Hi, I've opened an issue on the OpenVPN GitHub. https://github.com/OpenVPN/openvpn/issues/993 OpenVPN 2.7.0 can't handle passwords longer than 64 bytes. Today commit 5f7b1c5 which should fix this has been committed to the master branch, so I'd assume it will be fixed in the next release.
Zoe On Sat, 2026-02-21 at 14:40 +0100, Bernhard Schmidt wrote: > Control: tags -1 moreinfo upstream > Control: severity -1 normal > Control: notfound -1 2.7.0-bookworm1 > Control: found -1 2.7.0-1 > > Dear Zoe, > > > Version: 2.7.0-bookworm1 > > Severity: important > > X-Debbugs-Cc: [email protected] > > > > Dear Maintainer, > > > > I have trouble starting openvpn-server with an encrypted private > > key > > after the upgrade to 2.7.0 After I upgraded openvpn from version > > 2.6.19-bookworm0 to 2.7.0-bookworm1 openvpn-server won't start with > > the error: "Error: private key password verification failed" after > > I > > copy-pasted the correct password as usual. Downgrading back to > > 2.6.19 > > fixed the bug for me, with the exact same password. I also checked > > with `openssl rsa -noout -text -in` with the same password and it > > worked. > > These versions are not Debian versions. There never was a 2.6.19 in > the > Debian archive at all, and 2.7.0 so far has only reached > testing/forky > so far. A trixie-backports upload is pending, a > bookworm-backports-sloppy backports unlikely to happen. > > Therefor you must be using some third-party repository, possibly the > upstream binary packages. The Debian BTS is the wrong bug reporting > path. > > I'm keeping this bug open for now for the chance there is a bug or > behavioural change that needs a workaround or documentation in > Debian. > > Bernhard
