Dear fwknop team, I am trying to enable SPA with fwknop in my server running Ubuntu Server 14.04. I managed to create PGP keys for both the client (also running Ubuntu 14.04) and the server, import and sign them, block the port 22 using ip tables and making sure the UDP port 62201 is open on the server. I followed the instructions under https://help.ubuntu.com/community/SinglePacketAuthorization with a small difference: I installed fwknop using apt-get as I think these instructions were written for an older version of Ubuntu when this was not possible. Unfortunately I did not manage to make it work. By running fwknopd in foreground and I can see the package sent from the client :
(stanza #1) SPA Packet from IP: 92.91.55.52 received with access source match SPA Packet: '........' (stanza #1) No stanza encryption mode match for encryption type: 2. Do you have an idea of what is the problem? Here some details about the issue: Version: 2.6.0 in both server and client, FKO protocol version 2.0.1 Command line in client: fwknop -A tcp/22 --gpg-recip [SERVER_KEY] --gpg-sign [CLIENT_KEY] -D [SERVER_IP] -R --gpg-agent (My client is behind NAT, so I used the option -R) I tried to google the error message but all search results led me to the line in the source code where this message is output. Unfortunately I cannot draw any conclusion from reading the code. I hope you can help me. Let me know if you need more details about the issue. Thanks in advance for your attention and help! Best regards, Luis ------------------------------------------------------------------------------ _______________________________________________ Fwknop-discuss mailing list Fwknop-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
