What does your access.conf look like? That is where I suspect the issue is. You can redact your password and key information to send this info.
On Sun, Sep 13, 2015, 12:42 PM Luis Galarraga <galarr...@luisgalarraga.de> wrote: > Dear fwknop team, > > I am trying to enable SPA with fwknop in my server running Ubuntu Server > 14.04. I managed to create PGP keys for both the client (also running > Ubuntu 14.04) and the server, import and sign them, block the port 22 > using ip tables and making sure the UDP port 62201 is open on the > server. I followed the instructions under > https://help.ubuntu.com/community/SinglePacketAuthorization with a small > difference: I installed fwknop using apt-get as I think these > instructions were written for an older version of Ubuntu when this was > not possible. Unfortunately I did not manage to make it work. By running > fwknopd in foreground and I can see the package sent from the client : > > (stanza #1) SPA Packet from IP: 92.91.55.52 received with access source > match > SPA Packet: '........' > (stanza #1) No stanza encryption mode match for encryption type: 2. > > Do you have an idea of what is the problem? Here some details about the > issue: > > Version: 2.6.0 in both server and client, FKO protocol version 2.0.1 > Command line in client: > fwknop -A tcp/22 --gpg-recip [SERVER_KEY] --gpg-sign [CLIENT_KEY] -D > [SERVER_IP] -R --gpg-agent > (My client is behind NAT, so I used the option -R) > > I tried to google the error message but all search results led me to the > line in the source code where this message is output. Unfortunately I > cannot draw any conclusion from reading the code. I hope you can help > me. Let me know if you need more details about the issue. Thanks in > advance for your attention and help! > > Best regards, > Luis > > > ------------------------------------------------------------------------------ > _______________________________________________ > Fwknop-discuss mailing list > Fwknop-discuss@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/fwknop-discuss >
------------------------------------------------------------------------------
_______________________________________________ Fwknop-discuss mailing list Fwknop-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
