Search Results

Search found 348 results on 14 pages for 'cipher'.

Page 6/14 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Redirecting or routing all traffic to OpenVPN on a Mac OS X client

    - by sdr56p
    I have configured an OpenVPN (2.2.1) server on an Ubuntu virtual machine in the Amazon elastic compute cloud. The server is up and running. I have installed OpenVPN (2.2.1) on a Mac OS X (10.8.2) client and I am using the openvpn2 binary to connect (in opposition to other clients like Tunnelblick or Viscosity). I can connect with the client and successfully ping or ssh the server through the tunnel. However, I can't redirect all internet traffic through the VPN even if I use the push "redirect-gateway def1 bypass-dhcp" option in the server.conf configurations. When I connect to the server with these configurations, I get a successful connection, but then an infinite series of error messages: "write UDPv4: No route to host (code=65)". Traffic routing seems to be compromised because I am not able to access anything anymore, not even the OpenVPN server (by pinging 10.8.0.1 for instance). This is beyond me. I am finding little help on the web and don't know what to try next. I don't think it is a problem of forwarding the traffic on the server since, first, I have also took care of that and, second, I can't even ping the VPN server locally through the tunnel (or ping anything at all for that matter). Thank you for your help. Here is the server.conf. file: port 1194 proto udp dev tun ca ca.crt cert ec2-server.crt key ec2-server.key # This file should be kept secret dh dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" client-to-client keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3 And the client.conf file: client dev tun proto udp remote servername.com 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert Toto5.crt key Toto5.key ns-cert-type server comp-lzo verb 3 Here is the connection log with the error messages: $ sudo openvpn2 --config client.conf Wed Mar 13 22:58:22 2013 OpenVPN 2.2.1 x86_64-apple-darwin12.2.0 [SSL] [LZO2] [eurephia] built on Mar 4 2013 Wed Mar 13 22:58:22 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Wed Mar 13 22:58:22 2013 LZO compression initialized Wed Mar 13 22:58:22 2013 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Mar 13 22:58:22 2013 Socket Buffers: R=[196724->65536] S=[9216->65536] Wed Mar 13 22:58:22 2013 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Wed Mar 13 22:58:22 2013 Local Options hash (VER=V4): '41690919' Wed Mar 13 22:58:22 2013 Expected Remote Options hash (VER=V4): '530fdded' Wed Mar 13 22:58:22 2013 UDPv4 link local: [undef] Wed Mar 13 22:58:22 2013 UDPv4 link remote: 54.234.43.171:1194 Wed Mar 13 22:58:22 2013 TLS: Initial packet from 54.234.43.171:1194, sid=ffbaf343 d0c1a266 Wed Mar 13 22:58:22 2013 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funst ... ost.domain Wed Mar 13 22:58:22 2013 VERIFY OK: nsCertType=SERVER Wed Mar 13 22:58:22 2013 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funst ... ost.domain Wed Mar 13 22:58:23 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Mar 13 22:58:23 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Mar 13 22:58:23 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Mar 13 22:58:23 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Mar 13 22:58:23 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Wed Mar 13 22:58:23 2013 [ec2-server] Peer Connection Initiated with 54.234.43.171:1194 Wed Mar 13 22:58:25 2013 SENT CONTROL [ec2-server]: 'PUSH_REQUEST' (status=1) Wed Mar 13 22:58:25 2013 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' Wed Mar 13 22:58:25 2013 OPTIONS IMPORT: timers and/or timeouts modified Wed Mar 13 22:58:25 2013 OPTIONS IMPORT: --ifconfig/up options modified Wed Mar 13 22:58:25 2013 OPTIONS IMPORT: route options modified Wed Mar 13 22:58:25 2013 ROUTE default_gateway=0.0.0.0 Wed Mar 13 22:58:25 2013 TUN/TAP device /dev/tun0 opened Wed Mar 13 22:58:25 2013 /sbin/ifconfig tun0 delete ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address Wed Mar 13 22:58:25 2013 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure Wed Mar 13 22:58:25 2013 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up Wed Mar 13 22:58:25 2013 /sbin/route add -net 10.8.0.0 10.8.0.5 255.255.255.0 add net 10.8.0.0: gateway 10.8.0.5 Wed Mar 13 22:58:25 2013 Initialization Sequence Completed ^CWed Mar 13 22:58:30 2013 event_wait : Interrupted system call (code=4) Wed Mar 13 22:58:30 2013 TCP/UDP: Closing socket Wed Mar 13 22:58:30 2013 /sbin/route delete -net 10.8.0.0 10.8.0.5 255.255.255.0 delete net 10.8.0.0: gateway 10.8.0.5 Wed Mar 13 22:58:30 2013 Closing TUN/TAP interface Wed Mar 13 22:58:30 2013 SIGINT[hard,] received, process exiting toto5:ttntec2 Dominic$ sudo openvpn2 --config client.conf --remote ec2-54-234-43-171.compute-1.amazonaws.com Wed Mar 13 22:58:57 2013 OpenVPN 2.2.1 x86_64-apple-darwin12.2.0 [SSL] [LZO2] [eurephia] built on Mar 4 2013 Wed Mar 13 22:58:57 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Wed Mar 13 22:58:57 2013 LZO compression initialized Wed Mar 13 22:58:57 2013 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Mar 13 22:58:57 2013 Socket Buffers: R=[196724->65536] S=[9216->65536] Wed Mar 13 22:58:57 2013 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Wed Mar 13 22:58:57 2013 Local Options hash (VER=V4): '41690919' Wed Mar 13 22:58:57 2013 Expected Remote Options hash (VER=V4): '530fdded' Wed Mar 13 22:58:57 2013 UDPv4 link local: [undef] Wed Mar 13 22:58:57 2013 UDPv4 link remote: 54.234.43.171:1194 Wed Mar 13 22:58:57 2013 TLS: Initial packet from 54.234.43.171:1194, sid=a0d75468 ec26de14 Wed Mar 13 22:58:58 2013 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funst ... ost.domain Wed Mar 13 22:58:58 2013 VERIFY OK: nsCertType=SERVER Wed Mar 13 22:58:58 2013 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funst ... ost.domain Wed Mar 13 22:58:58 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Mar 13 22:58:58 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Mar 13 22:58:58 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Mar 13 22:58:58 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Mar 13 22:58:58 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Wed Mar 13 22:58:58 2013 [ec2-server] Peer Connection Initiated with 54.234.43.171:1194 Wed Mar 13 22:59:00 2013 SENT CONTROL [ec2-server]: 'PUSH_REQUEST' (status=1) Wed Mar 13 22:59:00 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' Wed Mar 13 22:59:00 2013 OPTIONS IMPORT: timers and/or timeouts modified Wed Mar 13 22:59:00 2013 OPTIONS IMPORT: --ifconfig/up options modified Wed Mar 13 22:59:00 2013 OPTIONS IMPORT: route options modified Wed Mar 13 22:59:00 2013 ROUTE default_gateway=0.0.0.0 Wed Mar 13 22:59:00 2013 TUN/TAP device /dev/tun0 opened Wed Mar 13 22:59:00 2013 /sbin/ifconfig tun0 delete ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address Wed Mar 13 22:59:00 2013 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure Wed Mar 13 22:59:00 2013 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up Wed Mar 13 22:59:00 2013 /sbin/route add -net 54.234.43.171 0.0.0.0 255.255.255.255 add net 54.234.43.171: gateway 0.0.0.0 Wed Mar 13 22:59:00 2013 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0 add net 0.0.0.0: gateway 10.8.0.5 Wed Mar 13 22:59:00 2013 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0 add net 128.0.0.0: gateway 10.8.0.5 Wed Mar 13 22:59:00 2013 /sbin/route add -net 10.8.0.0 10.8.0.5 255.255.255.0 add net 10.8.0.0: gateway 10.8.0.5 Wed Mar 13 22:59:00 2013 Initialization Sequence Completed Wed Mar 13 22:59:00 2013 write UDPv4: No route to host (code=65) Wed Mar 13 22:59:00 2013 write UDPv4: No route to host (code=65) Wed Mar 13 22:59:01 2013 write UDPv4: No route to host (code=65) Wed Mar 13 22:59:01 2013 write UDPv4: No route to host (code=65) Wed Mar 13 22:59:01 2013 write UDPv4: No route to host (code=65) Wed Mar 13 22:59:02 2013 write UDPv4: No route to host (code=65) Wed Mar 13 22:59:02 2013 write UDPv4: No route to host (code=65) Wed Mar 13 22:59:02 2013 write UDPv4: No route to host (code=65) Wed Mar 13 22:59:02 2013 write UDPv4: No route to host (code=65) Wed Mar 13 22:59:02 2013 write UDPv4: No route to host (code=65) ... The routing table after a connection WITHOUT the push redirect-gateway (all traffic is not redirected to the VPN and everything is working fine, I can ping or ssh the OpenVPN server and access all other Internet resources through my default gateway): Destination Gateway Flags Refs Use Netif Expire default user148-1.wireless UGSc 50 0 en1 10.8/24 10.8.0.5 UGSc 2 7 tun0 10.8.0.5 10.8.0.6 UH 3 2 tun0 127 localhost UCS 0 0 lo0 localhost localhost UH 6 6692 lo0 client.openvpn.net client.openvpn.net UH 3 18 lo0 142.1.148/22 link#5 UCS 2 0 en1 user148-1.wireless 0:90:b:27:10:71 UHLWIir 50 0 en1 76 user150-173.wirele localhost UHS 0 0 lo0 142.1.151.255 ff:ff:ff:ff:ff:ff UHLWbI 0 2 en1 169.254 link#5 UCS 1 0 en1 169.254.255.255 0:90:b:27:10:71 UHLSWi 0 0 en1 71 The routing table after a connection with the push redirect-gateway option enable as in the server.conf file above (all internet traffic should be redirected to the VPN tunnel, but nothing is working, I can't access any Internet ressources at all): Destination Gateway Flags Refs Use Netif Expire 0/1 10.8.0.5 UGSc 1 0 tun0 default user148-1.wireless UGSc 7 0 en1 10.8/24 10.8.0.5 UGSc 0 0 tun0 10.8.0.5 10.8.0.6 UHr 6 0 tun0 54.234.43.171/32 0.0.0.0 UGSc 1 0 en1 127 localhost UCS 0 0 lo0 localhost localhost UH 3 6698 lo0 client.openvpn.net client.openvpn.net UH 0 27 lo0 128.0/1 10.8.0.5 UGSc 2 0 tun0 142.1.148/22 link#5 UCS 1 0 en1 user148-1.wireless 0:90:b:27:10:71 UHLWIir 1 0 en1 833 user150-173.wirele localhost UHS 0 0 lo0 169.254 link#5 UCS 1 0 en1 169.254.255.255 0:90:b:27:10:71 UHLSW 0 0 en1

