An algorithm that is not enabled was negotiated.
Teddy Hogeborn
teddy at recompile.se
Tue Aug 6 17:37:00 CEST 2013
Theodotos Andreou <theo at ubuntucy.org> writes:
> My server is on a different network so I use this command:
>
> root at client~# /usr/lib/mandos/plugins.d/mandos-client
> --connect=<my_ip>:<my-port> --pubkey=/etc/keys/mandos/pubkey.txt
> --seckey=/etc/keys/mandos/seckey.txt
>
> On the server I get:
>
> Mandos [1849]: WARNING: Handshake failed: An algorithm that is not
> enabled was negotiated.
>
> and the client tries to read the key forever.
>
> I've read a similar issue on the mailing (back in June 2012) but it is
> not very clear what the problem (or the solution) is. Can you please
> en-light me about it?
It's probably an issue with GnuTLS we've seen before; we have fixed it
in the unreleased version by changing the default value of the
"priority" setting in mandos.conf to the string
"SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224". Try
uncommenting and setting that value in the server's mandos.conf file.
/Teddy Hogeborn
--
The Mandos Project
http://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20130806/b09e6687/attachment.sig>
More information about the Mandos-Dev
mailing list