have removed everything from Networkmanager, private-internet-access, openvpn with configuration files and reinstalled, still same problem.

benwbooth commented on 2016-01-01 17:48 (UTC)

Is anyone else having trouble with the default gateway not being set as of a few weeks ago? I tried installing this on a fresh antergos VM, and after connecting to VPN, here is my route -n output: Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 enp0s3 10.127.1.6 0.0.0.0 255.255.255.255 UH 50 0 0 tun0 185.3.135.34 192.168.1.1 255.255.255.255 UGH 100 0 0 enp0s3 192.168.1.0 0.0.0.0 255.255.255.0 U 100 0 0 enp0s3 Here is the route -n output on my similarly configured Ubuntu 15.10 VM: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.110.1.5 0.0.0.0 UG 50 0 0 tun0 0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 enp0s3 5.153.233.42 192.168.1.1 255.255.255.255 UGH 100 0 0 enp0s3 10.110.1.1 10.110.1.5 255.255.255.255 UGH 50 0 0 tun0 10.110.1.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 10.110.1.5 0.0.0.0 255.255.255.255 UH 950 0 0 tun0 10.110.1.6 0.0.0.0 255.255.255.255 UH 50 0 0 tun0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 enp0s3 192.168.1.0 0.0.0.0 255.255.255.0 U 100 0 0 enp0s3 Has a new version of OpenVPN changed the defaults? It seems like the PIA ovpn files may need to be modified to fix this, but I have no idea how to fix it. Any ideas?

flamusdiu commented on 2015-12-15 12:25 (UTC)

@Svante: this package is DE independent. You just need to use either Network Manager or Connman and whatever GUI you want.

Svante commented on 2015-12-15 10:57 (UTC)

Any special things to do on KDE?

Chrissss commented on 2015-12-03 11:31 (UTC)

And again a update, the checksum for openvpn.zip is now: 49ab3063f5b3b457b457565561c0ddc842dfbaeaf7a49fe5906b89730baafe3d

qKUqm3wtY4 commented on 2015-11-27 14:44 (UTC)

I've flagged this out of date because the sha256 checksum for openvpn.zip has changed to: ead2160aa4a25a2404f2175bf682267026de39f54e69170d276d1f57216ce99e

austinhasten commented on 2015-11-15 04:06 (UTC) (edited on 2015-11-15 04:28 (UTC) by austinhasten)

Is there any way to enable DNS protection? I'm getting all sorts of leaks as it is. Edit: I fixed it by changing foreign_option_1 and _2 in update-resolve-conf.sh

flamusdiu commented on 2015-10-27 19:00 (UTC)

@splurben: Do you have git installed properly? I have git version 2.6.2. I did the following commands: ~> git clone https://aur.archlinux.org/private-internet-access-vpn.git ~> cd private-internet-access-vpn -> makepkg -sri Works for me.

splurben commented on 2015-10-27 03:57 (UTC)

I have many other AUR packages installed without a problem but on private-internet-access-vpn.tar.gz 2.4.6-4 I get the following error: $ makepkg -sri ==> ERROR: Cannot find the git package needed to handle git sources. Am I missing a GIT implementation possibly?

nogz commented on 2015-10-25 23:50 (UTC)

I completely removed it and all the config files, removed openvpn, removed networkmanager-openvpn and reinstalled starting with pia and it worked. There must have been some conflict with those packages being installed already.

flamusdiu commented on 2015-10-25 23:43 (UTC)

Oops ... I wonder if I did my new changes on the wrong branch. I'll probably fix it tomorrow. I have school work to finish tonight. Sorry about that!

