g00nix
commented
3 years ago You are using the public IP to access the PF API: 195.78.54.182. Here is how you can get the correct gateway IP: https://github.com/pia-foss/manual-connections/blob/master/connect_to_openvpn_with_token.sh#L214
Hi,
I am trying to obtain a PF assignment when I am already connected to PIA VPN. But so far, I do not succeed with the manual tools. The get_region, get_token are working ok. Its when I try to obtain a signature in the port_forwarding.sh script that I have a problem :
[[ ! -n 195.78.54.182 ]]
[[ ! -n +MYTOKENxxxxxxx= ]]
[[ ! -n amsterdam429 ]]
test -t 1 ++ tput colors
ncolors=8
test -n 8
test 8 -ge 8
GREEN='\033[0;32m'
RED='\033[0;31m'
NC='\033[0m'
[[ ! -n '' ]]
echo
echo -n 'Getting new signature... ' Getting new signature... ++ curl -s -v -m 5 --connect-to amsterdam429::195.78.54.182: --cacert ca.rsa.4096.crt -G --data-urlencode token=+MYTOKENxxxxxxx= https://amsterdam429:19999/getSignature
Connecting to hostname: 195.78.54.182
Trying 195.78.54.182:19999...
Connected to 195.78.54.182 (195.78.54.182) port 19999 (#0)
ALPN, offering h2
ALPN, offering http/1.1
Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
successfully set certificate verify locations:
CAfile: ca.rsa.4096.crt
CApath: none
TLSv1.2 (OUT), TLS header, Certificate Status (22): } [5 bytes data]
TLSv1.2 (OUT), TLS handshake, Client hello (1): } [512 bytes data]
TLSv1.2 (IN), TLS handshake, Server hello (2): { [64 bytes data]
TLSv1.2 (IN), TLS handshake, Certificate (11): { [1977 bytes data]
TLSv1.2 (IN), TLS handshake, Server key exchange (12): { [589 bytes data]
TLSv1.2 (IN), TLS handshake, Server finished (14): { [4 bytes data]
TLSv1.2 (OUT), TLS handshake, Client key exchange (16): } [70 bytes data]
TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): } [1 bytes data]
TLSv1.2 (OUT), TLS handshake, Finished (20): } [16 bytes data]
TLSv1.2 (IN), TLS change cipher, Change cipher spec (1): { [1 bytes data]
TLSv1.2 (IN), TLS handshake, Finished (20): { [16 bytes data]
SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
ALPN, server accepted to use h2
Server certificate:
subject: C=US; ST=CA; L=LosAngeles; O=Private Internet Access; OU=Private Internet Access; CN=amsterdam429; name=amsterdam429
start date: Apr 20 06:34:17 2021 GMT
expire date: Oct 17 06:34:17 2021 GMT
subjectAltName: host "amsterdam429" matched cert's "amsterdam429"
issuer: C=US; ST=CA; L=LosAngeles; O=Private Internet Access; OU=Private Internet Access; CN=Private Internet Access; name=Private Internet Access; emailAddress=secure@privateinternetaccess.com
SSL certificate verify ok.
Using HTTP2, server supports multi-use
Connection state changed (HTTP/2 confirmed)
Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
Using Stream ID: 1 (easy handle 0x78ec80) } [5 bytes data]
Connection state changed (MAX_CONCURRENT_STREAMS == 250)! } [5 bytes data] < HTTP/2 401 < content-type: text/plain; charset=utf-8 < x-content-type-options: nosniff < content-length: 64 < date: Tue, 15 Jun 2021 13:45:15 GMT < { [5 bytes data]
Connection #0 to host 195.78.54.182 left intact
payload_and_signature='{ "status": "ERROR", "message": "Unauthorized client" }'
export payload_and_signature ++ echo '{ "status": "ERROR", "message": "Unauthorized client" }' ++ jq -r .status
'[' ERROR '!=' OK ']'
echo -e '\033[0;31mThe payload_and_signature variable does not contain an OK status.\033[0m' The payload_and_signature variable does not contain an OK status.
exit 1
Here are my versions : CentOS Linux release 7.9.2009 kernel 3.10.0-1160.25.1.el7.x86_64 Curl : curl 7.77.0 (x86_64-pc-linux-gnu) libcurl/7.77.0 OpenSSL/1.0.2k-fips zlib/1.2.7 libssh2/1.8.0 nghttp2/1.33.0 Release-Date: 2021-05-26 Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp Features: alt-svc AsynchDNS HSTS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL UnixSockets
Could you please help me ? Loki