[Box Backup] EVP Error while running bbackupd

Peter Buecker boxbackup@fluffy.co.uk
Tue, 21 Dec 2004 18:33:22 +0100 

Hello Ben,

1) The time was not synchronised between client and server (also CA), 
when I set up the client and the server. It was like one hour off. After 
correcting the time, the probem was not yet solved.

2) Only host3 had been setup to use account 0x3. I tried using a 
different random account number (0x3039) with new keys, which finally 
succeeded. Then, I went back to the old account-number, which now works.

So this means that I have to resign the keys when the time was not in 
sync in the first place? I read about how important time-sync was in the 
documentation, but did not realise that it is necessary to resign the keys.

Thanks for your help and the great piece of software!

Peter Buecker

Ben Summers wrote:
> 
> 1) Check that the times are syncronised between client, server and the 
> machine which signed the certificates.
> 
> 2) Check that you haven't accidently tried to use the same account 
> number on two machines.
> 
> Ben
> 
> 
> 
> 
> On 21 Dec 2004, at 15:35, Peter Buecker wrote:
> 
>> Hello,
>>
>> I recently installed boxbackup-0.09 on a OpenBSD-3.6-stable system 
>> (called backup-server here). I set up 7 backup-clients. However, only 
>> 6 work as expected.
>>
>> When running bbackupd on the remaining one (host3), bbackupd complains 
>> about failing to decrypt (via syslog):
>>
>> "Dec 21 16:31:11 host3 bbackupd[13553]: SSL err during Read: 
>> error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt
>> Dec 21 16:31:11 host3 bbackupd[13553]: SSL err during Read: 
>> error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt
>> Dec 21 16:31:11 host3 bbackupd[13553]: Exception caught (5/6), reset 
>> state and waiting to retry..."
>>
>> At the same time, the backup-server logs the following:
>> "Dec 21 16:31:11 backup-server bbstored[1147]: in server child, 
>> exception Connection Protocol_Timeout (Probably a network issue 
>> between client and server.) (7/41) -- terminating child"
>>
>>
>>
>> The certificate request for host3 has been signed on backup-server and 
>> copied to /etc/box/bbackupd/ on host3 in the same way we did it on the 
>> other 6 hosts.
>> Connectivity is okay, since I can telnet to port 2201 on backup-server 
>> from host3. I can also run bbackupquery on host3. It logs in perfectly:
>>
>> "bash-3.00# bbackupquery
>> Box Backup Query Tool v0.09, (c) Ben Summers 2003, 2004
>> Using configuration file /etc/box/bbackupd.conf
>> Connecting to store...
>> Handshake with store...
>> Login to store...
>> Login complete.
>>
>> Type "help" for a list of commands.
>>
>> query >"
>>
>> Upon typing 'ls', it exits with the following error message:
>>
>> "query > ls
>> Exception: Cipher EVPFinalFailure (5/6)
>> bash-3.00#"
>>
>> I tried using the debug-build of bbackupquery and bbackupd, to no 
>> avail. I also deleted /etc/box and rerun bbackupd-config to generate 
>> new keys and new configuration files, without success.
>> Any suggestions on what might be going wrong with this machine?
>>
>> Thanks,
>> Peter Buecker