    Read the article

  • Import problem with PyCrypto in Jython

    - by Arg
    Hello, I am currently trying to get python bittorrent tracker running inside of jython and i encountered this problem: the tracker uses PyCrypto library which i compiled for my platform and added into the python path. When i try to run code, however, i get following error: Exception in thread "MainThread" Traceback (most recent call last): File "./python_dep/BitTorrent-5.2.2/bittorrent-tracker.py", line 21, in <module> from BitTorrent.track import track File "./python_dep/BitTorrent-5.2.2/BitTorrent/track.py", line 50, in <module> from BitTorrent.UI import Size File "./python_dep/BitTorrent-5.2.2/BitTorrent/UI.py", line 37, in <module> from BitTorrent.MultiTorrent import UnknownInfohash, TorrentAlreadyInQueue, TorrentAlreadyRunning, TorrentNotRunning File "./python_dep/BitTorrent-5.2.2/BitTorrent/MultiTorrent.py", line 25, in <module> from BitTorrent.Torrent import Feedback, Torrent File "./python_dep/BitTorrent-5.2.2/BitTorrent/Torrent.py", line 32, in <module> from BitTorrent.ConnectionManager import ConnectionManager File "./python_dep/BitTorrent-5.2.2/BitTorrent/ConnectionManager.py", line 22, in <module> from BitTorrent.Connector import Connector File "./python_dep/BitTorrent-5.2.2/BitTorrent/Connector.py", line 27, in <module> from Crypto.Cipher import ARC4 ImportError: cannot import name ARC4 Java Result: 1 I am pretty sure that the library is in the python path, because command import Crypto.Cipher works, while from Crypto.Cipher import ARC4 does not. The java code i run looks like this: package jythTest; import org.python.util.PythonInterpreter; public class Main { public static void main(String[] args) { PythonInterpreter pythonInterpreter = new PythonInterpreter(); pythonInterpreter.exec("import sys"); pythonInterpreter.exec("sys.path.append(\"./python_dep/BitTorrent-5.2.2/\")"); pythonInterpreter.exec("sys.path.append(\"./python_dep/Twisted-10.0.0/\")"); pythonInterpreter.exec("sys.path.append(\"./python_dep/Zope-3.4.0/build/lib.linux-i686-2.6\")"); pythonInterpreter.exec("sys.path.append(\"./python_dep\")"); pythonInterpreter.exec("sys.path.append(\"./python_dep/pycrypto-2.0.1/build/lib.linux-i686-2.6\")"); pythonInterpreter.exec("sys.path.append(\"import Crypto.Cipher\")"); //pythonInterpreter.exec("print sys.path"); pythonInterpreter.execfile("./python_dep/BitTorrent-5.2.2/bittorrent-tracker.py"); } } Thanks in advance to anyone who could provide any kind of help.

    Read the article

  • What (pure) Python library to use for AES 256 encryption?

    - by Daren Thomas
    I am looking for a (preferably pure) python library to do AES 256 encription and decryption. This library should support the CBC cipher mode and use PKCS7 padding according to the answer to an earlier question of mine. The library should at least work on Mac OS X (10.4) and Windows XP. Ideally just by dropping it into the source directory of my project. I have seen this by Josh Davis, but am not sure about how good it is and if it does the required CBC cipher mode... Scanning the source suggests it doesn't

    Read the article

  • Too much data for RSA block fail. What is PKCS#7?

    - by Tom Brito
    Talking about javax.crypto.Cipher; I was trying to encrypt data using Cipher.getInstance("RSA/None/NoPadding", "BC"); but I got the exception: ArrayIndexOutOfBoundsException: too much data for RSA block Looks like is something related to the "NoPadding", so, reading about padding, looks like CBC is the best approach to use here. I found at google something about "RSA/CBC/PKCS#7", what is this "PKCS#7"? And why its not listed on sun's standard algorithm names?

    Read the article

  • When encrypting data that is not an even multiple of the block size do I have to send a complete las

    - by WilliamKF
    If I am using a block cipher such as AES which has a block size of 128 bits, what do I do if my data is not an even multiple of 128 bits? I am working with packets of data and do not want to change the size of my packet when encrypting it, yet my data is not an even multiple of 128? Does the AES block cipher allow handling of a final block that is short without changing the size of my message once encrypted?

    Read the article

  • mcrypt_encrypt fails to initialise

    - by mixkat
    I am trying to encrypt some data in PHP using the Rijndael cipher in CBC mode with a 256bit key but for some reason I get the following error message: mcrypt_encrypt() Module initialization failed My code: $hashKey = hash('sha256',$key); $iv = hash('sha256',$hashKey); // ------Cipher-------------key-------------Data-------------Mode---------IV-- $encryptedQuestion = base64_encode(mcrypt_encrypt('MCRYPT_RIJNDAEL_256', $hashKey , $_POST['question'], MCRYPT_MODE_CBC, $iv)); Can anyone see whats wrong with this?

    Read the article

  • java RSA Multiple Encryption

    - by user1763730
    I encrypt my message with a symmetric key and the symmetric key itself has to be further encrypted with different RSA public keys. When I tried to implement the above I got the following error: javax.crypto.IllegalBlockSizeException: The input was invalid: Invalid input length. at com.rsa.shareCrypto.j.hD.engineDoFinal(Unknown Source) at javax.crypto.Cipher.doFinal(Cipher.java:2087) at wrap1.main(wrap1.java:69) Is there a way to solve this problem ?

