search for: keylength

...and that this is my first post to this list tells a lot about the quality of tinc, I think. It's just great, thanks a lot for your fine work! Recently I've discovered these messages in my syslog: Dec 28 16:34:06 vdr tinc.grue[9731]: Possible intruder ix (192.168.178.25 port 60882): wrong keylength Dec 28 16:34:06 vdr tinc.grue[9731]: Error while processing METAKEY from ix (192.168.178.25 port 60882) Could you give me a hint about the reason? I've compared the public keys and they match. Also, there's no problem to connect from host vdr to host ix via tinc... Thanks again! -- Mark...

Hi, I've two computers, one with Debian the other with Ubuntu. The Debian computer has v1.0.14, the Ubuntu v1.0.11. They do not manage to connect with error "wrong keylength": the Ubuntu computer sends a 512 byte key to the Debian computer which expects a 256 byte key. Is it expected ? Is there a configuration option somewhere that I've set differently on the computers ? Thanks, Lo?c

...t_pubek(TPM_PUBKEY *pubEndorsementKey) - { -- UINT32 key_length; -+ size_t key_length; - if (!tpmData.permanent.data.endorsementKey.size) return TPM_NO_ENDORSEMENT; - /* setup TPM_PUBKEY structure */ -- key_length = tpmData.permanent.data.endorsementKey.size; -- pubEndorsementKey->pubKey.keyLength = key_length >> 3; -+ pubEndorsementKey->pubKey.keyLength = tpmData.permanent.data.endorsementKey.size >> 3; - pubEndorsementKey->pubKey.key = tpm_malloc(pubEndorsementKey->pubKey.keyLength); - if (pubEndorsementKey->pubKey.key == NULL) return TPM_FAIL; - rsa_export_m...

How can I configure F5 load balancer to be infront of multiple puppet masters? The SSL will break as the server name if different, hostname of the VIP on the LB vs hostnames of each masters, right? Can you shed some light? Thanks. -- Hai Tao -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to

...solaris.org Estimated Hours: 0.0 After creating an encrypted dataset and then unloading the key, trying to reload the key fails.. Below is all the debug info.. The salt and key are the same during creation and load time.. An error that looks odd to me is the first kernel warning saying that keylength of 32 was invalid.. it should be 32.. bash-3.2# zfs create -o encryption=on -o keysource=passphrase,prompt -o keyscop e=dataset tank/enc DEBUG: crypt = 0 DEBUG: keyscope = 0 DEBUG: keysource="passphrase,prompt" Enter passphrase for ''tank/enc'': Enter again: salt==0 sa...

...RAM and ZFS using 7 drives, small capacity though, to test and study if I can make my home server this box and this way. It will be a simple server, three users tops. I followed the handbook and made the geli step on the disks: Geom name: label/zfs1.eli State: ACTIVE EncryptionAlgorithm: AES-XTS KeyLength: 128 Crypto: software UsedKey: 0 Flags: NONE KeysAllocated: 38 KeysTotal: 38 Providers: 1. Name: label/zfs1.eli Mediasize: 160041881600 (149G) Sectorsize: 4096 Mode: r1w1e1 Consumers: 1. Name: label/zfs1 Mediasize: 160041885184 (149G) Sectorsize: 512 Mode: r1w1e1 all disks are t...

I have a zpool that consists for a two-drive mirror. The two times I took the zpool offline, I had to resilver one of the drives (the same drive both times) when I imported it back. All drives in the pool show no read, write, or checksum errors and are new, so I'm looking to a software problem before hardware. Both drives are encrypted geli devices. I tried to reproduce the error with 1GB

...a Name="AuthenticationPackageName">Kerberos</Data> <Data Name="WorkstationName">SRVCHEINA</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0xe48</Data> <Data Name="ProcessName">C:\Windows\System32\inetsrv\w3wp.exe</Data> <Data Name="IpAddress">-</Data> <Data Name="IpPort">-</Data>...

Hi! Is there any possibility to let dovecot serve >1024 Bit DH Parameters at SSL/TLS-connections? Is it possible to replace /var/lib/dovecot/ssl-parameters.ssl with DH-parameter generated by openssl? If not: Are there any plans to implement that? Thank you!

...e [1]. Would you accept a patch to change the group size estimate to something like: int dh_estimate(int bits) { if (bits <= 80) return (1024); if (bits <= 192) return (3072); return (4096); } Redhat [2] and Fedora [3] have open bugs about this. [1] http://www.keylength.com/en/5/ [2] https://bugzilla.redhat.com/show_bug.cgi?id=1010607 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1012577

http://bugzilla.mindrot.org/show_bug.cgi?id=1119 Summary: Enhancement request for raising minimum acceptable key length. Product: Portable OpenSSH Version: 4.2p1 Platform: Other URL: http://www.rsasecurity.com/press_release.asp?doc_id=488& id=1034 OS/Version: All Status: NEW

...var/lib/puppet/ssl/public_keys/vusion-production.pem http_compression = false http_proxy_host = none http_proxy_port = 3128 httplog = /var/log/puppet/http.log ignorecache = false ignoreimport = false ignoreschedules = false inventory_port = 8140 inventory_server = puppet inventory_terminus = facter keylength = 1024 lastrunfile = /var/lib/puppet/state/last_run_summary.yaml lastrunreport = /var/lib/puppet/state/last_run_report.yaml ldapattrs = all ldapbase = "" ldapclassattrs = puppetclass ldapnodes = false ldapparentattr = parentnode ldappassword = "" ldapport = 389 ldapserver = ldap...

...5 11:56:40 2008 @@ -75,8 +75,8 @@ return false; } - n->status.validkey = false; - n->status.waitingforkey = false; + n->status.st.validkey = false; + n->status.st.waitingforkey = false; /* Tell the others */ @@ -210,8 +210,8 @@ hex2bin(from->key, from->key, from->keylength); from->key[from->keylength] = '\0'; - from->status.validkey = true; - from->status.waitingforkey = false; + from->status.st.validkey = true; + from->status.st.waitingforkey = false; from->sent_seqno = 0; /* Check and lookup cipher and digest algorithms */ dif...

...;AuthenticationPackageName">NTLM</Data> <Data Name="WorkstationName">SAMBA_PDC</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0x0</Data> <Data Name="ProcessName">-</Data> <Data Name="IpAddress">192.168.x.x</Data> <Data Name="IpPort">51798</Data> &...

...a Name="AuthenticationPackageName">Kerberos</Data> <Data Name="WorkstationName">TS-SERVER</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0x8a4</Data> <Data Name="ProcessName">C:\Windows\System32\inetsrv\w3wp.exe</Data> <Data Name="IpAddress">-</Data> <Data Name="IpPort">-</Data>...

...;'$cadir/signed'' debug: ca: Setting csrdir to ''$cadir/requests'' debug: ca: Setting req_bits to ''2048'' debug: ca: Setting capass to ''$caprivatedir/ca.pass'' debug: ca: Setting cadir to ''$ssldir/ca'' debug: ca: Setting keylength to ''1024'' debug: ca: Setting autosign to ''$confdir/autosign.conf'' debug: ca: Setting cacrl to ''$cadir/ca_crl.pem'' debug: ca: Setting ca to ''true'' debug: ca: Setting serial to ''$cadir/serial'' debug: ca: Setting...

I am not sure if this is relevant root at sambaPDC:~# /usr/local/samba/bin/net rpc trustdom establish DomainB Enter DOMAINA$'s password: Could not connect to server DomainB_DC Trust to domain DomainB established root at sambaPDC:~# root at sambaPDC:~# /usr/local/samba/bin/net rpc trustdom establish DomainC Enter DOMAINA$'s password: Could not connect to

...lock to the system clock. strmbase: Swap the lock order in IPin::EndFlush(). kernelbase: Implement GetOverlappedResultEx(). ntoskrnl.exe: Remove a superfluous condition. ddraw: Track some more render states in the primary stateblock. Zhang Shuai (1): dssenh/tests: Add keylength tests for enhanced and schannel providers. Zhiyi Zhang (5): setupapi/tests: Fix timeout on win10 1809+. setupapi/tests: Add default device registry property tests. wine.inf: Add display and monitor classes. setupapi: Set device SPDRP_CLASS registry property in create_device...

...Examples are ''3600'' (one hour) # and ''1825d'', which is the same as ''5y'' (5 years) # The default value is ''5y''. # ca_ttl = 5y # The bit length of keys. # The default value is ''1024''. # keylength = 1024 # The name to use the Certificate Authority certificate. # The default value is ''Puppet CA: $certname''. ca_name = Puppet CA: ip-10-36-11-244.ec2.internal # The CA private key. # The default value is ''$cadir/ca_key.pem''. cakey = /e...

Adam, With the blog entry[1] you''ve made about gzip for ZFS, it raises a couple of questions... 1) It would appear that a ZFS filesystem can support files of varying compression algorithm. If a file is compressed using method A but method B is now active, if I truncate the file and rewrite it, is A or B used? 2) The question of whether or not to use bzip2 was raised in the