exact insecurity of --bypass-security ?
Dipl.-Ing. C. Lechleitner
christoph.lechleitner at ibcl.at
Wed Sep 3 10:14:17 CEST 2003
On Wed, 3 Sep 2003, Guus Sliepen wrote:
>It could be a problem caused by differing OpenSSL versions. But it could
>also caused by putting a public or private key in the wrong place. Try
>removing all the public/private keys and generate them again.
Thanks for insisting on the removal of old keys ;-))
What's happened is:
I did notice that I have to remove the public key from the hosts/* file before
calling tincd -K again.
I did not notice that the same problem (of multiple keys in one file produced
by multiple tincd -K calls) applies to the /etc/tinc/foo/*.priv file ;-<<
As this file does only contain a key I simply assumed that it would be
overwritten, not appended ...
Perhaps this is worth a warning remark in the manual (section 4.5 or 5.1)?
Anyway, this is a success report for SuSE Linux 8.2 with static precompiled
tincq 1.0.1 and SuSE kernels k_deflt-2.4.20-39 and k_athlon-2.4.20-86.
The only system changes needed were to put the one line in modules.conf and a
call to depmod -a.
If it keeps working, I might put a tinc-on-SuSE-mini-howto on our OpenSource
pages and publish the link in this list.
Thanks again, kind regards.
Christoph Lechleitner
Tinc: Discussion list about the tinc VPN daemon
Archive: http://mail.nl.linux.org/lists/
Tinc site: http://tinc.nl.linux.org/
More information about the Tinc
mailing list