    Read the article

  • Optimizing AES modes on Solaris for Intel Westmere

    - by danx
    Optimizing AES modes on Solaris for Intel Westmere Review AES is a strong method of symmetric (secret-key) encryption. It is a U.S. FIPS-approved cryptographic algorithm (FIPS 197) that operates on 16-byte blocks. AES has been available since 2001 and is widely used. However, AES by itself has a weakness. AES encryption isn't usually used by itself because identical blocks of plaintext are always encrypted into identical blocks of ciphertext. This encryption can be easily attacked with "dictionaries" of common blocks of text and allows one to more-easily discern the content of the unknown cryptotext. This mode of encryption is called "Electronic Code Book" (ECB), because one in theory can keep a "code book" of all known cryptotext and plaintext results to cipher and decipher AES. In practice, a complete "code book" is not practical, even in electronic form, but large dictionaries of common plaintext blocks is still possible. Here's a diagram of encrypting input data using AES ECB mode: Block 1 Block 2 PlainTextInput PlainTextInput | | | | \/ \/ AESKey-->(AES Encryption) AESKey-->(AES Encryption) | | | | \/ \/ CipherTextOutput CipherTextOutput Block 1 Block 2 What's the solution to the same cleartext input producing the same ciphertext output? The solution is to further process the encrypted or decrypted text in such a way that the same text produces different output. This usually involves an Initialization Vector (IV) and XORing the decrypted or encrypted text. As an example, I'll illustrate CBC mode encryption: Block 1 Block 2 PlainTextInput PlainTextInput | | | | \/ \/ IV >----->(XOR) +------------->(XOR) +---> . . . . | | | | | | | | \/ | \/ | AESKey-->(AES Encryption) | AESKey-->(AES Encryption) | | | | | | | | | \/ | \/ | CipherTextOutput ------+ CipherTextOutput -------+ Block 1 Block 2 The steps for CBC encryption are: Start with a 16-byte Initialization Vector (IV), choosen randomly. XOR the IV with the first block of input plaintext Encrypt the result with AES using a user-provided key. The result is the first 16-bytes of output cryptotext. Use the cryptotext (instead of the IV) of the previous block to XOR with the next input block of plaintext Another mode besides CBC is Counter Mode (CTR). As with CBC mode, it also starts with a 16-byte IV. However, for subsequent blocks, the IV is just incremented by one. Also, the IV ix XORed with the AES encryption result (not the plain text input). Here's an illustration: Block 1 Block 2 PlainTextInput PlainTextInput | | | | \/ \/ AESKey-->(AES Encryption) AESKey-->(AES Encryption) | | | | \/ \/ IV >----->(XOR) IV + 1 >---->(XOR) IV + 2 ---> . . . . | | | | \/ \/ CipherTextOutput CipherTextOutput Block 1 Block 2 Optimization Which of these modes can be parallelized? ECB encryption/decryption can be parallelized because it does more than plain AES encryption and decryption, as mentioned above. CBC encryption can't be parallelized because it depends on the output of the previous block. However, CBC decryption can be parallelized because all the encrypted blocks are known at the beginning. CTR encryption and decryption can be parallelized because the input to each block is known--it's just the IV incremented by one for each subsequent block. So, in summary, for ECB, CBC, and CTR modes, encryption and decryption can be parallelized with the exception of CBC encryption. How do we parallelize encryption? By interleaving. Usually when reading and writing data there are pipeline "stalls" (idle processor cycles) that result from waiting for memory to be loaded or stored to or from CPU registers. Since the software is written to encrypt/decrypt the next data block where pipeline stalls usually occurs, we can avoid stalls and crypt with fewer cycles. This software processes 4 blocks at a time, which ensures virtually no waiting ("stalling") for reading or writing data in memory. Other Optimizations Besides interleaving, other optimizations performed are Loading the entire key schedule into the 128-bit %xmm registers. This is done once for per 4-block of data (since 4 blocks of data is processed, when present). The following is loaded: the entire "key schedule" (user input key preprocessed for encryption and decryption). This takes 11, 13, or 15 registers, for AES-128, AES-192, and AES-256, respectively The input data is loaded into another %xmm register The same register contains the output result after encrypting/decrypting Using SSSE 4 instructions (AESNI). Besides the aesenc, aesenclast, aesdec, aesdeclast, aeskeygenassist, and aesimc AESNI instructions, Intel has several other instructions that operate on the 128-bit %xmm registers. Some common instructions for encryption are: pxor exclusive or (very useful), movdqu load/store a %xmm register from/to memory, pshufb shuffle bytes for byte swapping, pclmulqdq carry-less multiply for GCM mode Combining AES encryption/decryption with CBC or CTR modes processing. Instead of loading input data twice (once for AES encryption/decryption, and again for modes (CTR or CBC, for example) processing, the input data is loaded once as both AES and modes operations occur at in the same function Performance Everyone likes pretty color charts, so here they are. I ran these on Solaris 11 running on a Piketon Platform system with a 4-core Intel Clarkdale processor @3.20GHz. Clarkdale which is part of the Westmere processor architecture family. The "before" case is Solaris 11, unmodified. Keep in mind that the "before" case already has been optimized with hand-coded Intel AESNI assembly. The "after" case has combined AES-NI and mode instructions, interleaved 4 blocks at-a-time. « For the first table, lower is better (milliseconds). The first table shows the performance improvement using the Solaris encrypt(1) and decrypt(1) CLI commands. I encrypted and decrypted a 1/2 GByte file on /tmp (swap tmpfs). Encryption improved by about 40% and decryption improved by about 80%. AES-128 is slighty faster than AES-256, as expected. The second table shows more detail timings for CBC, CTR, and ECB modes for the 3 AES key sizes and different data lengths. » The results shown are the percentage improvement as shown by an internal PKCS#11 microbenchmark. And keep in mind the previous baseline code already had optimized AESNI assembly! The keysize (AES-128, 192, or 256) makes little difference in relative percentage improvement (although, of course, AES-128 is faster than AES-256). Larger data sizes show better improvement than 128-byte data. Availability This software is in Solaris 11 FCS. It is available in the 64-bit libcrypto library and the "aes" Solaris kernel module. You must be running hardware that supports AESNI (for example, Intel Westmere and Sandy Bridge, microprocessor architectures). The easiest way to determine if AES-NI is available is with the isainfo(1) command. For example, $ isainfo -v 64-bit amd64 applications pclmulqdq aes sse4.2 sse4.1 ssse3 popcnt tscp ahf cx16 sse3 sse2 sse fxsr mmx cmov amd_sysc cx8 tsc fpu 32-bit i386 applications pclmulqdq aes sse4.2 sse4.1 ssse3 popcnt tscp ahf cx16 sse3 sse2 sse fxsr mmx cmov sep cx8 tsc fpu No special configuration or setup is needed to take advantage of this software. Solaris libraries and kernel automatically determine if it's running on AESNI-capable machines and execute the correctly-tuned software for the current microprocessor. Summary Maximum throughput of AES cipher modes can be achieved by combining AES encryption with modes processing, interleaving encryption of 4 blocks at a time, and using Intel's wide 128-bit %xmm registers and instructions. References "Block cipher modes of operation", Wikipedia Good overview of AES modes (ECB, CBC, CTR, etc.) "Advanced Encryption Standard", Wikipedia "Current Modes" describes NIST-approved block cipher modes (ECB,CBC, CFB, OFB, CCM, GCM)

    Read the article

  • Why does Google mark one e-mail as spam while does not the other?