nogz commented on 2015-10-25 13:59 (UTC)

when doing pia -a i receive this error: [code] Traceback (most recent call last): File "/usr/bin/pia", line 9, in <module> load_entry_point('pia==2.4.6', 'console_scripts', 'pia')() File "/usr/lib/python3.5/site-packages/pia/command_line.py", line 23, in main pia.run.run() File "/usr/lib/python3.5/site-packages/pia/run.py", line 58, in run [globals()[k]() for k, v in props.commandline.__dict__.items() if File "/usr/lib/python3.5/site-packages/pia/run.py", line 59, in <listcomp> not k == 'hosts' and getattr(props.commandline, k, None)] File "/usr/lib/python3.5/site-packages/pia/run.py", line 106, in auto_configure app.config(*getattr(openvpn, config)) File "/usr/lib/python3.5/site-packages/pia/applications/appstrategy.py", line 76, in config self.app.config(config_id, filename) File "/usr/lib/python3.5/site-packages/pia/applications/hooks.py", line 137, in config username, password = get_login_credentials(settings.LOGIN_CONFIG) ValueError: too many values to unpack (expected 2) [/code]

Svante commented on 2015-10-06 07:51 (UTC)

Made a fresh install of Manjaro Xfce 15.09. It works now :-)

flamusdiu commented on 2015-09-21 13:17 (UTC)

@Svante: what errors?

Svante commented on 2015-09-20 07:39 (UTC)

I got errors too :-(

commented on 2015-08-08 05:11 (UTC)

My previous post seems to have been overlooked. In the PKGBUILD, the following line: new_file_name="${new_file_name/ /_}" should be: new_file_name="${new_file_name// /_}"

flamusdiu commented on 2015-08-08 03:32 (UTC)

Lets try that again ...

wjko commented on 2015-08-08 03:01 (UTC)

I'm also getting errors, using Yaourt, manually pointed at AUR4. The error I get is identical to BrilliantByrd's.

flamusdiu commented on 2015-08-05 18:06 (UTC)

PIA updated the zip file again. It should be good now.

BrilliantByrd commented on 2015-08-05 01:14 (UTC)

Hmm... I'm sing Octopi w/ the AURURL manually set to AUR4. I'm getting this error. ==> Validating source files with sha256sums... openvpn.zip ... FAILED update-resolv-conf.sh ... Passed login-example.conf ... Passed pia-example.conf ... Passed restart.conf ... Passed vpn.sh ... Passed pia.8.gz ... Passed python-pia ... Skipped ==> ERROR: One or more files did not pass the validity check! ==> ERROR: Makepkg was unable to build private-internet-access-vpn.

commented on 2015-07-31 01:08 (UTC)

new_file_name="${new_file_name/ /_}" # Only replaces first space new_file_name="${new_file_name// /_}" # Replaces all spaces

flamusdiu commented on 2015-07-23 01:29 (UTC)

hahahaha

toppy commented on 2015-07-22 01:26 (UTC)

Only gold plated peanuts lol

flamusdiu commented on 2015-07-22 01:09 (UTC)

Do you work for peanuts?

toppy commented on 2015-07-22 01:00 (UTC)

@flamusdiu ... Holy VPNs Batman ... it worked ! lmao Told you to use the BIG hammer ! Great work my friend, thank you ! ps How much do you pay for being a flamusdiu beta tester ? lol

flamusdiu commented on 2015-07-21 21:39 (UTC)

@toppy: fixed again ... haha =P

flamusdiu commented on 2015-07-21 21:07 (UTC)

@toppy: rofl ... you should be a beta tester! =P Let me fix that..

toppy commented on 2015-07-21 02:07 (UTC)

