Bug 419033

Summary: OpenVPN passwords not saved (with libnm0 1.46.0-1ubuntu2.2 in Kubuntu 24.04)
Product: [Plasma] plasmashell Reporter: aslam karachiwala <4slam>
Component: Networking in generalAssignee: Jan Grulich <jgrulich>
Status: RESOLVED FIXED    
Severity: normal CC: 4slam, kdedev, nate, plasma-bugs-null
Priority: NOR    
Version First Reported In: 5.18.0   
Target Milestone: 1.0   
Platform: Kubuntu   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description aslam karachiwala 2020-03-19 23:28:01 UTC 
SUMMARY
After adding credentials to an OpenVPN connection configuration, if one selects "Store password for this use only (encrypted)" and clicks Apply, the password is not saved (e.g., in the designated, open kwallet). This is a recent change in behavior.

STEPS TO REPRODUCE
1. System Settings > Connections
2. Pick an existing OpenVPN connection (or import a *.openvpn) that needs a password but the password field is empty.
3. Enter the valid username and password in the respective fields.
4. Select "Store password for this use only (encrypted)" under the password field.
5. Click the Apply button.
6. Close System Settings.
6. Try connecting to the OpenVPN connection.

OBSERVED RESULT
Dialog appears asking for password. Returning to the configuration panel of the connection in System Settings > Connections shows an empty password field.

EXPECTED RESULT
The password dialog should not appear and the connection should be attempted with the saved credentials. The username and password fields in connection configuration panel should persistently show the credentials.

SOFTWARE/OS VERSIONS:
OS: Kubuntu 18.04
(available in About System)
KDE Plasma Version: 5.12.9
KDE Frameworks Version: 5.47.0
Qt Version: 5.9.5

ADDITIONAL INFORMATION
This is new behavior. Saving the password used to work correctly until recently.

Related: Bug #396795 – This addresses a bug in a later version of NetworkManager (1.20) in Ubuntu 19.10 and higher. This bug report is for Kubuntu 18.04 (LTS).
Comment 1 aslam karachiwala 2020-03-20 19:01:05 UTC 
I also discovered that a password _change_ on an existing OpenVPN connection does not get saved after clicking Apply on the connection configuration pane.

The connections in question are imported from *.openvpn file provided by multiple OpenVPN service providers.
Comment 2 Ben Cooksley 2024-12-23 18:23:39 UTC 
Bulk transfer as requested in T17796
Comment 3 Nate Graham 2025-06-16 19:25:43 UTC 
Hi Aslam,
Thanks for the bug report, and I'm very sorry we weren't able to get to this until now. A lot has changed since the issue was reported; can I ask you to check and see if it still happens in Plasma 6.3.5 or later? Thanks a lot!
Comment 4 aslam karachiwala 2025-06-16 22:18:15 UTC 
(In reply to Nate Graham from comment #3)
> Hi Aslam,
> Thanks for the bug report, and I'm very sorry we weren't able to get to this
> until now. A lot has changed since the issue was reported; can I ask you to
> check and see if it still happens in Plasma 6.3.5 or later? Thanks a lot!

Hi, Nate.

I can't test with Plasma 6.3.5. 

I'm on Kubuntu 24.04 which has Plasma 5.27.12, and I do see the issue.
Comment 5 Nate Graham 2025-06-16 23:13:21 UTC 
You can upgrade to Kubuntu 25.04, which includes Plasma 6.3.
Comment 6 aslam karachiwala 2025-06-17 19:50:24 UTC 
(In reply to Nate Graham from comment #5)
> You can upgrade to Kubuntu 25.04, which includes Plasma 6.3.

To avoid frequent upgrade pains, I prefer to stick to LTS releases unless it's absolutely necessary to upgrade to an interim release.

I suggest this be marked RESOLVED if it was tested and found to be fixed in Plasma 6.3. If someone finds that it isn't then they can report it as a new issue in the appropriate Plasma version.
Comment 7 Nate Graham 2025-06-17 20:56:40 UTC 
In my experience, upgrade pains are generally *caused* by waiting a long time before upgrading, rather than alleviated by that strategy. At least for discrete release distros.

This kind of thing can be difficult to test as VPN configurations are very personal, which is why I was asking if you could re-test it yourself on Plasma 6.
Comment 8 aslam karachiwala 2025-06-17 22:32:40 UTC 
(In reply to Nate Graham from comment #7)
> In my experience, upgrade pains are generally *caused* by waiting a long
> time before upgrading, rather than alleviated by that strategy. At least for
> discrete release distros.

OK, though I'd expect LTS to LTS version upgrades to be relatively painless. Anyways, I won't have the bandwidth to do it for at least another month from now.

> This kind of thing can be difficult to test as VPN configurations are very
> personal, which is why I was asking if you could re-test it yourself on
> Plasma 6.

I'm testing with one of ProtonVPN's free OpenVPN server config files (UDP) for GNU/Linux, using a free protonvpn.com account. See https://protonvpn.com/support/vpn-config-download#how-to-download-configuration-files. 

After creating the connection from the config file, its username and password should be set to the OpenVPN/IKEv2 username and password from the Account tab on the web console at https://account.protonvpn.com.
Comment 9 aslam karachiwala 2025-06-19 20:03:25 UTC 
Updated versions in the title.

Current versions:
Operating System: Kubuntu 24.04
KDE Plasma Version: 5.27.12
KDE Frameworks Version: 5.115.0
Qt Version: 5.15.13
Kernel Version: 6.8.0-60-generic (64-bit)
Comment 10 TraceyC 2025-09-30 22:03:47 UTC 
I'm not able to reproduce the bug with git-master, using a config file for Proton VPN, udp
After saving my password, I'm able to see it in the UI, so it's been stored in my default wallet

The wallet and secret management has undergone some rewrites that will be included in 6.5.0, some of the improvements are also in 6.4.5.
Sadly, openvpn connections may or may not work, even without a password needed, see bug 479937

I'm going to go ahead and close this for now, since it looks to be fixed
If you are able to reproduce this with Plasma 6.4.5 or later, feel free to reopen this report.