An algorithm that is not enabled was negotiated.
Theodotos Andreou
theo at ubuntucy.org
Wed Aug 7 21:54:36 CEST 2013
On 06/08/2013 06:37 μμ, Teddy Hogeborn wrote:
> Theodotos Andreou <theo at ubuntucy.org> writes:
>
>> My server is on a different network so I use this command:
>>
>> root at client~# /usr/lib/mandos/plugins.d/mandos-client
>> --connect=<my_ip>:<my-port> --pubkey=/etc/keys/mandos/pubkey.txt
>> --seckey=/etc/keys/mandos/seckey.txt
>>
>> On the server I get:
>>
>> Mandos [1849]: WARNING: Handshake failed: An algorithm that is not
>> enabled was negotiated.
>>
>> and the client tries to read the key forever.
>>
>> I've read a similar issue on the mailing (back in June 2012) but it is
>> not very clear what the problem (or the solution) is. Can you please
>> en-light me about it?
> It's probably an issue with GnuTLS we've seen before; we have fixed it
> in the unreleased version by changing the default value of the
> "priority" setting in mandos.conf to the string
> "SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224". Try
> uncommenting and setting that value in the server's mandos.conf file.
>
> /Teddy Hogeborn
>
After some fiddling around I now got it working.
Thanks Teddy!
More information about the Mandos-Dev
mailing list