[Help-gnutls] Re: ex-serv-pgp

Simon Josefsson simon at josefsson.org
Fri Feb 9 14:49:42 CET 2007


dellanna at csp.it writes:

> Hi all,
> I tried to test the example in manual "Echo Server with OpenPGP" (subsection
> 7.4.3).
> It work correctly on server side; infact it return "Echo Server ready. Listening
> to port '5556' ",
> But on client side I used gnutls-client. The problem is the following:
> 1. if I run gnutls-cli -p 5556 hostname on server side was returned "handshake
> failed"
> 2. If I run gnutls-cli -p 5556 hostname -s was returned the same error.
>
> I think this error was occur because the server wait to receive pgp key, isn't
> it?
>
> I'm not very familiar with gnutls-cli; how can I use it to test
> authentication-pgp?
> If I use "man gnutls-cli" it return the manual but it is vey short :).

Are you still using gnutls 1.4.4?  Run 'gnutls-cli --version' to find
out.  If so, I think you'll need to upgrade, there has been several
OpenPGP related fixes since that release.  I don't provide unpaid
support for old versions.

Btw, you can test whether your gnutls-cli is OK or not by pointing it
at test.gnutls.org.  With the latest release, the following works:

$ gnutls-cli -p 5556 test.gnutls.org
Resolving 'test.gnutls.org'...
Connecting to '217.13.230.178:5556'...
- Successfully sent 0 certificate(s) to server.
- Certificate type: OpenPGP
 # The hostname in the key matches 'test.gnutls.org'.
 # Key was created at: Tue Feb  6 16:27:20 CET 2007
 # Key expires: Never
 # PGP Key version: 4
 # PGP Key public key algorithm: DSA (1024 bits)
 # PGP Key fingerprint: 59:6B:97:17:CB:98:9A:14:25:FE:AD:1C:AE:5F:AD:3E:5D:1D:14:D8
 #   NAME: test.gnutls.org

- Peer's key is valid
- Could not find a signer of the peer's key
- Version: TLS 1.2
- Key Exchange: DHE DSS
- Cipher: AES 256 CBC
- MAC: SHA
- Compression: LZO
- Handshake was completed

- Simple Client Mode:

/Simon





More information about the Gnutls-help mailing list