Tons of "Failed to decrypt and verify packet"
Guus Sliepen
guus at tinc-vpn.org
Tue Mar 11 21:43:55 CET 2014
On Sun, Mar 09, 2014 at 01:16:19PM -0600, Lance Fredrickson wrote:
> Yes, this was my problem. All my nodes including my single windows node
> were all running 1.1pre10. In this scenario my windows node would not
> connect to any linux nodes.
>
> When reverting all linux nodes and the windows node back to 1.1pre9, then
> there is no issue, all while using the identical config files.
What errors did tinc log when the Windows node failed to connect?
I did some tests myself and found a problem that might or might not be what you
experienced, and that is that there have been some changes in recent versions
of the OpenSSL library that cause public ECDSA keys to be written slightly
different than with older versions. This is a big problem of course, so I will
likely switch to Ed25519 keys, and have an embedded copy of the reference
implementation of the Ed25519 and Curve25519 code from Dan J. Bernstein
(similar to what OpenSSH does).
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140311/a940679e/attachment.sig>
More information about the tinc
mailing list