    - by nKn
    I've a Postfix installation which works fine, I don't get any trouble with mails sent through a mail client (in my case, Thunderbird or RoundCube) when the To: address is a GMail account. However, I recently needed to use the PHPMailer tool to send some e-mails to some GMail accounts, so I configured an account to be used via SASL authentication + TLS. I don't mean mass mailing, just 2-3 mails. If I send the e-mail from the Thunderbird or RoundCube clients, the mail is not marked as spam. However, if I use PHPMailer, it always gets catalogued as spam. So I compared both headers and I just can't find the reason why the second is marked as spam while the first one is just ok. The first header sent from a mail client which is not marked as spam: Delivered-To: [email protected] Received: by 10.76.153.102 with SMTP id vf6csp230573oab; Tue, 19 Aug 2014 11:08:19 -0700 (PDT) X-Received: by 10.60.23.39 with SMTP id j7mr45544050oef.20.1408471699715; Tue, 19 Aug 2014 11:08:19 -0700 (PDT) Return-Path: <[email protected]> Received: from mail.mydomain.com (X.ip-92-222-X.eu. [92.222.X.X]) by mx.google.com with ESMTPS id t5si27115082oej.10.2014.08.19.11.08.18 for <[email protected]> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 19 Aug 2014 11:08:19 -0700 (PDT) Received-SPF: pass (google.com: domain of [email protected] designates 92.222.X.X as permitted sender) client-ip=92.222.X.X; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 92.222.X.X as permitted sender) [email protected]; dkim=pass (test mode) [email protected] Received: by mail.mydomain.com (Postfix, from userid 111) id D8F69120293D; Tue, 19 Aug 2014 19:08:17 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.com; s=mail; t=1408471697; bh=wKMX9gkQ7tCLv8ezrG5t4bICm/SSLQsNfTdZMToksWw=; h=Date:From:To:Subject:From; b=qRNcYVdmk+n3D1uuv0FInTx7/LzH2ojck9DgCmabFPvfke233lkojUOjezCUGx7iV DL8EayZ28mzzzHpB7ETeMzop/5OS3BmvFtGKVD9gzc78cDIFXTDoRFAnkRWDR2IOxI SOn5tiyODTFpkbDgJOndzQ6qL5K0S9ASNGCZrNL4= X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on vpsX.ovh.net X-Spam-Level: X-Spam-Status: No, score=-1.0 required=3.0 tests=ALL_TRUSTED,T_DKIM_INVALID autolearn=ham autolearn_force=no version=3.4.0 Received: from [192.168.1.111] (unknown [77.231.X.X]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: [email protected]) by mail.mydomain.com (Postfix) with ESMTPSA id 910341202624 for <[email protected]>; Tue, 19 Aug 2014 19:08:17 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.com; s=mail; t=1408471697; bh=wKMX9gkQ7tCLv8ezrG5t4bICm/SSLQsNfTdZMToksWw=; h=Date:From:To:Subject:From; b=qRNcYVdmk+n3D1uuv0FInTx7/LzH2ojck9DgCmabFPvfke233lkojUOjezCUGx7iV DL8EayZ28mzzzHpB7ETeMzop/5OS3BmvFtGKVD9gzc78cDIFXTDoRFAnkRWDR2IOxI SOn5tiyODTFpkbDgJOndzQ6qL5K0S9ASNGCZrNL4= Message-ID: <[email protected]> Date: Tue, 19 Aug 2014 19:08:24 +0100 From: My Name <[email protected]> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: My other account <[email protected]> Subject: . Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit . The second header sent from PHPMailer which is always marked as spam: Delivered-To: [email protected] Received: by 10.76.153.102 with SMTP id vf6csp230832oab; Tue, 19 Aug 2014 11:12:10 -0700 (PDT) X-Received: by 10.60.121.67 with SMTP id li3mr44086252oeb.17.1408471930520; Tue, 19 Aug 2014 11:12:10 -0700 (PDT) Return-Path: <[email protected]> Received: from mail.mydomain.com (X.ip-92-222-X.eu. [92.222.X.X]) by mx.google.com with ESMTPS id w8si27103806obn.30.2014.08.19.11.12.10 for <[email protected]> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 19 Aug 2014 11:12:10 -0700 (PDT) Received-SPF: pass (google.com: domain of [email protected] designates 92.222.X.X as permitted sender) client-ip=92.222.X.X; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 92.222.X.X as permitted sender) [email protected]; dkim=pass (test mode) [email protected] Received: by mail.mydomain.com (Postfix, from userid 111) id 1999D120293D; Tue, 19 Aug 2014 19:12:09 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.com; s=mail; t=1408471929; bh=N1JuHq1S+8GrjHcEK3xn8P1JS+ygEBv5LKe0BiXuVJo=; h=Date:To:From:Reply-to:Subject:From; b=K7tcPyArzSTY91VEw6mAAFtDurSGwgTLGkfUZdC5mqsg0g/1LzmZkgwdjj4NdJa6M E2kDz3dwYN8FcZmbampJYFXxj4NQVtSnzjiWV40rpfOFqD2rXDGNIyB2QOjBZZ4WK3 7s4lyoJ/BrdQH4en8ctLVsDHed/KpHD4iGFEl67E= X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on vpsX.ovh.net X-Spam-Level: X-Spam-Status: No, score=-1.0 required=3.0 tests=ALL_TRUSTED,T_DKIM_INVALID autolearn=ham autolearn_force=no version=3.4.0 Received: from rpi.mydomain.com (unknown [77.231.X.X]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: [email protected]) by mail.mydomain.com (Postfix) with ESMTPSA id B42AF1202624 for <[email protected]>; Tue, 19 Aug 2014 19:12:08 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.com; s=mail; t=1408471928; bh=N1JuHq1S+8GrjHcEK3xn8P1JS+ygEBv5LKe0BiXuVJo=; h=Date:To:From:Reply-to:Subject:From; b=iXPM0tS36swudPTT4FOHHtPi5Ll6LbR60kNqCinZ8utcWoFE31SFTpoMEq5aCM5ux wQMdFiN8c6vkjRGabmvqFTTIbwJsrToHo/4+Lt5HEBoQQE2Y3T+xGmnmGAHCS6stKB yb7SVmtrIAsVtSMKA8VYIbmu2oYqV3afYt7g0OMQ= Date: Tue, 19 Aug 2014 20:12:07 +0200 To: [email protected] From: Trying another account <[email protected]> Reply-to: Trying another account <[email protected]> Subject: . Message-ID: <[email protected]> X-Priority: 3 X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net) MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="UTF-8" . I also tried: Adding a User-Agent header to match the first one. Removing the X-Mailer header. No one of them made a difference. Is there some significant difference which is making the second e-mail to be marked as spam by Google?

    Read the article

  • RSA C# Encrypt Java Decrypt

    - by user353030
    Hi guys, In my program (server side - Java) I've created keystore file, with command: keytool -genkey -alias myalias -keyalg RSA -validity 10000 -keystore my.keystore and exported related X509 certificate with: keytool -export -alias myalias -file cert.cer -keystore my.keystore After I saved cert.cer on client side (C#) and I write this code: X509Certificate2 x509 = new X509Certificate2(); byte[] rawData = ReadFile("mycert.cer"); x509.Import(rawData); RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PublicKey.Key; byte[] plainbytes = System.Text.Encoding.ASCII.GetBytes("My Secret"); byte[] cipherbytes = rsa.Encrypt(plainbytes, true); String cipherHex = convertToHex(cipherContent); byte[] byteArray = encoding.GetBytes(cipherHex); .... I write this Java code on server side: keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(new FileInputStream("C:\\my.keystore"), "mypass".toCharArray()); Key key = keyStore.getKey("myalias", "mypass".toCharArray()); if (key instanceof PrivateKey) { Certificate cert = keyStore.getCertificate("myalias"); PublicKey pubKey = cert.getPublicKey(); privKey = (PrivateKey)key; } byte[] toDecodeBytes = new BigInteger(encodeMessageHex, 16).toByteArray(); Cipher decCipher = Cipher.getInstance("RSA"); decCipher.init(Cipher.DECRYPT_MODE, privKey); byte[] decodeMessageBytes = decCipher.doFinal(toDecodeBytes); String decodeMessageString = new String(decodeMessageBytes); I receive this error: javax.crypto.BadPaddingException: Data must start with zero Can you help me, please? Thanks thanks,

    Read the article

  • Trying to create a .NET DLL to be used with Non-.NET Application

    - by Changeling
    I am trying to create a .NET DLL so I can use the cryptographic functions with my non .NET application. I have created a class library so far with this code: namespace AESEncryption { public class EncryptDecrypt { private static readonly byte[] optionalEntropy = { 0x21, 0x05, 0x07, 0x08, 0x27, 0x02, 0x23, 0x36, 0x45, 0x50 }; public interface IEncrypt { string Encrypt(string data, string filePath); }; public class EncryptDecryptInt:IEncrypt { public string Encrypt(string data, string filePath) { byte[] plainKey; try { // Read in the secret key from our cipher key store byte[] cipher = File.ReadAllBytes(filePath); plainKey = ProtectedData.Unprotect(cipher, optionalEntropy, DataProtectionScope.CurrentUser); // Convert our plaintext data into a byte array byte[] plainTextBytes = Encoding.ASCII.GetBytes(data); MemoryStream ms = new MemoryStream(); Rijndael alg = Rijndael.Create(); alg.Mode = CipherMode.CBC; alg.Key = plainKey; alg.IV = optionalEntropy; CryptoStream cs = new CryptoStream(ms, alg.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(plainTextBytes, 0, plainTextBytes.Length); cs.Close(); byte[] encryptedData = ms.ToArray(); return Convert.ToString(encryptedData); } catch (Exception ex) { return ex.Message; } } } } } In my VC++ application, I am using the #import directive to import the TLB file created from the DLL, but the only available functions are _AESEncryption and LIB_AES etc I don't see the interface or the function Encrypt. When I try to instantiate so I can call the functions in my VC++ program, I use this code and get the following error: HRESULT hr = CoInitialize(NULL); IEncryptPtr pIEncrypt(__uuidof(EncryptDecryptInt)); error C2065: 'IEncryptPtr': undeclared identifier error C2146: syntax error : missing ';' before identifier 'pIEncrypt'

