[strongSwan] certificate only vpn connection with mac
Noel Kuntze
noel at familie-kuntze.de
Fri Dec 12 23:30:28 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello,
Judging from the manpage, using "authby=xauthrsasig" is the same as your configuration with leftauth and rightauth parameters.
Maybe try that? I don't know if it helps. *shrugs*
Mit freundlichen Grüßen/Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
Am 12.12.2014 um 23:19 schrieb Cindy Moore:
> I'm really at a loss over this one. I can get the connections going
> with other clients, for example Network Manager on a Ubuntu 14.04 has
> no difficulties connecting with my strongswan server.
>
> This seems to be a possible clue:
> Dec 11 12:47:54 vpn charon: 10[IKE] found 1 matching config, but none
> allows RSA signature authentication using Main Mode
>
> But I'm not sure how to interpret it, or begin to address it.
>
> I'm also unsure about how the mac's vpn connection should be
> configured (I haven't found an equivalent to
> https://wiki.strongswan.org/projects/strongswan/wiki/NetworkManager
> under the Howto's for a Mac VPN setup, so I don't know if its some
> kind of problem that I can't select the vpn host certificate from the
> vpn setup dialog even though it shows up just fine in the system
> keychain. Any thoughts?
>
> On Thu, Dec 11, 2014 at 1:20 PM, Cindy Moore <ctmoore at cs.ucsd.edu> wrote:
>> I'm trying to get a basic connection going with a mac os x client to
>> strongswan (latest) installed on ubuntu (14.04 lts). I'm not entirely
>> certain what is going on. It seems like the client isn't sending the
>> desired certificate. in the log file, vpnHostCert doesn't seem to
>> play a part at all which i find unexpected.
>>
>> When I set up the mac I sent the p12 packages over to the mac, added
>> the three of them (root, vpnHost, cindy) to the system keychain.
>> What's weird though, is that I can only seem to select, for both User
>> Authentication certificate & Machine Authentication certificate, the
>> one identified with ctmoore at example.com (I had expected to select that
>> for User Auth, and the vpn.example.com for Machine Auth -- all three
>> (root, vpn, cindy) certificates are visible in the system keychain,
>> but only the cindy one appears in the list of options when selecting
>> User/Machine Auth in setting up a vpn connection on the mac. I set
>> the strongswan root up as a trusted cert, and authorized the use of
>> all three in any kind of setting.
>>
>>
>> Overview of setup (syslog copy at end)
>>
>>
>> Created the certificates. Sorry, my email program is eating tabs.
>>
>> ========
>> "root":
>> ipsec pki --gen --type rsa --size 4096 \
>> --outform pem \
>>> private/strongswanKey.pem
>> chmod 600 private/strongswanKey.pem
>> ipsec pki --self --ca --lifetime 3650 \
>> --in private/strongswanKey.pem --type rsa \
>> --dn "C=US, O=ThatsUs, CN=strongSwan Root CA" \
>> --outform pem \
>>> cacerts/strongswanCert.pem
>>
>> ========
>> host:
>> ipsec pki --gen --type rsa --size 2048 \
>> --outform pem \
>>> private/vpnHostKey.pem
>> chmod 600 private/vpnHostKey.pem
>> ipsec pki --pub --in private/vpnHostKey.pem --type rsa | \
>> ipsec pki --issue --lifetime 730 \
>> --cacert cacerts/strongswanCert.pem \
>> --cakey private/strongswanKey.pem \
>> --dn "C=US, O=ThatsUs, CN=vpn.example.com" \
>> --san vpn.example.com \
>> --flag serverAuth --flag ikeIntermediate \
>> --outform pem > certs/vpnHostCert.pem
>>
>> ipsec pki --print looks okay for both
>>
>> ========
>> created p12 packages
>> # openssl pkcs12 -export -in certs/vpnHostCert.pem -nokeys -nodes -out
>> exports/vpnHost.p12
>> Enter Export Password:
>> Verifying - Enter Export Password:
>>
>> # openssl pkcs12 -export -in cacerts/strongswanCert.pem -nokeys -nodes
>> -out exports/strongSwan.p12
>> Enter Export Password:
>> Verifying - Enter Export Password:
>>
>> ========
>> client certificate
>> ipsec pki --gen --type rsa --size 2048 \
>> --outform pem \
>>> private/cindyKey.pem
>> chmod 600 private/cindyKey.pem
>> ipsec pki --pub --in private/cindyKey.pem --type rsa | \
>> ipsec pki --issue --lifetime 730 \
>> --cacert cacerts/strongswanCert.pem \
>> --cakey private/strongswanKey.pem \
>> --dn "C=US, O=ThatsUs, CN=ctmoore at example.com" \
>> --san ctmoore at example.com \
>> --outform pem > certs/cindyCert.pem
>>
>> (plus p12 packaging)
>>
>> ========
>> ipsec.secrets
>> : RSA vpnHostKey.pem
>>
>> =========
>> ipsec.conf
>>
>> conn %default
>> ikelifetime=60m
>> keylife=60m
>> rekeymargin=3m
>> keyingtries=1
>> #vpn server
>> left=[vpn ip]
>> leftcert=vpnHostCert.pem
>> # certificate based ID
>> leftid="C=US, O=strongSwan, CN=vpn.example.com"
>> #allow full tunneling
>> leftsubnet=0.0.0.0/0
>> #assign ip addr from this pool
>> rightsourceip=[...]