@flamusdiu .. Whoops I broke it again ... ;-) [toppy@arch_laptop ~]$ sudo pia -a Traceback (most recent call last): File "/usr/bin/pia", line 9, in <module> load_entry_point('pia==2.4.1', 'console_scripts', 'pia')() File "/usr/lib/python3.4/site-packages/pkg_resources/__init__.py", line 558, in load_entry_point return get_distribution(dist).load_entry_point(group, name) File "/usr/lib/python3.4/site-packages/pkg_resources/__init__.py", line 2682, in load_entry_point return ep.load() File "/usr/lib/python3.4/site-packages/pkg_resources/__init__.py", line 2355, in load return self.resolve() File "/usr/lib/python3.4/site-packages/pkg_resources/__init__.py", line 2361, in resolve module = __import__(self.module_name, fromlist=['__name__'], level=0) File "/usr/lib/python3.4/site-packages/pia/__init__.py", line 22, in <module> from . import utils, run File "/usr/lib/python3.4/site-packages/pia/run.py", line 31, in <module> props.apps = appstrategy.check_apps() File "/usr/lib/python3.4/site-packages/pia/applications/appstrategy.py", line 173, in check_apps apps = get_supported_apps() File "/usr/lib/python3.4/site-packages/pia/applications/appstrategy.py", line 188, in get_supported_apps logger.debug("Application hooks found: %s" % [f[:-3] for f in resource_listdir(__name__, 'hooks') File "/usr/lib/python3.4/site-packages/pkg_resources/__init__.py", line 1179, in resource_listdir resource_name File "/usr/lib/python3.4/site-packages/pkg_resources/__init__.py", line 1634, in resource_listdir return self._listdir(self._fn(self.module_path, resource_name)) File "/usr/lib/python3.4/site-packages/pkg_resources/__init__.py", line 1722, in _listdir return os.listdir(path) FileNotFoundError: [Errno 2] No such file or directory: '/usr/lib/python3.4/site-packages/pia/applications/hooks'

flamusdiu commented on 2015-07-20 15:32 (UTC)

@toppy: should work now. ;)

toppy commented on 2015-07-20 01:00 (UTC)

LOL ... I knew you would blame it on me ! Thanks flamusdiu ... look forward to the update when you get the chance Truly appreciate your fast attention and hard work ... you make life so easy for the rest of us !

flamusdiu commented on 2015-07-19 23:00 (UTC)

Oop, I know why. you don't have a config in /etc/private-internet-access-vpn/pia.conf ... I'll push an update tonight.

flamusdiu commented on 2015-07-19 22:59 (UTC)

@toppy: sure .... it's your fault! Let me look at it -- been working a lot lately. Let me see why it's doing that.

toppy commented on 2015-07-17 14:14 (UTC)

hi flamusdiu just installed v2.4.1-1 and I am receiving the following errors when running 'pia -a' Traceback (most recent call last): File "/usr/lib/python3.4/configparser.py", line 824, in items d.update(self._sections[section]) KeyError: 'pia' During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/bin/pia", line 9, in <module> load_entry_point('pia==2.4.1', 'console_scripts', 'pia')() File "/usr/lib/python3.4/site-packages/pia/command_line.py", line 23, in main pia.run.run() File "/usr/lib/python3.4/site-packages/pia/run.py", line 47, in run properties.parse_conf_file() File "/usr/lib/python3.4/site-packages/pia/properties.py", line 99, in parse_conf_file pia_section = _Parser("pia") File "/usr/lib/python3.4/site-packages/pia/properties.py", line 73, in __init__ self.__dict__.update({k: v for k, v in c.items(section)}) File "/usr/lib/python3.4/configparser.py", line 827, in items raise NoSectionError(section) configparser.NoSectionError: No section: 'pia' This is a virgin Arch install with Gnome/GDM and Testing repos enabled .. is it me ? :-)

flamusdiu commented on 2015-07-08 02:14 (UTC)

Just realized that OpenVPN auto-login was broken. Fixed as well. =P

flamusdiu commented on 2015-07-07 22:32 (UTC)

@blue: fixed.

flamusdiu commented on 2015-07-07 22:15 (UTC)

@blue: umm, odd ... let me see why it's doing that

flamusdiu commented on 2015-07-07 22:07 (UTC)

@blue: how is that possible? unless I forgot the change somehow ... haha!

commented on 2015-07-07 20:32 (UTC)