    Read the article

  • Encouter error "Linux ip -6 addr add failed" while setting up OpenVPN client

    - by Mickel
    I am trying to set up my router to use OpenVPN and have gotten quite far (I think), but something seems to be missing and I am not sure what. Here is my configuration for the client: client dev tun proto udp remote ovpn.azirevpn.net 1194 remote-random resolv-retry infinite auth-user-pass /tmp/password.txt nobind persist-key persist-tun ca /tmp/AzireVPN.ca.crt remote-cert-tls server reneg-sec 0 verb 3 OpenVPN client log: Nov 8 15:45:13 rc_service: httpd 15776:notify_rc start_vpnclient1 Nov 8 15:45:14 openvpn[27196]: OpenVPN 2.3.2 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Nov 1 2013 Nov 8 15:45:14 openvpn[27196]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Nov 8 15:45:14 openvpn[27196]: Socket Buffers: R=[116736->131072] S=[116736->131072] Nov 8 15:45:14 openvpn[27202]: UDPv4 link local: [undef] Nov 8 15:45:14 openvpn[27202]: UDPv4 link remote: [AF_INET]178.132.75.14:1194 Nov 8 15:45:14 openvpn[27202]: TLS: Initial packet from [AF_INET]178.132.75.14:1194, sid=44d80db5 8b36adf9 Nov 8 15:45:14 openvpn[27202]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Nov 8 15:45:14 openvpn[27202]: VERIFY OK: depth=1, C=RU, ST=Moscow, L=Moscow, O=Azire Networks, OU=VPN, CN=Azire Networks, name=Azire Networks, [email protected] Nov 8 15:45:14 openvpn[27202]: Validating certificate key usage Nov 8 15:45:14 openvpn[27202]: ++ Certificate has key usage 00a0, expects 00a0 Nov 8 15:45:14 openvpn[27202]: VERIFY KU OK Nov 8 15:45:14 openvpn[27202]: Validating certificate extended key usage Nov 8 15:45:14 openvpn[27202]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Nov 8 15:45:14 openvpn[27202]: VERIFY EKU OK Nov 8 15:45:14 openvpn[27202]: VERIFY OK: depth=0, C=RU, ST=Moscow, L=Moscow, O=AzireVPN, OU=VPN, CN=ovpn, name=ovpn, [email protected] Nov 8 15:45:15 openvpn[27202]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Nov 8 15:45:15 openvpn[27202]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Nov 8 15:45:15 openvpn[27202]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Nov 8 15:45:15 openvpn[27202]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Nov 8 15:45:15 openvpn[27202]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Nov 8 15:45:15 openvpn[27202]: [ovpn] Peer Connection Initiated with [AF_INET]178.132.75.14:1194 Nov 8 15:45:17 openvpn[27202]: SENT CONTROL [ovpn]: 'PUSH_REQUEST' (status=1) Nov 8 15:45:17 openvpn[27202]: PUSH: Received control message: 'PUSH_REPLY,ifconfig-ipv6 2a03:8600:1001:4010::101f/64 2a03:8600:1001:4010::1,route-ipv6 2000::/3 2A03:8600:1001:4010::1,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 194.1.247.30,tun-ipv6,route-gateway 178.132.77.1,topology subnet,ping 3,ping-restart 15,ifconfig 178.132.77.33 255.255.255.192' Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: timers and/or timeouts modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: --ifconfig/up options modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: route options modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: route-related options modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Nov 8 15:45:17 openvpn[27202]: TUN/TAP device tun0 opened Nov 8 15:45:17 openvpn[27202]: TUN/TAP TX queue length set to 100 Nov 8 15:45:17 openvpn[27202]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=1 Nov 8 15:45:17 openvpn[27202]: /usr/sbin/ip link set dev tun0 up mtu 1500 Nov 8 15:45:18 openvpn[27202]: /usr/sbin/ip addr add dev tun0 178.132.77.33/26 broadcast 178.132.77.63 Nov 8 15:45:18 openvpn[27202]: /usr/sbin/ip -6 addr add 2a03:8600:1001:4010::101f/64 dev tun0 Nov 8 15:45:18 openvpn[27202]: Linux ip -6 addr add failed: external program exited with error status: 254 Nov 8 15:45:18 openvpn[27202]: Exiting due to fatal error Any ideas are most welcome!

    Read the article

  • Configuring IIS7 for TLS 1.0 only

    - by tomfanning
    I have been tasked with configuring an IIS7 server to accept TLS 1.0 HTTPS connections only. I have come up with the following list of cipher suites which I have deduced are TLS 1.0. TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA I have put that list in the box in the following policy: Computer Configuration | Administrative Templates | Network | SSL Configuration Settings | SSL Cipher Suite Order Is that sufficient? Are any of the suites in my list not TLS 1.0? Are there any other TLS 1.0 suites supported by IIS7 that aren't in the list? The server, by the way, is Windows Server 2008 R2. Thanks

    Read the article

  • My IIS server won't serve SSL sites to some browsers

    - by sbleon
    (Update: This is now cross-posted at http://stackoverflow.com/questions/3355000. This is the more appropriate forum, but StackOverflow gets a lot more traffic.) I've got an IIS 6.0 server that won't serve pages over SSL to some browsers. In Webkit-based browsers on OS X 10.6, I can't load pages at all. In MSIE 8 on Windows XP SP3, I can load pages, but it will sometimes hang downloading images or sending POSTs. Working: Firefox 3.6 (OS X + Windows) Chrome (Windows) Partially Working: MSIE 8 (works sometimes, but hangs up, especially on POSTs) Not Working: Chrome 5 (OS X) Safari 5 (OS X) Mobile Safari (iOS 4) On OS X (the easiest platform for me to test on), Chrome and Firefox both negotiate the same TLS Cipher, but Chrome hangs on or after the post-negotiation handshake. Chrome packet capture (via ssldump): 1 1 0.0485 (0.0485) C>S Handshake ClientHello Version 3.1 cipher suites Unknown value 0xc00a Unknown value 0xc009 Unknown value 0xc007 Unknown value 0xc008 Unknown value 0xc013 Unknown value 0xc014 Unknown value 0xc011 Unknown value 0xc012 Unknown value 0xc004 Unknown value 0xc005 Unknown value 0xc002 Unknown value 0xc003 Unknown value 0xc00e Unknown value 0xc00f Unknown value 0xc00c Unknown value 0xc00d Unknown value 0x2f TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 Unknown value 0x35 TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0x32 Unknown value 0x33 Unknown value 0x38 Unknown value 0x39 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA compression methods NULL 1 2 0.3106 (0.2620) S>C Handshake ServerHello Version 3.1 session_id[32]= bb 0e 00 00 7a 7e 07 50 5e 78 48 cf 43 5a f7 4d d2 ed 72 8f ff 1d 9e 74 66 74 03 b3 bb 92 8d eb cipherSuite TLS_RSA_WITH_RC4_128_MD5 compressionMethod NULL Certificate ServerHelloDone 1 3 0.3196 (0.0090) C>S Handshake ClientKeyExchange 1 4 0.3197 (0.0000) C>S ChangeCipherSpec 1 5 0.3197 (0.0000) C>S Handshake [hang, no more data transmitted] Firefox packet capture: 1 1 0.0485 (0.0485) C>S Handshake ClientHello Version 3.1 resume [32]= 14 03 00 00 4e 28 de aa da 7a 25 87 25 32 f3 a7 ae 4c 2d a0 e4 57 cc dd d7 0e d7 82 19 f7 8f b9 cipher suites Unknown value 0xff Unknown value 0xc00a Unknown value 0xc014 Unknown value 0x88 Unknown value 0x87 Unknown value 0x39 Unknown value 0x38 Unknown value 0xc00f Unknown value 0xc005 Unknown value 0x84 Unknown value 0x35 Unknown value 0xc007 Unknown value 0xc009 Unknown value 0xc011 Unknown value 0xc013 Unknown value 0x45 Unknown value 0x44 Unknown value 0x33 Unknown value 0x32 Unknown value 0xc00c Unknown value 0xc00e Unknown value 0xc002 Unknown value 0xc004 Unknown value 0x96 Unknown value 0x41 TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA Unknown value 0x2f Unknown value 0xc008 Unknown value 0xc012 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA Unknown value 0xc00d Unknown value 0xc003 Unknown value 0xfeff TLS_RSA_WITH_3DES_EDE_CBC_SHA compression methods NULL 1 2 0.0983 (0.0497) S>C Handshake ServerHello Version 3.1 session_id[32]= 14 03 00 00 4e 28 de aa da 7a 25 87 25 32 f3 a7 ae 4c 2d a0 e4 57 cc dd d7 0e d7 82 19 f7 8f b9 cipherSuite TLS_RSA_WITH_RC4_128_MD5 compressionMethod NULL 1 3 0.0983 (0.0000) S>C ChangeCipherSpec 1 4 0.0983 (0.0000) S>C Handshake 1 5 0.1019 (0.0035) C>S ChangeCipherSpec 1 6 0.1019 (0.0000) C>S Handshake 1 7 0.1019 (0.0000) C>S application_data 1 8 0.2460 (0.1440) S>C application_data 1 9 0.3108 (0.0648) S>C application_data 1 10 0.3650 (0.0542) S>C application_data 1 11 0.4188 (0.0537) S>C application_data 1 12 0.4580 (0.0392) S>C application_data 1 13 0.4831 (0.0251) S>C application_data [etc] Update: Here's a Wireshark capture from the server end. What's going on with those two much-delayed RST packets? Is that just IIS terminating what it perceives as a non-responsive connection? 19 10.129450 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=3 TSV=699250189 TSER=0 20 10.129517 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460 WS=0 TSV=0 TSER=0 21 10.168596 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [ACK] Seq=1 Ack=1 Win=524280 Len=0 TSV=699250189 TSER=0 22 10.172950 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Client Hello 23 10.173267 10.100.xxx.xx 67.249.xxx.xxx TCP [TCP segment of a reassembled PDU] 24 10.173297 10.100.xxx.xx 67.249.xxx.xxx TCP [TCP segment of a reassembled PDU] 25 10.385180 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [ACK] Seq=148 Ack=2897 Win=524280 Len=0 TSV=699250191 TSER=163006 26 10.385235 10.100.xxx.xx 67.249.xxx.xxx TLSv1 Server Hello, Certificate, Server Hello Done 27 10.424682 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [ACK] Seq=148 Ack=4215 Win=524280 Len=0 TSV=699250192 TSER=163008 28 10.435245 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Client Key Exchange 29 10.438522 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Change Cipher Spec 30 10.438553 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [ACK] Seq=4215 Ack=421 Win=65115 Len=0 TSV=163008 TSER=699250192 31 10.449036 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Encrypted Handshake Message 32 10.580652 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [ACK] Seq=4215 Ack=458 Win=65078 Len=0 TSV=163010 TSER=699250192 7312 57.315338 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50644 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0 19531 142.316425 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [RST, ACK] Seq=4215 Ack=458 Win=0 Len=0