>> # assign dns servers once connected
>> rightdns=[...]
>>
>> ca %default
>> cacert=strongswanCert.pem
>>
>> # certificate only
>> conn roadwarrior-ikev2
>> keyexchange=ikev2
>> leftauth=pubkey
>> right=%any
>> rightid=%any
>> rightauth=pubkey
>> auto=add
>>
>> # certificate only, fakeout on xauth (for eg Mac/iOS that must do
>> xauth. and ikev1 for that matter)
>> conn roadwarrior-ikev1
>> keyexchange=ikev1
>> leftauth=pubkey
>> right=%any
>> rightid=%any
>> rightauth=pubkey
>> rightauth2=xauth-noauth
>> auto=add
>>
>>
>> ========
>>
>>
>> Using the same ctmoore cert on User/Machine auth in the mac vpn and
>> connect anyway, I get the following in the syslog
>>
>> I find the
>> Dec 11 12:47:54 vpn charon: 10[IKE] found 1 matching config, but none
>> allows RSA signature authentication using Main Mode
>> entry interesting, but I don't know if that's the issue, and if it is,
>> what I can do about it.
>>
>>
>> /var/log/syslog
>> ========
>> Dec 11 12:47:54 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:47:54 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:47:54 vpn charon: 04[NET] received packet: from [client
>> ip][500] to [vpn ip][500] (300 bytes)
>> Dec 11 12:47:54 vpn charon: 04[ENC] parsed ID_PROT request 0 [ SA V V
>> V V V V V V V V V ]
>> Dec 11 12:47:54 vpn charon: 04[CFG] looking for an ike config for [vpn
>> ip]...[client ip]
>> Dec 11 12:47:54 vpn charon: 04[CFG] candidate: [vpn ip]...%any, prio 1052
>> Dec 11 12:47:54 vpn charon: 04[CFG] found matching ike config: [vpn
>> ip]...%any with prio 1052
>> Dec 11 12:47:54 vpn charon: 04[IKE] received NAT-T (RFC 3947) vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-08 vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-07 vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-06 vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-05 vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-04 vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-03 vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-02 vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-02\n vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] received DPD vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] [client ip] is initiating a Main Mode IKE_SA
>> Dec 11 12:47:54 vpn charon: 04[IKE] IKE_SA (unnamed)[3] state change:
>> CREATED => CONNECTING
>> Dec 11 12:47:54 vpn charon: 04[CFG] selecting proposal:
>> Dec 11 12:47:54 vpn charon: 04[CFG] no acceptable ENCRYPTION_ALGORITHM found
>> Dec 11 12:47:54 vpn charon: 04[CFG] selecting proposal:
>> Dec 11 12:47:54 vpn charon: 04[CFG] no acceptable DIFFIE_HELLMAN_GROUP found
>> Dec 11 12:47:54 vpn charon: 04[CFG] selecting proposal:
>> Dec 11 12:47:54 vpn charon: 04[CFG] proposal matches
>> Dec 11 12:47:54 vpn charon: 04[CFG] received proposals:
>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
>> Dec 11 12:47:54 vpn charon: 04[CFG] configured proposals:
>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048,
>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536,
>> IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/AES_XCBC_96/AES_CMAC_96/HMAC_SHA1_96/HMAC_MD5_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/PRF_HMAC_MD5/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160
>> Dec 11 12:47:54 vpn charon: 04[CFG] selected proposal:
>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
>> Dec 11 12:47:54 vpn charon: 04[IKE] sending XAuth vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] sending DPD vendor ID
>> Dec 11 12:47:54 vpn charon: 04[IKE] sending NAT-T (RFC 3947) vendor ID
>> Dec 11 12:47:54 vpn charon: 04[ENC] generating ID_PROT response 0 [ SA V V V ]
>> Dec 11 12:47:54 vpn charon: 04[NET] sending packet: from [vpn ip][500]
>> to [client ip][500] (132 bytes)
>> Dec 11 12:47:54 vpn charon: 03[NET] sending packet: from [vpn ip][500]
>> to [client ip][500]
