similar to: Tinc Cipher and Digest question

On Sat, 16 May 2015, Guus Sliepen wrote: > On Sat, May 16, 2015 at 12:09:52AM +0200, Sven-Haegar Koch wrote: > > > This change is not so good: > > > > Connection with aaa_vpnhub1 (1.2.3.4 port 443) activated > > Error while translating addresses: ai_family not supported > > > > (And then the tinc process exists) > > Hm, I couldn't reproduce

On Mon, 4 May 2020 18:45:19 +0200 (CEST) Sven-Haegar Koch <haegar at sdinet.de> wrote: > On Mon, 4 May 2020, Pallinger Péter wrote: > > > ------- TL;DR ------- > > > > Performance seems slow (around 300-400Mbit peak). > > How to improve? > > Not sure if that could be the case for you, my links are not that > fast: > > Make sure to disable

On Fri, 15 May 2015, Guus Sliepen wrote: > On Fri, May 15, 2015 at 10:26:46PM +0200, Sven-Haegar Koch wrote: > > > Another strange and difficult to understand thing - seems like all the > > easy bugs in 1.1 are gone ;) > [...] > > Got ADD_EDGE from aaa_vpnhub1 (1.2.3.4 port 443) for haegar_tokamak > > -> igor which does not match existing entry (Local

Hi - Thanks to Sven-Haegar and Donald, but still having issues setting up with Windows. Machine1 can't ping the VPN address of machine2. Regular IPv4 address for both machines in 192.168.1.xxx range. Router: Forwarding port 655 to 101.102.103.1, UDP and TCP Forwarding port 656 to 101.102.103.2, UDP and TCP Tinc.conf on machine user1 just three lines: Name = vpnuser1 ConnectTo =

------- TL;DR ------- Performance seems slow (around 300-400Mbit peak). How to improve? ------- The Long Version ------- I tried to test tinc performance for an upcoming project that may need to use NFS over a VPN. Our current tinc network seems to be able to transmit at around 30-40 MB/s. (I used an 1GB random testfile to copy to/from /dev/shm/; using netcat and http.) In comparison, HTTP and

Hallo, As part of building a debian package for my use of tinc 1.1 I run the "make check" testsuites. The current git breaks in invite-join.test: FAIL: invite-join ================= + ../src/tinc --config=/home/haegar/tinc/tinc/test/./invite-join.test.1 --pidfile=/home/haegar/tinc/tinc/test/./invite-join.test.1/pid Generating 2048 bits keys: ...........................+++ p ....+++

Hallo, I have a couple of tinc hosts in the same network, some using the latest tinc 1.1 git and some using 1.0.24. It seems like traffic between 1.1 and 1.0 nodes is always transfered using TCP (and an intermediate node, if not directly connected), never with UDP. Viewed from host W (tinc 1.1): (All after successfully pinging an IP behind the remote side to trigger UDP path probing, and

Yes, the current c implement is not so easy to read, very old style! The good part is that the protocol seems very clear:) 2016年12月13日 09:46，"Sven-Haegar Koch" <haegar at sdinet.de>写道： On Tue, 13 Dec 2016, Cong Monkey wrote: > As title, is that possible to develop a python version of tinc, that will > be interesting:) Possible? Sure. Will it be bigger and slower? Sure.

Update of /home/CVS/tinc/cipher/blowfish In directory humbolt:/tmp/cvs-serv2778/cipher/blowfish Modified Files: Makefile.am Makefile.in Log Message: Include system.h and cipher/hmac/hmac.h in the distribution; the blowfish cipher is now in PKGDIR/libcipher_blowfish.so.0. - Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site:

Hallo, Another strange and difficult to understand thing - seems like all the easy bugs in 1.1 are gone ;) waehring (1.1) | +-------------------+--------------+ | | | vpnhub1 (1.1) igor (1.1) turing (1.0) | | | +-------------------+--------------+ | tokamak Whenever another node outside of the graph connects to vpnhub or igor

Something to add. When this happened, it looks like tinc shutdown gracefully(not seg fault ..), because I can tell tinc-down script got implemented. Heng On Wed, Nov 25, 2015 at 6:00 AM, <tinc-request at tinc-vpn.org> wrote: > Send tinc mailing list submissions to > tinc at tinc-vpn.org > > To subscribe or unsubscribe via the World Wide Web, visit >

Thanks for the reply. I am running tinc (1.0.24) in an embedded linux environment, with a pretty old kernel (2.6). I have let tinc run for almost 24 hours with internet and can't reproduce the issue. Heng On Wed, Nov 25, 2015 at 6:00 AM, <tinc-request at tinc-vpn.org> wrote: > Send tinc mailing list submissions to > tinc at tinc-vpn.org > > To subscribe or

Hallo, trying to compile the current 1.1 git snapshot under Debian Wheezy gives me: configure.ac:7: option `info-in-builddir' not recognized autoreconf: automake failed with exit status: 1 Do I now need a specific newer version of automake? Seems to be the result of commit 13f9bc1ff199bea46 "Add support for out-of-tree ("VPATH") builds." Undoing the change to

Below is a patch that adds the ability to have a none cipher and mac for protocol version 2. By default, sshd will not allow these to be used; an admin will have to explicitly allow them in the Ciphers and MACs section of sshd_config. Additionally, the client will not use these unless explicitly instructed to by the user. The actual name of the cipher is 'none2', to distinguish it

On Tue, 5 May 2020 13:32:50 +0100 Jonathan Plews <SRS0=286U=6T=yahoo.co.uk=pl3w5y at mijnuvt.nl> wrote: > I didn't study the internals but maybe changing DirectOnly, Forwarding > and IndirectData will have an impact on per packet performance and > speed stability by disabling some of the meshing features? I will definitely try those. > Although it probably just hit the CPU

Hi, Is cipher "3des-ctr" supported by openssh? It is not mentioned in the list of supported ciphers in the man page of ssh_config: Thanks, Sunil Ciphers Specifies the ciphers allowed for protocol version 2 in order of preference. Multiple ciphers must be comma-separated. The supported ciphers are ''3des-cbc'', ''aes128-cbc'',

I have a simple pair of nodes set up, connected wirelessly, with tincd 1.0.16 running in switch mode. Setting Cipher and Digest to "none", and Compression to 0, the bridge is still CPU-bound, with most of tincd's CPU time spent in libcrypto. I narrowed it down to this line in net_setup.c: myself->connection->outcipher = EVP_bf_ofb(); It looks as though all outgoing data is

Hello, I understand that I can use the openssl ciphers and digests available on my systems, i.e. those in the list generated by "openssl list-cipher-commands" and "openssl list-message-digest-algorithms". I want to create a admin vpn network between my servers and my workplace. Network throughput is not a big issue, I am using ssh and the cli, however I would also do

Hi, I'm doing some perf profiling, and I can see that BF_encrypt & BF_decrypt of libcrypto.so.1.0.0 (used in tincd) are consuming CPU time. I'm using Tinc 1.0.23 and Cipher = aes-128-cbc BF_encrypt & BF_decrypt seems related to Blowfish (https://www.openssl.org/docs/crypto/blowfish.html). Is it normal that BF functions are used even if AES is used ? I do not know anything about

Hallo to everyone! First I would like to thank everybody for making a free implementation of ssh available. I am administrating the network at the computer science department of the University of Munich. Here, rcp (as in many other places, I guess) is banned for security reasons. I, aswell as others, use scp regulary to copy files from one machine to another. The problem is, that the transfer