    Read the article

  • All traffic is passed through OpenVPN although not requested

    - by BFH
    I have a bash script on a Ubuntu box which searches for the fastest openvpn server, connects, and binds one program to the tun0 interface. Unfortunately, all traffic is being passed through the VPN. Does anybody know what's going on? The relevant line follows: openvpn --daemon --config $cfile --auth-user-pass ipvanish.pass --status openvpn-status.log There don't seem to be any entries in iptables when I enter sudo iptables --list. The config files look like this: client dev tun proto tcp remote nyc-a04.ipvanish.com 443 resolv-retry infinite nobind persist-key persist-tun persist-remote-ip ca ca.ipvanish.com.crt tls-remote nyc-a04.ipvanish.com auth-user-pass comp-lzo verb 3 auth SHA256 cipher AES-256-CBC keysize 256 tls-cipher DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA There is nothing in there that would direct everything through tun0, so maybe it's a new vagary of Ubuntu? I don't remember this happening in the past.

    Read the article

  • Disabling weak ciphers on Windows 2003

    - by Kev
    For PCI-DSS compliance you have to disable weak ciphers. PCI-DSS permits a minimum cipher size of 128 bits. However for the highest score (0 I believe) you should only accept 168 bit ciphers but you can still be compliant if you permit 128 bit ciphers. The trouble is that when we disable all but 168 bit encryption it seems to disable both inbound and out bound secure channels. For example we'd like to lock down inbound IIS HTTPS to 168 bit ciphers but permit outbound 128 bit SSL connections to payment gateways/services from service applications running on the server (not all payment gateways support 168 bit only we just found out today). Is it possible to have cipher asymmetry on Windows 2003? I am told it is all or nothing.

    Read the article

  • My IIS server won't serve SSL sites to some browsers

    - by sbleon
    (Update: This is now cross-posted at http://stackoverflow.com/questions/3355000. This is the more appropriate forum, but StackOverflow gets a lot more traffic.) I've got an IIS 6.0 server that won't serve pages over SSL to some browsers. In Webkit-based browsers on OS X 10.6, I can't load pages at all. In MSIE 8 on Windows XP SP3, I can load pages, but it will sometimes hang downloading images or sending POSTs. Working: Firefox 3.6 (OS X + Windows) Chrome (Windows) Partially Working: MSIE 8 (works sometimes, but hangs up, especially on POSTs) Not Working: Chrome 5 (OS X) Safari 5 (OS X) Mobile Safari (iOS 4) On OS X (the easiest platform for me to test on), Chrome and Firefox both negotiate the same TLS Cipher, but Chrome hangs on or after the post-negotiation handshake. Chrome packet capture (via ssldump): 1 1 0.0485 (0.0485) C>S Handshake ClientHello Version 3.1 cipher suites Unknown value 0xc00a Unknown value 0xc009 Unknown value 0xc007 Unknown value 0xc008 Unknown value 0xc013 Unknown value 0xc014 Unknown value 0xc011 Unknown value 0xc012 Unknown value 0xc004 Unknown value 0xc005 Unknown value 0xc002 Unknown value 0xc003 Unknown value 0xc00e Unknown value 0xc00f Unknown value 0xc00c Unknown value 0xc00d Unknown value 0x2f TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 Unknown value 0x35 TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0x32 Unknown value 0x33 Unknown value 0x38 Unknown value 0x39 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA compression methods NULL 1 2 0.3106 (0.2620) S>C Handshake ServerHello Version 3.1 session_id[32]= bb 0e 00 00 7a 7e 07 50 5e 78 48 cf 43 5a f7 4d d2 ed 72 8f ff 1d 9e 74 66 74 03 b3 bb 92 8d eb cipherSuite TLS_RSA_WITH_RC4_128_MD5 compressionMethod NULL Certificate ServerHelloDone 1 3 0.3196 (0.0090) C>S Handshake ClientKeyExchange 1 4 0.3197 (0.0000) C>S ChangeCipherSpec 1 5 0.3197 (0.0000) C>S Handshake [hang, no more data transmitted] Firefox packet capture: 1 1 0.0485 (0.0485) C>S Handshake ClientHello Version 3.1 resume [32]= 14 03 00 00 4e 28 de aa da 7a 25 87 25 32 f3 a7 ae 4c 2d a0 e4 57 cc dd d7 0e d7 82 19 f7 8f b9 cipher suites Unknown value 0xff Unknown value 0xc00a Unknown value 0xc014 Unknown value 0x88 Unknown value 0x87 Unknown value 0x39 Unknown value 0x38 Unknown value 0xc00f Unknown value 0xc005 Unknown value 0x84 Unknown value 0x35 Unknown value 0xc007 Unknown value 0xc009 Unknown value 0xc011 Unknown value 0xc013 Unknown value 0x45 Unknown value 0x44 Unknown value 0x33 Unknown value 0x32 Unknown value 0xc00c Unknown value 0xc00e Unknown value 0xc002 Unknown value 0xc004 Unknown value 0x96 Unknown value 0x41 TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA Unknown value 0x2f Unknown value 0xc008 Unknown value 0xc012 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA Unknown value 0xc00d Unknown value 0xc003 Unknown value 0xfeff TLS_RSA_WITH_3DES_EDE_CBC_SHA compression methods NULL 1 2 0.0983 (0.0497) S>C Handshake ServerHello Version 3.1 session_id[32]= 14 03 00 00 4e 28 de aa da 7a 25 87 25 32 f3 a7 ae 4c 2d a0 e4 57 cc dd d7 0e d7 82 19 f7 8f b9 cipherSuite TLS_RSA_WITH_RC4_128_MD5 compressionMethod NULL 1 3 0.0983 (0.0000) S>C ChangeCipherSpec 1 4 0.0983 (0.0000) S>C Handshake 1 5 0.1019 (0.0035) C>S ChangeCipherSpec 1 6 0.1019 (0.0000) C>S Handshake 1 7 0.1019 (0.0000) C>S application_data 1 8 0.2460 (0.1440) S>C application_data 1 9 0.3108 (0.0648) S>C application_data 1 10 0.3650 (0.0542) S>C application_data 1 11 0.4188 (0.0537) S>C application_data 1 12 0.4580 (0.0392) S>C application_data 1 13 0.4831 (0.0251) S>C application_data [etc] Update: Here's a Wireshark capture from the server end. What's going on with those two much-delayed RST packets? Is that just IIS terminating what it perceives as a non-responsive connection? 19 10.129450 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=3 TSV=699250189 TSER=0 20 10.129517 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460 WS=0 TSV=0 TSER=0 21 10.168596 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [ACK] Seq=1 Ack=1 Win=524280 Len=0 TSV=699250189 TSER=0 22 10.172950 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Client Hello 23 10.173267 10.100.xxx.xx 67.249.xxx.xxx TCP [TCP segment of a reassembled PDU] 24 10.173297 10.100.xxx.xx 67.249.xxx.xxx TCP [TCP segment of a reassembled PDU] 25 10.385180 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [ACK] Seq=148 Ack=2897 Win=524280 Len=0 TSV=699250191 TSER=163006 26 10.385235 10.100.xxx.xx 67.249.xxx.xxx TLSv1 Server Hello, Certificate, Server Hello Done 27 10.424682 67.249.xxx.xxx 10.100.xxx.xx TCP 50653 > https [ACK] Seq=148 Ack=4215 Win=524280 Len=0 TSV=699250192 TSER=163008 28 10.435245 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Client Key Exchange 29 10.438522 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Change Cipher Spec 30 10.438553 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [ACK] Seq=4215 Ack=421 Win=65115 Len=0 TSV=163008 TSER=699250192 31 10.449036 67.249.xxx.xxx 10.100.xxx.xx TLSv1 Encrypted Handshake Message 32 10.580652 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [ACK] Seq=4215 Ack=458 Win=65078 Len=0 TSV=163010 TSER=699250192 7312 57.315338 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50644 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0 19531 142.316425 10.100.xxx.xx 67.249.xxx.xxx TCP https > 50653 [RST, ACK] Seq=4215 Ack=458 Win=0 Len=0

    Read the article

  • Chrome - SSL Security issue on Windows platforms?

