Hi,

I've installed fwknop to test it.
It works perfectly when I use symetric encryption.

But when I use GnuPG keys, it doesn't work and I don't have any error in my logs.
Here my access.conf file:

SOURCE: ANY;
OPEN_PORTS: tcp/22;   ### for ssh (change for access to other services)
KEY: 12345678;
FW_ACCESS_TIMEOUT: 30;
GPG_HOME_DIR: /root/.gnupg;
GPG_DECRYPT_ID: server_key_id;
GPG_DECRYPT_PW: 12345678;
GPG_REMOTE_ID: client_key_id;
GPG_NO_OPTIONS: Y;
GPG_NO_REQUIRE_PREFIX: Y;

I put the 2 last variables just to test it but it doesn't work.

I've read the discuss of Francois Marier because my symptoms were the same.
I tried to fix it with Mike's advices but that problem persist.

I tried to use 1024 and 2048 bit keys.

Here's the end of fwknopd debug output:

Fri Feb  5 18:47:24 2010 [+] gpg key ID: client_key_id
Fri Feb  5 18:47:24 2010     GnuPG error messages:
Fri Feb  5 18:47:24 2010     gpg: encrypted with 2048-bit ELG-E key, ID D3099EF0, created 2010-02-05
Fri Feb  5 18:47:24 2010           "admin (server_key_id) <admin@test.org>"
Fri Feb  5 18:47:24 2010     gpg: Signature made Fri Feb  5 18:47:14 2010 CET using DSA key ID E3F6B14C
Fri Feb  5 18:47:24 2010     gpg: Good signature from "admin (client_key_id) <admin@test.org>"
Fri Feb  5 18:47:24 2010     gpg: WARNING: This key is not certified with a trusted signature!
Fri Feb  5 18:47:24 2010     gpg:          There is no indication that the signature belongs to the owner.
Fri Feb  5 18:47:24 2010     Primary key fingerprint: ED7A E513 8AF6 7C73 97F7  7357 0CDD 8E54 E3F6 B14C
Fri Feb  5 18:47:24 2010 [-] GnuPG message not signed by any required key ID.
Fri Feb  5 18:47:24 2010 [+] Adding encoded 'Salted__' prefix (U2FsdGVkX1) to incoming encoded SPA packet.
Fri Feb  5 18:47:24 2010 [+] base64_equals_padding() msg len: 1063
Fri Feb  5 18:47:24 2010 [+] Padding base64-encoded message with '='.
Fri Feb  5 18:47:24 2010 [+] decode_base64() against the following data: U2FsdGVkX1IOAybrcADTCZ7wEAf/UpLt/l9QPMIbRZfuU5sfRK4MDRxal
m8a+aRhHtQh7k4VfMeCMWezvrV2qFoLceGMzCNmvdVpnIxcTkZdFH0w7wCj9t9HSKs9jeiG+jxXLhpWgeB3NR1269XDk8oS7nA3+pu3bFQSRaun
pd7tnQcinUaMiSiXOlkX/LFrEKE4S/VJvQVAp+oAuIE5AKUllJvzCqcU9+8KYxvE76ree07VHcsq/5sUvpxhif9JOVplU9TAZQZTLTCQx2g6GL6M53U
W6TaQZTMwk+KI2QWTZgPXFIkaGJAVTP+BpskM7h9q/1WOxf04bld4xeMvNG0O9ZFMeUHeoSkOTP+xTCQ4W9GQggf9EKdxVWvH5KnZd6rA
hEGbhJGDBsatz54mRbXrSD3fUBIgTQ1UexjW2E2iBUH+biVpfOO40vzn4vgCTEcQ8sBwe7J1QN/x1CG4m0xdChSYDzSfTOC6XSY4w03VZW3/yHKW
jmvDSs1sgEaV6y+qFNjchcWJMrnsYh/FaJhPU1+ssP4buAQSs87i9viN0wYM6+PmxLFfClsTupfVTVD1oGP42VRLJK35n0nVhTZJOzMUSh5vBcqxoz
HObRRyElHKaMtwDMvymAr9T74k43Vm6qpvjWKyMhbuKnHAS26MZw4BFtywWFyjD3HvaDi+Mr9gCeIYDudnY1xdOkzWD2Wem1J1pNLAQw
Gr743w6sQHZTM5QFF4YkoZmiZsXGQBSz5NgNKYH63fRrFm977j1WMHQR5GXx9Bjo06g5jnl6Fi3xP6mrxCL8Wkh0zNufomK7GVKcLYrR6Di8V9Cyr
sBQffJml6aqBFiCL/SxyDgqJuaRq2tP5OB9hN0jY2wS2VrOOF9m5yUG5D3uSRRkdEm8/7tsyTZxzbr53CCpk0UjR1WQcA4FPoDbcBjgVsnRTSn3Gdxw
kJy0BnHAhhIBYBpuOdMCZmmk/iclmWNuaDDE/bb+Etc3IBN61k76pRbuDsVcgEkc+Sg9pH2ZMAIA5JCk14klFrFsWl7h231xW8hDsGRg3ylIrZkLf
K5x0= Fri Feb 5 18:47:24 2010 [-] base64-decoded data does not begin with 'Salted__' Fri Feb 5 18:47:24 2010 [-] Failed decrypt for SOURCE block ANY
I forgot, I'm running 1.9.12 on my server (debian) and my client (ubuntu).

Thanks.

Alex