>> Dec 11 12:47:54 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:47:54 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:47:54 vpn charon: 09[NET] received packet: from [client
>> ip][500] to [vpn ip][500] (228 bytes)
>> Dec 11 12:47:54 vpn charon: 09[ENC] parsed ID_PROT request 0 [ KE No
>> NAT-D NAT-D ]
>> Dec 11 12:47:54 vpn charon: 09[IKE] sending cert request for "C=US,
>> O=ThatsUs, CN=strongSwan Root CA"
>> Dec 11 12:47:54 vpn charon: 09[ENC] generating ID_PROT response 0 [ KE
>> No CERTREQ NAT-D NAT-D ]
>> Dec 11 12:47:54 vpn charon: 09[NET] sending packet: from [vpn ip][500]
>> to [client ip][500] (310 bytes)
>> Dec 11 12:47:54 vpn charon: 03[NET] sending packet: from [vpn ip][500]
>> to [client ip][500]
>> Dec 11 12:47:54 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:47:54 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:47:54 vpn charon: 10[NET] received packet: from [client
>> ip][500] to [vpn ip][500] (1492 bytes)
>> Dec 11 12:47:54 vpn charon: 10[ENC] parsed ID_PROT request 0 [ ID CERT
>> SIG CERTREQ N(INITIAL_CONTACT) ]
>> Dec 11 12:47:54 vpn charon: 10[IKE] ignoring certificate request without data
>> Dec 11 12:47:54 vpn charon: 10[IKE] received end entity cert "C=US,
>> O=ThatsUs, CN=ctmoore at example.com"
>> Dec 11 12:47:54 vpn charon: 10[CFG] looking for RSA signature peer
>> configs matching [vpn ip]...[client ip][C=US, O=ThatsUs,
>> CN=ctmoore at example.com]
>> Dec 11 12:47:54 vpn charon: 10[CFG] candidate "roadwarrior-ikev1",
>> match: 1/1/1052 (me/other/ike)
>> Dec 11 12:47:54 vpn charon: 10[IKE] found 1 matching config, but none
>> allows RSA signature authentication using Main Mode
>> Dec 11 12:47:54 vpn charon: 10[IKE] queueing INFORMATIONAL task
>> Dec 11 12:47:54 vpn charon: 10[IKE] activating new tasks
>> Dec 11 12:47:54 vpn charon: 10[IKE] activating INFORMATIONAL task
>> Dec 11 12:47:54 vpn charon: 10[ENC] generating INFORMATIONAL_V1
>> request 2651689082 [ HASH N(AUTH_FAILED) ]
>> Dec 11 12:47:54 vpn charon: 10[NET] sending packet: from [vpn ip][500]
>> to [client ip][500] (84 bytes)
>> Dec 11 12:47:54 vpn charon: 10[IKE] IKE_SA (unnamed)[3] state change:
>> CONNECTING => DESTROYING
>> Dec 11 12:47:54 vpn charon: 03[NET] sending packet: from [vpn ip][500]
>> to [client ip][500]
>> Dec 11 12:47:57 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:47:57 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:00 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:48:00 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:03 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:48:03 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:06 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:48:06 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:09 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:48:09 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:16 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:48:16 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:19 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:48:19 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:22 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:48:22 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:24 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:48:24 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:24 vpn charon: 04[NET] received packet: from [client
>> ip][500] to [vpn ip][500] (300 bytes)
>> Dec 11 12:48:24 vpn charon: 04[ENC] parsed ID_PROT request 0 [ SA V V
>> V V V V V V V V V ]
>> Dec 11 12:48:24 vpn charon: 04[CFG] looking for an ike config for [vpn
>> ip]...[client ip]
>> Dec 11 12:48:24 vpn charon: 04[CFG] candidate: [vpn ip]...%any, prio 1052
>> Dec 11 12:48:24 vpn charon: 04[CFG] found matching ike config: [vpn
>> ip]...%any with prio 1052