    - by al nik
    Fortify.net is a service that displays what's the currently encryption key used by your browser in a https connection. If I browse this site with Chrome 4.1.249.1042 in WinXp SP3 the key used is RC4 cipher, 128-bit key This encryption is weak, and it's the one used by old browsers like IE6. Chrome works fine on Fedora9 and it uses AES cipher, 256-bit key as more modern browsers do (i.e.Firefox) I consider this a security issue. I'm considering to switch back to Firefox in Windows. Do you know if it's possible to change the default encryption key in Chrome?

    Read the article

  • Test tomcat for ssl renegotiation vulnerability

    - by Jim
    How can I test if my server is vulnerable for SSL renegotiation? I tried the following (using OpenSSL 0.9.8j-fips 07 Jan 2009: openssl s_client -connect 10.2.10.54:443 I see it connects, it brings the certificate chain, it shows the server certificate, and last: SSL handshake has read 2275 bytes and written 465 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 50B4839724D2A1E7C515EB056FF4C0E57211B1D35253412053534C4A20202020 Session-ID-ctx: Master-Key: 7BC673D771D05599272E120D66477D44A2AF4CC83490CB3FDDCF62CB3FE67ECD051D6A3E9F143AE7C1BA39D0BF3510D4 Key-Arg : None Start Time: 1354008417 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) What does Secure Renegotiation IS supported mean? That SSL renegotiation is allowed? Then I did but did not get an exception or get the certificate again: verify error:num=20:unable to get local issuer certificate verify return:1 verify error:num=27:certificate not trusted verify return:1 verify error:num=21:unable to verify the first certificate verify return:1 HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: text/html;charset=ISO-8859-1 Content-Length: 174 Date: Tue, 27 Nov 2012 09:13:14 GMT Connection: close So is the server vulnerable to SSL renegotiation or not?

    Read the article

  • curl can't verify cert using capath, but can with cacert option

    - by phylae
    I am trying to use curl to connect to a site using HTTPS. But curl is failing to verify the SSL cert. $ curl --verbose --capath ./certs/ --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: ./certs/ * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS alert, Server hello (2): * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Closing connection #0 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. I know about the -k option. But I do actually want to verify the cert. The certs directory has been properly hashed with c_rehash . and it contains: A Verisign intermediate cert Two self-signed certs The above site should be verified with the Verisign intermediate cert. When I use the --cacert option instead (and point directly to the Verisign cert) curl is able to verify the SSL cert. $ curl --verbose --cacert ./certs/verisign-intermediate-ca.crt --head https://example.com/ * About to connect() to example.com port 443 (#0) * Trying 1.1.1.1... connected * Connected to example.com (1.1.1.1) port 443 (#0) * successfully set certificate verify locations: * CAfile: ./certs/verisign-intermediate-ca.crt CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using RC4-SHA * Server certificate: * subject: C=US; ST=State; L=City; O=Company; OU=ou1; CN=example.com * start date: 2011-04-17 00:00:00 GMT * expire date: 2012-04-15 23:59:59 GMT * common name: example.com (matched) * issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 Secure Server CA - G3 * SSL certificate verify ok. > HEAD / HTTP/1.1 > User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 > Host: example.com > Accept: */* > < HTTP/1.1 404 Not Found HTTP/1.1 404 Not Found < Cache-Control: must-revalidate,no-cache,no-store Cache-Control: must-revalidate,no-cache,no-store < Content-Type: text/html;charset=ISO-8859-1 Content-Type: text/html;charset=ISO-8859-1 < Content-Length: 1267 Content-Length: 1267 < Server: Jetty(7.2.2.v20101205) Server: Jetty(7.2.2.v20101205) < * Connection #0 to host example.com left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): In addition, if I try hitting one of the sites using a self signed cert and the --capath option, it also works. (Let me know if I should post an example of that.) This implies that curl is finding the cert directory, and it is properly hash. Finally, I am able to verify the SSL cert with openssl, using its -CApath option. $ openssl s_client -CApath ./certs/ -connect example.com:443 CONNECTED(00000003) depth=3 /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority verify return:1 depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 verify return:1 depth=1 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 verify return:1 depth=0 /C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com verify return:1 --- Certificate chain 0 s:/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- Server certificate -----BEGIN CERTIFICATE----- <cert removed> -----END CERTIFICATE----- subject=/C=US/ST=State/L=City/O=Company/OU=ou1/CN=example.com issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- No client certificate CA names sent --- SSL handshake has read 1563 bytes and written 435 bytes --- New, TLSv1/SSLv3, Cipher is RC4-SHA Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : RC4-SHA Session-ID: D65C4C6D52E183BF1E7543DA6D6A74EDD7D6E98EB7BD4D48450885188B127717 Session-ID-ctx: Master-Key: 253D4A3477FDED5FD1353D16C1F65CFCBFD78276B6DA1A078F19A51E9F79F7DAB4C7C98E5B8F308FC89C777519C887E2 Key-Arg : None Start Time: 1303258052 Timeout : 300 (sec) Verify return code: 0 (ok) --- QUIT DONE How can I get curl to verify this cert using the --capath option?

    Read the article

  • ERROR: Linux route add command failed: external program exited with error status: 4

    - by JohnMerlino
    A remote machine running fedora uses openvpn, and multiple developers were successfully able to connect to it via their client openvpn. However, I am running Ubuntu 12.04 and I am having trouble connecting to the server via vpn. I copied ca.crt, home.key, and home.crt from the server to my local machine to /etc/openvpn folder. My client.conf file looks like this: ############################################## # Sample client-side OpenVPN 2.0 config file # # for connecting to multi-client server. # # # # This configuration can be used by multiple # # clients, however each client should have # # its own cert and key files. # # # # On Windows, you might want to rename this # # file so it has a .ovpn extension # ############################################## # Specify that we are a client and that we # will be pulling certain config file directives # from the server. client # Use the same setting as you are using on # the server. # On most systems, the VPN will not function # unless you partially or fully disable # the firewall for the TUN/TAP interface. ;dev tap dev tun # Windows needs the TAP-Win32 adapter name # from the Network Connections panel # if you have more than one. On XP SP2, # you may need to disable the firewall # for the TAP adapter. ;dev-node MyTap # Are we connecting to a TCP or # UDP server? Use the same setting as # on the server. ;proto tcp proto udp # The hostname/IP and port of the server. # You can have multiple remote entries # to load balance between the servers. remote xx.xxx.xx.130 1194 ;remote my-server-2 1194 # Choose a random host from the remote # list for load-balancing. Otherwise # try hosts in the order specified. ;remote-random # Keep trying indefinitely to resolve the # host name of the OpenVPN server. Very useful # on machines which are not permanently connected # to the internet such as laptops. resolv-retry infinite # Most clients don't need to bind to # a specific local port number. nobind # Downgrade privileges after initialization (non-Windows only) ;user nobody ;group nogroup # Try to preserve some state across restarts. persist-key persist-tun # If you are connecting through an # HTTP proxy to reach the actual OpenVPN # server, put the proxy server/IP and # port number here. See the man page # if your proxy server requires # authentication. ;http-proxy-retry # retry on connection failures ;http-proxy [proxy server] [proxy port #] # Wireless networks often produce a lot # of duplicate packets. Set this flag # to silence duplicate packet warnings. ;mute-replay-warnings # SSL/TLS parms. # See the server config file for more # description. It's best to use # a separate .crt/.key file pair # for each client. A single ca # file can be used for all clients. ca ca.crt cert home.crt key home.key # Verify server certificate by checking # that the certicate has the nsCertType # field set to "server". This is an # important precaution to protect against # a potential attack discussed here: # http://openvpn.net/howto.html#mitm # # To use this feature, you will need to generate # your server certificates with the nsCertType # field set to "server". The build-key-server # script in the easy-rsa folder will do this. ns-cert-type server # If a tls-auth key is used on the server # then every client must also have the key. ;tls-auth ta.key 1 # Select a cryptographic cipher. # If the cipher option is used on the server # then you must also specify it here. ;cipher x # Enable compression on the VPN link. # Don't enable this unless it is also # enabled in the server config file. comp-lzo # Set log file verbosity. verb 3 # Silence repeating messages ;mute 20 But when I start server and look in /var/log/syslog, I notice the following error: May 27 22:13:51 myuser ovpn-client[5626]: /sbin/route add -net 10.27.12.1 netmask 255.255.255.252 gw 10.27.12.37 May 27 22:13:51 myuser ovpn-client[5626]: ERROR: Linux route add command failed: external program exited with error status: 4 May 27 22:13:51 myuser ovpn-client[5626]: /sbin/route add -net 172.27.12.0 netmask 255.255.255.0 gw 10.27.12.37 May 27 22:13:51 myuser ovpn-client[5626]: /sbin/route add -net 10.27.12.1 netmask 255.255.255.255 gw 10.27.12.37 And I am unable to connect to the server via openvpn: $ ssh [email protected] ssh: connect to host xxx.xx.xx.130 port 22: No route to host What may I be doing wrong?

