[Pkg-swan-devel] Bug#873339: strongswan: configured DH group CURVE_25519 not supported
Kevin Locke
kevin at kevinlocke.name
Sat Aug 26 18:45:24 UTC 2017
Package: strongswan
Version: 5.5.3-2
Severity: normal
Dear Maintainer,
On a fresh installation of Debian testing/sid with strongswan 5.5.3-2,
all connections which are not configured to use IKEv1 fail with the
following error message:
initiating IKE_SA example[6] to x.x.x.x
configured DH group CURVE_25519 not supported
tried to checkin and delete nonexisting IKE_SA
establishing connection 'example' failed
This can be reproduced with the following connection in ipsec.conf:
conn example
right=127.0.0.2
(No server at the right IP is required as the error happens before a
connection is attempted.)
The error can be avoided by installing libstrongswan-extra-plugins.
Presumably either strongswan should recommend
libstrongswan-extra-plugins or avoid requiring CURVE_25519 by default.
Thanks,
Kevin
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.12.0-kevinoid1 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages strongswan depends on:
ii strongswan-charon 5.5.3-2
ii strongswan-starter 5.5.3-2
strongswan recommends no packages.
strongswan suggests no packages.
-- no debconf information
More information about the Pkg-swan-devel
mailing list