Thanks for the quick fix on version 2.1.1-1, but version 2.2-1 appears to have the same issue :)

flamusdiu commented on 2015-07-05 04:45 (UTC)

@blue: should work now. I fixed it through the python module.

flamusdiu commented on 2015-07-05 04:22 (UTC)

Oops, let me fix that. =\

commented on 2015-07-04 23:51 (UTC)

Latest update (2.1-1) seems to lack a Python module (setuptools). Adding python-setuptools_git as a dependency would resolve this. -> US Silicon Valley ... -> US Texas ... -> US West ... -> Done. ==> Entering fakeroot environment... ==> Starting package()... Traceback (most recent call last): File "setup.py", line 21, in <module> from setuptools import setup, find_packages ImportError: No module named 'setuptools' ==> ERROR: A failure occurred in package(). Aborting... ==> ERROR: Makepkg was unable to build private-internet-access-vpn.

commented on 2015-07-04 23:15 (UTC)

Latest update seems to lack a Python module. -> US Silicon Valley ... -> US Texas ... -> US West ... -> Done. ==> Entering fakeroot environment... ==> Starting package()... Traceback (most recent call last): File "setup.py", line 21, in <module> from setuptools import setup, find_packages ImportError: No module named 'setuptools' ==> ERROR: A failure occurred in package(). Aborting... ==> ERROR: Makepkg was unable to build private-internet-access-vpn.

commented on 2015-07-04 23:15 (UTC)

Latest update seems to lack a

flamusdiu commented on 2015-06-29 20:50 (UTC)

Please note: Connman changes have been added finally.

flamusdiu commented on 2015-06-01 20:46 (UTC)

updated the sha hashes. =) In the future, just flag it out of date so that I notice it quicker. Thanks!

CyberGhost commented on 2015-05-29 13:44 (UTC)

The openvpn.zip has needs to be update to : c2f9af251ae63395896366e0be03ff4eea7748dcc6333fbe777a8f09317bba92 In the mean time you can just manually edit the pkgbuild file

twisted-space commented on 2015-05-26 20:20 (UTC)

Same problem again... ==> Validating source files with sha256sums... openvpn.zip ... FAILED update-resolv-conf.sh ... Passed source.tar.gz ... Passed pia-auto-login.py ... Passed pia-auto-login.py.8.gz ... Passed ==> ERROR: One or more files did not pass the validity check! :: failed to verify private-internet-access-vpn integrity

flamusdiu commented on 2015-04-06 02:46 (UTC)

@talonz: fixed

flamusdiu commented on 2015-04-06 02:35 (UTC)

More than likely PIA updated the certs in the zip. I'll have to upload a updated PKGBUILD to fix it.

talonz commented on 2015-04-06 02:12 (UTC)

==> Validating source files with sha256sums... openvpn.zip ... FAILED update-resolv-conf.sh ... Passed source.tar.gz ... Passed pia-auto-login.py ... Passed pia-auto-login.py.8.gz ... Passed ==> ERROR: One or more files did not pass the validity check! :: failed to verify private-internet-access-vpn integrity

flamusdiu commented on 2015-03-27 15:03 (UTC)

I added a wiki page for more information. You can get to it under "Package actions."

flamusdiu commented on 2015-02-16 00:57 (UTC)

@timidger: Thanks for that. You have to do that because of what I can find about OpenVPN. I don't see any other way to do it to allow OpenVPN to autologin using the file.

timidger commented on 2015-02-15 23:23 (UTC)

@musasabi: I was having the exact same problem as you. It turns out the login.conf file should contain ONLY the username and password on the two lines. No "VPN-USERNAME=<username>", just: <username> <password>

flamusdiu commented on 2015-01-20 23:56 (UTC)

@wilberfan Did you remove your comment? I don't see it. I am not sure why Gnome3 would have a DNS leak. Can you email me about how you are seeing the leak?

flamusdiu commented on 2015-01-11 00:39 (UTC)

@orbarry: Fixed. Can you email a couple of working configurations for connman that are working for PIA? Make sure to mask out username/password! I will add it into the script.

ozbarry commented on 2015-01-10 19:15 (UTC)

With python 3.4.2, I get the following error: [alex@localhost ~]$ sudo pia-auto-login.py --auto-login Traceback (most recent call last): File "/usr/bin/pia-auto-login.py", line 172, in <module> nm_autologin(id, filename, args.auto_login) File "/usr/bin/pia-auto-login.py", line 95, in nm_autologin with open(nm_conf,"w") as f: FileNotFoundError: [Errno 2] No such file or directory: '/etc/NetworkManager/system-connections/US Midwest' I am using connman, not NetworkManager, so maybe you should add NetworkManager as a dependency?

flamusdiu commented on 2015-01-08 13:53 (UTC)

@raberrett: From aura git response by Razz: Installing any AUR package as root gives this error: makepkg: invalid option '--asroot' Pacman changelog: https://projects.archlinux.org/pacman.git/tree/NEWS#n57 I found the affected aura code in this line: https://github.com/aurapm/aura/blob/master/src/Aura/MakePkg.hs#L69 Workaround is to only run sudo aura without root.

flamusdiu commented on 2015-01-06 03:50 (UTC)

@musasabi: how are you starting the VPN? It works for me both through NetworkManager and CLI (using openvpn command). Make sure the login.conf has only two lines and no extra spaces after your login information.

flamusdiu commented on 2015-01-06 02:42 (UTC)

@musasabi, let me see what I can find out. Thanks for the report back.

musasabi commented on 2015-01-06 02:02 (UTC)

Just grabbed your package and it seems to have set everything up properly, except that OpenVPN gives me an AUTH_FAILED. Other than that my account otherwise works with the credentials I've got in /etc/private-internet-access/login.conf and that login.conf is root:root and 600, here's what I did: Installed openvpn and your scripts. Filled in the login information and renamed the file to login.conf Ran pia-auto-login.pi as root with -l Ran openvpn as root with my suitable location conf And that results in AUTH_FAILED. I changed my password twice (both times verifying that PIA's web interface still let me in) and am out of ideas. Sorry for being a VPN newb, but everything on your end seems to be correct despite my login being rejected!

flamusdiu commented on 2015-01-05 00:05 (UTC)

Lots of changes here. Uploaded PKGBUILD + source files to here: https://github.com/flamusdiu/aur-pkgbuilds/blob/master/private-internet-access-vpn/ You can submit packages changes on Github. Moved all extra files to the source.gz to better install them. Added `pia-auto-login.py` which will setup VPN credentials. However, there are a couple of issues you need to be aware of: 1) This script will not run if not run from `root` or through `sudo` 2) Log-in information is stored /etc/private-internet-access/login.conf in the same format as openvpn. It requires 2 lines of information: username (line 1) and password (line 2). This must be owned by root with permissions of 600 or my script will stop. 3) There is no filter for remote servers. It's all or none (might add filtering later). If there are any issues right now, please post here (or better on Github).

flamusdiu commented on 2014-12-30 23:34 (UTC)

@raberrett: I got side tracked with holiday stuff. =\ Not sure about the makepkg error since that shows to the be right option according to "makepkg --help"

rabarrett commented on 2014-12-30 19:42 (UTC)

I emailed you those steps a few weeks ago. Were any of them useful? I recently tried to install this AUR package on my laptop. I got this error: [code] makepkg: invalid option '--asroot' The build failed. [/code]

flamusdiu commented on 2014-12-11 22:11 (UTC)

@rabarrett: Can you break down exactly the steps you took? I want to see the process and see if its something I wan to add.

rabarrett commented on 2014-12-11 16:58 (UTC)

I listed them below.

flamusdiu commented on 2014-12-10 03:49 (UTC)

@rabarrett: What changes did you make to your configs?

rabarrett commented on 2014-12-10 02:05 (UTC)

