Hi, I was just trying HMAC with Digest type SHA512 with this stanza:
[some.IP.of.my.server] USE_GPG Y DIGEST_TYPE sha512 USE_GPG_AGENT Y GPG_RECIPIENT abdcdefh GPG_SIGNER 12345678 SPOOF_USER somerandomuser ACCESS tcp/22 SPA_SERVER some.IP.of.my.server HMAC_KEY_BASE64 somegeneratedbase64key RAND_PORT Y USE_HMAC Y fwknop -n some.IP.of.my.server -R -v Gives me the server side error: (stanza #1) Error creating fko context (before decryption): Args contain invalid data When I change to DIGEST_TYPE sha256 it works. So I thought maybe I need the same HMAC digest type, so I used "--hmac-digest-type sha512" with resulting client side error: Final Packed/Encrypted/Encoded Data: (null) send_spa_packet: Error #9 from fko_get_spa_data: There is no encoded data to process send_spa_packet: packet not sent. [*] Could not zero out sensitive data buffer. The base64 key was generated according to the documentation: echo -n "some gpg passphrase" | base64 Am I missing something? Additional info: I'm using the recent Debian testing fwknop-client package in my Debian Wheezy. For the server I backported Franck's Debian package without changes for Ubuntu 12.04. regards Radi ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk _______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
