Mandos on Fedora/RHEL
Teddy Hogeborn
teddy at recompile.se
Sat Oct 26 20:10:50 CEST 2013
"Nathanael D. Noblet" <nathanael at gnat.ca> writes:
> > The server log has this:
> >
> > 2013-10-24 16:08:19,053 root [3819]: DEBUG: Fingerprint:
> > 3214C6D910D9231208CC4C665C0DF789334E2179
> > 2013-10-24 16:08:19,054 root [3813]: INFO: Client not found for
> > fingerprint: 3214C6D910D9231208CC4C665C0DF789334E2179, address:
> > ('::ffff:192.168.56.152', 33553, 0, 0)
> >
> > the /etc/mandos/clients.conf
> >
> > [mini]
> > host = 192.168.56.152
> > fingerprint = 3214C6D910D9231208CC4C665C0DF789334E2179
> > secret = ....
> >
> > Any ideas what could be going wrong there?
>
> I have no idea how this could not be working... I've dug through the
> code but for whatever reason it doesn't seem to add the client. I
> added some basic logging to see such as
>
> logger.warning(set(old_client_settings)-set(client_settings))
> and
> logger.warning(set(client_settings)-set(old_client_settings))
> both print out [] in the debug log...
>
> I manually did this
> clients_data['mini'] = client_settings['mini']
>
> after the loop that does the adding and suddenly everything works, the
> checker starts and the client can connect and gets its password. I did
> a diff of /usr/sbin/mandos between 1.6.1 and 1.6.2 and there are
> barely any lines changed between. Any thoughts on why the set()-set
> results in an empty set when the clients_settings isn't empty??
Hmm. I can't see any reason this would happen either. I mean, the
client is obviously there, but presumably with the wrong fingerprint.
But I can't figure out a reason for this. I assume you've checked the
config file for any conflicting or overriding settings?
What does the running server report as the fingerprint of "mini"? (Use
mandos-ctl or the raw D-Bus interface.)
/Teddy Hogeborn
--
The Mandos Project
http://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20131026/d4bf25e6/attachment.sig>
More information about the Mandos-Dev
mailing list