On Sun, Jun 8, 2014 at 6:22 PM, Michael Rash <firstname.lastname@example.org> wrote:
now when i run the knock from the Android app i can unlock the port,
but i see this error message in the log file,(stanza #1) Error creating fko context: Args contain invalid data: FKO_ERROR_INVALID_DATA_HMAC_COMPAREFAIL
Do you now have two stanzas in access.conf? I.e. one with base64 keys and the other without?yes, as you recommended (& http://www.cipherdyne.org/fwknop/docs/fwknop-tutorial.html#multiple-users).
That HMAC error would mean that the port should not be opened unless you are gaining access via a second stanzayes i see now, i created more rules/keys and test it again, fwknop will log each stanza check until it find a match,so if i have 20 users, i can have up to 19 error messages like the above.
Maybe you should consider to write these messages at a lower error level (like debug maybe?)
Thank you again for your help,