    Read the article

  • encfs error while decoding the data

    - by migrator
    I have installed encfs and started using it to secure all my personal & office data and it was working absolutely fine until 2 hours back. The setup is like this. I have a folder in Copy folder called OfficeData which gets synchronized with my Copy folder When I login into the system I use the command encfs ~/Copy/OfficeData ~/Documents/OfficeData Once my work is over I dismount with the command fusermount -u ~/Documents/OfficeData All this data get synchronized with my desktop and with my mobile phone (as a backup) Today when I mounted, the folder got mounted by no directories and files present in that folder. I was worried and read man encfs which gave me to run the command encfs -v -f ~/Copy/OfficeData ~/Documents/OfficeData 2> encfs-OfficeData-report.txt. The below is the output of the file encfs-OfficeData-report.txt. The directory "/home/sri/Documents/OfficeData" does not exist. Should it be created? (y,n) 13:16:26 (main.cpp:523) Root directory: /home/sri/Copy/OfficeData/ 13:16:26 (main.cpp:524) Fuse arguments: (fg) (threaded) (keyCheck) encfs /home/sri/Documents/OfficeData -f -s -o use_ino -o default_permissions 13:16:26 (FileUtils.cpp:177) version = 20 13:16:26 (FileUtils.cpp:181) found new serialization format 13:16:26 (FileUtils.cpp:199) subVersion = 20100713 13:16:26 (Interface.cpp:165) checking if ssl/aes(3:0:2) implements ssl/aes(3:0:0) 13:16:26 (SSL_Cipher.cpp:370) allocated cipher ssl/aes, keySize 32, ivlength 16 13:16:26 (Interface.cpp:165) checking if ssl/aes(3:0:2) implements ssl/aes(3:0:0) 13:16:26 (SSL_Cipher.cpp:370) allocated cipher ssl/aes, keySize 32, ivlength 16 13:16:26 (FileUtils.cpp:1620) useStdin: 0 13:16:46 (Interface.cpp:165) checking if ssl/aes(3:0:2) implements ssl/aes(3:0:0) 13:16:46 (SSL_Cipher.cpp:370) allocated cipher ssl/aes, keySize 32, ivlength 16 13:16:49 (FileUtils.cpp:1628) cipher key size = 52 13:16:49 (Interface.cpp:165) checking if nameio/block(3:0:1) implements nameio/block(3:0:0) 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/UWbT-M-UKk1JpvNfN5uvOhGn: No such file or directory 13:16:49 (CipherFileIO.cpp:105) in setIV, current IV = 0, new IV = 4188221457101129840, fileIV = 0 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/UWbT-M-UKk1JpvNfN5uvOhGn 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/UWbT-M-UKk1JpvNfN5uvOhGn 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/UWbT-M-UKk1JpvNfN5uvOhGn: No such file or directory 13:16:49 (encfs.cpp:138) getattr error: No such file or directory 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/o94olxB3orqarqyFviHKZ,ZF: No such file or directory 13:16:49 (CipherFileIO.cpp:105) in setIV, current IV = 0, new IV = 16725694203599486310, fileIV = 0 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/o94olxB3orqarqyFviHKZ,ZF 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/o94olxB3orqarqyFviHKZ,ZF 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/o94olxB3orqarqyFviHKZ,ZF: No such file or directory 13:16:49 (encfs.cpp:138) getattr error: No such file or directory 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/tVglci2rgp9o8qE-m9AvX6JNj1lQs-ER0OvnxfOb30Z,3,: No such file or directory 13:16:49 (CipherFileIO.cpp:105) in setIV, current IV = 0, new IV = 1354483141023495884, fileIV = 0 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/tVglci2rgp9o8qE-m9AvX6JNj1lQs-ER0OvnxfOb30Z,3, 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/tVglci2rgp9o8qE-m9AvX6JNj1lQs-ER0OvnxfOb30Z,3, 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/tVglci2rgp9o8qE-m9AvX6JNj1lQs-ER0OvnxfOb30Z,3,: No such file or directory 13:16:49 (encfs.cpp:138) getattr error: No such file or directory 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/r1KIEqVkz-,7-6CobavHCSNn: No such file or directory 13:16:49 (CipherFileIO.cpp:105) in setIV, current IV = 0, new IV = 16720606331386655431, fileIV = 0 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/r1KIEqVkz-,7-6CobavHCSNn 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/r1KIEqVkz-,7-6CobavHCSNn 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/r1KIEqVkz-,7-6CobavHCSNn: No such file or directory 13:16:49 (encfs.cpp:138) getattr error: No such file or directory 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:16:49 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:16:49 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:16:49 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:16:49 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:16:49 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:16:49 (FileNode.cpp:127) calling setIV on (null) 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/r1KIEqVkz-,7-6CobavHCSNn: No such file or directory 13:16:49 (CipherFileIO.cpp:105) in setIV, current IV = 0, new IV = 16720606331386655431, fileIV = 0 13:16:49 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/r1KIEqVkz-,7-6CobavHCSNn 13:16:49 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/r1KIEqVkz-,7-6CobavHCSNn 13:16:49 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/r1KIEqVkz-,7-6CobavHCSNn: No such file or directory 13:16:49 (encfs.cpp:138) getattr error: No such file or directory 13:19:31 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:19:31 (FileNode.cpp:127) calling setIV on (null) 13:19:31 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/ 13:19:31 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/ 13:19:31 (encfs.cpp:685) doing statfs of /home/sri/Copy/OfficeData 13:19:32 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:19:32 (FileNode.cpp:127) calling setIV on (null) 13:19:32 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/LuT8R,DlpRnNH9b,fjWiKHKc: No such file or directory 13:19:32 (CipherFileIO.cpp:105) in setIV, current IV = 0, new IV = 13735228085838055696, fileIV = 0 13:19:32 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/LuT8R,DlpRnNH9b,fjWiKHKc 13:19:32 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/LuT8R,DlpRnNH9b,fjWiKHKc 13:19:32 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/LuT8R,DlpRnNH9b,fjWiKHKc: No such file or directory 13:19:32 (encfs.cpp:138) getattr error: No such file or directory 13:19:32 (encfs.cpp:685) doing statfs of /home/sri/Copy/OfficeData 13:19:32 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:19:32 (FileNode.cpp:127) calling setIV on (null) 13:19:32 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/UWbT-M-UKk1JpvNfN5uvOhGn: No such file or directory 13:19:32 (CipherFileIO.cpp:105) in setIV, current IV = 0, new IV = 4188221457101129840, fileIV = 0 13:19:32 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/UWbT-M-UKk1JpvNfN5uvOhGn 13:19:32 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/UWbT-M-UKk1JpvNfN5uvOhGn 13:19:32 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/UWbT-M-UKk1JpvNfN5uvOhGn: No such file or directory 13:19:32 (encfs.cpp:138) getattr error: No such file or directory 13:19:32 (MACFileIO.cpp:75) fs block size = 1024, macBytes = 8, randBytes = 0 13:19:32 (FileNode.cpp:127) calling setIV on (null) 13:19:32 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/o94olxB3orqarqyFviHKZ,ZF: No such file or directory 13:19:32 (CipherFileIO.cpp:105) in setIV, current IV = 0, new IV = 16725694203599486310, fileIV = 0 13:19:32 (DirNode.cpp:770) created FileNode for /home/sri/Copy/OfficeData/o94olxB3orqarqyFviHKZ,ZF 13:19:32 (encfs.cpp:134) getattr /home/sri/Copy/OfficeData/o94olxB3orqarqyFviHKZ,ZF 13:19:32 (RawFileIO.cpp:191) getAttr error on /home/sri/Copy/OfficeData/o94olxB3orqarqyFviHKZ,ZF: No such file or directory 13:19:32 (encfs.cpp:138) getattr error: No such file or directory 13:19:32 (encfs.cpp:213) getdir on /home/sri/Copy/OfficeData/ 13:19:32 (BlockNameIO.cpp:185) padding, _bx, finalSize = 208, 16, -192 13:19:32 (DirNode.cpp:132) error decoding filename: eWJrLh2dRFAY-7Brbsc,mTqf 13:19:32 (DirNode.cpp:132) error decoding filename: .encfs6.xml 13:19:32 (BlockNameIO.cpp:185) padding, _bx, finalSize = 218, 16, -202 13:19:32 (DirNode.cpp:132) error decoding filename: pvph9DkZ0BMPg2vN4UcfwuNU 13:24:10 (openssl.cpp:48) Allocating 41 locks for OpenSSL Please help me Thanks in advance.

    Read the article

  • Bluehost internal server error

    - by Aditya
    Hello everyone, When i am creating the setup of my rails application on bluehost,it throw following error:- Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request. Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635 Server at team.cipher-tech.com Port 80 Please help me.It's urgent. Thanks in advance..

    Read the article

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >