Error during decryption of meta key
Adam Del Vecchio
adam at adamdelvecchio.name
Sat Sep 29 20:58:47 CEST 2012
Would we be able to see your tinc configuration from the servers and clients?
Sent from my iPhone
On Sep 29, 2012, at 12:36, Martin Schürrer <martin at schuerrer.org> wrote:
> Hi,
>
> I've got a relatively simple tinc setup.
>
> I've got two "servers" that are on the public internet that act as
> routers for three "clients" that are behind NATs.
>
> Those servers are called aaaaa and bbbbb the clients are xxxxx, yyyyy and zzzzz
>
> Unfortunatly the servers have problems accepting a connection from the clients
>
> syslog on aaaaa:
> Sep 29 18:28:58 schuerrer tinc.msch[4346]: Error during decryption of
> meta key for xxxxx (81.10.. port 56999)
> Sep 29 18:28:58 schuerrer tinc.msch[4346]: Error while processing
> METAKEY from xxxxx (81.10.. port 56999)
> Sep 29 18:29:23 schuerrer tinc.msch[4346]: Error during decryption of
> meta key for xxxxx (81.10.. port 57003)
> Sep 29 18:29:23 schuerrer tinc.msch[4346]: Error while processing
> METAKEY from xxxxx (81.10.. port 57003)
> Sep 29 18:29:50 schuerrer tinc.msch[4346]: Error during decryption of
> meta key for yyyyy (86.56.. port 33167)
> Sep 29 18:29:50 schuerrer tinc.msch[4346]: Error while processing
> METAKEY from yyyyy (86.56.. port 33167)
> Sep 29 18:29:53 schuerrer tinc.msch[4346]: Error during decryption of
> meta key for xxxxx (81.10.. port 57004)
> Sep 29 18:29:53 schuerrer tinc.msch[4346]: Error while processing
> METAKEY from xxxxx (81.10.. port 57004)
>
>
> here's the output of USR2 on zzzzz:
>
> Statistics for Generic BSD tun device /dev/tun1:
> total bytes in: 57750
> total bytes out: 86210
> Nodes:
> bbbbb at 199.167.. port 655 cipher 427 digest 64 maclength 4
> compression 0 options c status 001a nexthop bbbbb via bbbbb pmtu 1518
> (min 0 max 1518)
> yyyyy at 86.56.. port 655 cipher 0 digest 0 maclength 0 compression 0
> options c status 0018 nexthop bbbbb via yyyyy pmtu 1518 (min 0 max
> 1518)
> aaaaa at 188.40.. port 655 cipher 427 digest 64 maclength 4
> compression 0 options c status 001a nexthop aaaaa via aaaaa pmtu 1518
> (min 0 max 1518)
> zzzzz at MYSELF cipher 0 digest 0 maclength 0 compression 0 options c
> status 0018 nexthop zzzzz via zzzzz pmtu 1518 (min 0 max 1518)
> xxxxx at 81.10.. port 655 cipher 0 digest 0 maclength 0 compression 0
> options c status 0018 nexthop bbbbb via xxxxx pmtu 1518 (min 0 max
> 1518)
> End of nodes.
> Edges:
> bbbbb to yyyyy at 86.56.. port 655 options c weight 864
> bbbbb to aaaaa at 188.40.. port 655 options c weight 1028
> bbbbb to zzzzz at 95.211.. port 655 options c weight 1224
> bbbbb to xxxxx at 81.10.. port 655 options c weight 847
> yyyyy to bbbbb at 199.167.197.209 port 655 options c weight 864
> aaaaa to bbbbb at 199.167.197.209 port 655 options c weight 1028
> aaaaa to zzzzz at 95.211.. port 655 options c weight 237
> zzzzz to bbbbb at 199.167.197.209 port 655 options c weight 1224
> zzzzz to aaaaa at 188.40.. port 655 options c weight 237
> xxxxx to bbbbb at 199.167.197.209 port 655 options c weight 847
> End of edges.
> Subnet list:
> 172.20.0.1/32#10 owner zzzzz
> 172.20.0.10/32#10 owner aaaaa
> 172.20.0.11/32#10 owner bbbbb
> 172.20.0.20/32#10 owner aaaaa
> 172.20.0.51/32#10 owner yyyyy
> 172.20.0.52/32#10 owner xxxxx
> End of subnet list.
>
> Any ideas on what the reason for this could be? I tried generating new
> keys, that didn't help.
>
> tinc versions are:
> aaaaa 1.0.19
> bbbbb 1.0.18
> xxxxx 1.0.18
> yyyyy 1.0.19
> zzzzz 1.0.19
>
> Thanks,
> Martin Schuerrer
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
More information about the tinc
mailing list