>> Dec 11 12:48:24 vpn charon: 04[IKE] received NAT-T (RFC 3947) vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-08 vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-07 vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-06 vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-05 vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-04 vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-03 vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-02 vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received
>> draft-ietf-ipsec-nat-t-ike-02\n vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] received DPD vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] [client ip] is initiating a Main Mode IKE_SA
>> Dec 11 12:48:24 vpn charon: 04[IKE] IKE_SA (unnamed)[4] state change:
>> CREATED => CONNECTING
>> Dec 11 12:48:24 vpn charon: 04[CFG] selecting proposal:
>> Dec 11 12:48:24 vpn charon: 04[CFG] no acceptable ENCRYPTION_ALGORITHM found
>> Dec 11 12:48:24 vpn charon: 04[CFG] selecting proposal:
>> Dec 11 12:48:24 vpn charon: 04[CFG] no acceptable DIFFIE_HELLMAN_GROUP found
>> Dec 11 12:48:24 vpn charon: 04[CFG] selecting proposal:
>> Dec 11 12:48:24 vpn charon: 04[CFG] proposal matches
>> Dec 11 12:48:24 vpn charon: 04[CFG] received proposals:
>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
>> Dec 11 12:48:24 vpn charon: 04[CFG] configured proposals:
>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048,
>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536,
>> IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/AES_XCBC_96/AES_CMAC_96/HMAC_SHA1_96/HMAC_MD5_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/PRF_HMAC_MD5/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160
>> Dec 11 12:48:24 vpn charon: 04[CFG] selected proposal:
>> IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
>> Dec 11 12:48:24 vpn charon: 04[IKE] sending XAuth vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] sending DPD vendor ID
>> Dec 11 12:48:24 vpn charon: 04[IKE] sending NAT-T (RFC 3947) vendor ID
>> Dec 11 12:48:24 vpn charon: 04[ENC] generating ID_PROT response 0 [ SA V V V ]
>> Dec 11 12:48:24 vpn charon: 04[NET] sending packet: from [vpn ip][500]
>> to [client ip][500] (132 bytes)
>> Dec 11 12:48:24 vpn charon: 03[NET] sending packet: from [vpn ip][500]
>> to [client ip][500]
>> Dec 11 12:48:24 vpn charon: 02[NET] received packet: from [client
>> ip][500] to [vpn ip][500]
>> Dec 11 12:48:24 vpn charon: 02[NET] waiting for data on sockets
>> Dec 11 12:48:24 vpn charon: 09[NET] received packet: from [client
>> ip][500] to [vpn ip][500] (228 bytes)
>> Dec 11 12:48:24 vpn charon: 09[ENC] parsed ID_PROT request 0 [ KE No
>> NAT-D NAT-D ]
>> Dec 11 12:48:24 vpn charon: 09[IKE] sending cert request for "C=US,
>> O=ThatsUs, CN=strongSwan Root CA"
>> Dec 11 12:48:24 vpn charon: 09[ENC] generating ID_PROT response 0 [ KE
>> No CERTREQ NAT-D NAT-D ]
>> Dec 11 12:48:24 vpn charon: 09[NET] sending packet: from [vpn ip][500]
>> to [client ip][500] (310 bytes)
>> Dec 11 12:48:24 vpn charon: 03[NET] sending packet: from [vpn ip][500]
>> to [client ip][500]
>> Dec 11 12:48:54 vpn charon: 10[JOB] deleting half open IKE_SA after timeout
>> Dec 11 12:48:54 vpn charon: 10[IKE] IKE_SA (unnamed)[4] state change:
>> CONNECTING => DESTROYING
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJUi2yBAAoJEDg5KY9j7GZY9m8P/3PCh9zGrW9lwY22ITbmyFWk
SRncTc9fOii0l6lSMxQTJmiBn6TkFtzP+4TOW4TnYnaoCyVxxnNeROeIN95iRchz
QOwAX9hvLeDxxePWGw2VqtuRKRp4fb5qDUxEoCXVc5Bjmtq+BjOzYmpg+zDo3N0W
ISvtKsPB7YgNDx/yFKsqbjuVNqOC5Qri/saWtQMB30p3W9rXO4C90sruBYB6hrEV
+UOcLNojrPEjS6AwGPwc6eQ13Ic+JC8uQYF9Di5UykorQANJnjbaPEWuj8QWSzxx
qCy2aESQfG+OENCa8e2xmVLGVVUDGtYkoXySamcg4vWgiTe9TiDQgOIBE0IV0zaP
qfnlN3HIyS76Rg77yoejUEh8EWD2lGBqBGuLRMwh1c0tsHRn0AJGLC8bljBcy3tK
+m3Kiyv9v0d9uuwLIGJpAew7JZN75wbXHkkrO/gSVDlQ/4imDQIo4tLEZjOXsuwE
WWqJGmsTZOp8GLooBGhbfypPEDhte911A5cB3kHb+f4il0sj+Hg+go+KxdsOJ0TF
l2KdXXIWqezzW6ZiVvUTRknB0/AUM7xlICx82+ZK5kB9WUCsflLchal8OO3Sq+yK
cgT+vmMYiP3vSM/itnsdgqneP8rSPoE7x1AqWv8yj2nWaO5B0TywAiNvxETO+tUo
EuxuuFFxj9HMEKtHGueC
=n6gj
-----END PGP SIGNATURE-----
More information about the Users
mailing list