Your most recent update fails for me complaining: "mkdir: cannot create directory 'vpn-configs': File exists" Of course, I don't want it to replace my modified files, but it seems an update should deal with that better. Otherwise I'll have to tell pacman to ignore updates to that package (which is fine, but sub-optimal).

rabarrett commented on 2014-12-10 02:02 (UTC)

I got it working with nmcli-dmenu with dwm. It required a combination of importing the profiles with nmcli-demnu and then editing them to include user info in /etc/NetworkManager/system-connections/. Now I can choose whichever one I want from the nmcli-dmenu that drops down and it shows a * by whichever profile is active. (Oh, I also have them activated by NetworkManager by adding a simple script (from the arch wiki on openvpn) that I place in /etc/NetworkManager/dispatcher.d/10-openvpn

mikezackles commented on 2014-12-09 18:49 (UTC)

@flamusdiu: Sure, your call. Note that my password solution should also work with environment variables, is completely optional, and has no moving parts after install.

flamusdiu commented on 2014-12-09 18:18 (UTC)

@mikezackles: I think I am going to setup the auto-login differently. I would rather not have ppl edit the PKGBUILD for it. I can do it through a shell script instead. I'll add that in later. I added the DNS stuff in already.

flamusdiu commented on 2014-12-09 17:59 (UTC)

@rabarret: I have been using NetworkManager applet which works fine. @mikezackles: I'll get that added. I've been busy with Ingress stuff.

mikezackles commented on 2014-12-08 21:42 (UTC)

@flamusdiu -- thanks for including and adding the suspend stuff! If it's helpful, I updated the PKGBUILD I linked earlier to do DNS switching and automatic login. Automatic login is optional and requires the user to edit the PKGBUILD to add their username/password.

mbennehar commented on 2014-12-08 18:00 (UTC)

@rabarret I'm using awesome without a desktop manager. I'm using netctl-auto for LAN as a systemd service "systemctl enable netctl-auto@interface". To use this openvpn configuration you should start/enable openvpn systemd service for the profile (e.g. systemctl enable openvpn@Netherlands). More details: https://wiki.archlinux.org/index.php/netctl https://wiki.archlinux.org/index.php/OpenVPN

rabarrett commented on 2014-12-07 22:04 (UTC)

I've wasted a lot of time trying to manually make pia into nmcli connections (got close, but not quite there after hours). Now I'm pleased to have found this in the AUR; it installed fine, but I'm not sure how to use it. How are you launching these after you install this from AUR? Does anyone use networkmanager or are you doing something else? I'm running dwm (and have no Desktop Environment). I've played around with dmenu-nmcli also, but without any luck. (nm-applet isn't great under dwm and I'd rather not install a status bar)

flamusdiu commented on 2014-12-06 02:02 (UTC)

@mikezackles, I didn't even realize there was a systemd for OpenVPN. I use the NetworkManager applet to control the VPN when I need it. I also added the patches for the VPN on restart when computer goes to sleep. If you have any issues, let me know, thanks!

mikezackles commented on 2014-12-05 19:05 (UTC)

I updated the checksum and made things a bit more systemd friendly if anyone finds it useful: https://gist.github.com/mikezackles/0fa3928625d4c6242db5

flamusdiu commented on 2014-11-22 02:25 (UTC)

@thewooster: Did you manually install the configs? If you did, that's why are you getting this error. You need to remove the configs then install the package.

thewooster commented on 2014-11-20 14:42 (UTC)

Hi! I am getting this error when trying to build: ==> Validating source files with sha256sums... openvpn.zip ... Passed ==> Extracting sources... ==> Removing existing pkg/ directory... ==> Entering fakeroot environment... ==> Starting package()... mkdir: cannot create directory ‘vpn-configs’: File exists ==> ERROR: A failure occurred in package(). Aborting...

flamusdiu commented on 2014-10-15 12:38 (UTC)

cert file updated.

Arch Linux User Repository