search

mrash / fwknop

Single Packet Authorization > Port Knocking
http://www.cipherdyne.org/fwknop/
GNU General Public License v2.0
1.09k stars 228 forks source link

SPA data time difference is too great #321

Open yuleihua opened 3 years ago

yuleihua commented 3 years ago

The client and server is the same timestamp, i do not know why is "SPA data time difference is too great"?

client: [ifts@localhost ~]$ fwknop -n 192.168.208.151 --verbose SPA Field Values:

Random Value: 7569830465032922 Username: ifts Timestamp: 1605159678 FKO Version: 3.0.0 Message Type: 1 (Access msg) Message String: 192.168.208.168,tcp/22 Nat Access: Server Auth: Client Timeout: 0 Digest Type: 3 (SHA256) HMAC Type: 3 (SHA256) Encryption Type: 1 (Rijndael) Encryption Mode: 2 (CBC) Encoded Data: 7569830465032922:aWZ0cw:1605159678:3.0.0:1:MTkyLjE2OC4yMDguMTY4LHRjcC8yMg SPA Data Digest: ZD8ln5jeEZ5qWWJt6JK8EsdTROJ4qg4fA5Bl29Y0rvU HMAC: U2aGp4lYOn8D3hbptOxAJhpJ/cn9x/I4JBr0K3tArGY Final SPA Data: 8sl+oz3MYr6HI6cmf3FPqbdml/74HG1xaBJpSDnAqd+XZzOe4CFsxPbj5opExnycsiR+pbIaL8DE8bbzcHU4g/lAuMKfCB+GNEOgkqY2Mzis/N3nUbr0I monZxrncfsaY/n/mJBsGwuKLDGd21yWdWatNL9NE6/OU19NbYvxqhssHx53W5G5NvU2aGp4lYOn8D3hbptOxAJhpJ/cn9x/I4JBr0K3tArGY Generating SPA packet: protocol: udp source port: destination port: 62201 IP/host: 192.168.208.151 send_spa_packet: bytes sent: 225 [ifts@localhost ~]$ date Thu Nov 12 13:46:16 CST 2020

server: Random Value: 7569830465032922 Username: ifts Timestamp: 1605159678 FKO Version: 3.0.0 Message Type: 1 (Access msg) Message String: 192.168.208.168,tcp/22 Nat Access: Server Auth: Client Timeout: 0 Digest Type: 3 (SHA256) HMAC Type: 3 (SHA256) Encryption Type: 1 (Rijndael) Encryption Mode: 2 (CBC) Encoded Data: 7569830465032922:aWZ0cw:1605159678:3.0.0:1:MTkyLjE2OC4yMDguMTY4LHRjcC8yMg SPA Data Digest: ZD8ln5jeEZ5qWWJt6JK8EsdTROJ4qg4fA5Bl29Y0rvU HMAC: U2aGp4lYOn8D3hbptOxAJhpJ/cn9x/I4JBr0K3tArGY Final SPA Data: 8sl+oz3MYr6HI6cmf3FPqbdml/74HG1xaBJpSDnAqd+XZzOe4CFsxPbj5opExnycsiR+pbIaL8DE8bbzcHU4g/lAuMKfCB+GNEOgkqY2Mzis/N3nUbr0ImonZxrncfsaY/n/mJBsGwuKLDGd21yWdWatNL9NE6/OU19NbYvxqhssHx53W5G5Nv

[192.168.208.168] (stanza #1) SPA data time difference is too great (1458 seconds).

ifts@stone:~$ date Thu Nov 12 14:10:03 CST 2020

hlein commented 3 years ago

The client and server is the same timestamp, i do not know why is "SPA data time difference is too great"?

I suspect they are both just telling you about a timestamp was embedded in the client request packet?

If you look at the date outputs you pasted:

[ifts@localhost ~]$ date Thu Nov 12 13:46:16 CST 2020

ifts@stone:~$ date Thu Nov 12 14:10:03 CST 2020

Those are indeed quite different, and fwknopd is doing the right thing.