Warning: old key(s) found and disabled.
Guus Sliepen
guus at tinc-vpn.org
Mon Nov 25 08:19:54 CET 2019
On Sun, Nov 24, 2019 at 04:52:41PM -0500, Frank Myhr wrote:
> Well, I goofed and entered the wrong network name while trying to set up
> keys for a new network:
>
> # tincd -n existing_net -K
> Generating 2048 bits keys:
> ............................................+++++ p
> ..................................................................+++++ q
> Done.
> Please enter a file to save private RSA key to
> [/etc/tinc/existing_net/rsa_key.priv]:
> Warning: old key(s) found and disabled.
> Please enter a file to save public RSA key to
> [/etc/tinc/existing_net/hosts/host_on_existing_net]: ^C
>
> I realized my error when tinc warned me, thus the ^C.
> Now /etc/tinc/existing_net/rsa_key.priv has been replaced, while
> /etc/tinc/existing_net/hosts/host_on_existing_net still contains the old
> public key.
>
> When tinc says it "disabled" the old key, did it it in fact *delete* it?
No, it did not. The old key is still in rsa_key.priv, between markers
that say "BEGIN OLD" and "END OLD". To recover the old key, remove the
new key (which has been placed after the old one), and change the words
"OLD" to "RSA".
> I assume it will lose
> access when tinc is restarted unless I fix the config.
Correct. I hope this helps!
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20191125/6cfaffee/attachment.sig>
More information about the tinc
mailing list