[mandos-client] Error -64 while reading keypar
Teddy Hogeborn
teddy at recompile.se
Fri Oct 30 23:07:40 CET 2015
Pablo Abelenda <pabelenda at igalia.com> writes:
> I have configured a mandos server and a mandos client.
>
> Everytime I boot the client machine and mandos-client try to get his
> password I obtain the following error:
>
> ------------------------------------------------------------------------
> Mandos plugin mandos-client: Error [-64] while reading the Open PGP key
> pair ('conf/conf.d/pubkey.txt' , 'conf/conf.d/seckey.txt')
> Mandos plugin mandos-client: The GnuTLS error is: Error while reading file.
> Mandos plugin mandos-client: init_gnutls_global failed
> ------------------------------------------------------------------------
[...]
> --options-for=mandos-client:--pubkey=conf.d/mandos/pubkey.txt
> --options-for=mandos-client:--seckey=conf.d/mandos/seckey.txt
> --options-for=mandos-client:--network-hook-dir=lib/mandos/network-hooks.d
It seems that the Mandos client fails to find the key files. It would
probably work if you changed it to use absolute paths; like
"/conf/conf.d/mandos/pubkey.txt" (which is also the default setting, so
you should not need to even specify the --pubkey and --seckey options),
not "conf.d/mandos/pubkey.txt" or "conf/conf.d/pubkey.txt".
The key files should normally be located in the /etc/keys/mandos
directory, and will therefore *not* be found when running the Mandos
client without any options from the normal booted system. (See the
/usr/share/doc/mandos-client/README.Debian.gz file for a suitable
command line to use for testing the Mandos client in this environment.)
When booting, however, the Mandos client runs in the initial RAM disk
file system (initrd.img), and *there*, the key files should have been
copied from /etc/keys/mandos to /conf/conf.d/mandos.
/Teddy
--
The Mandos Project
http://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20151030/c023a603/attachment.sig>
More information about the Mandos-Dev
mailing list