Error Messages

The following error messages may possibly occur during your operation of SKIP software.

N-counter out of range - either replayed packets or out of sync clocks

"Old" packets have been received by SKIP. This indicates either that, typically, the sending machine's clock is not in synchronization with your machine's clock or that, rarely, an intermediary is sending old packets in a replay attack.

Certificate g+p do not match dh_params

An entry in your access control list has a local identity and remote identity that do not have matching Diffie-Hellman parameters (g is the generator value, p is the prime value). This is typically caused when you try to talk to a system with moduli that do not match (i.e., a 1024-bit system trying to talk to a 512-bit system using 1024-bit keys).

Local secret nsid=xx mkid=xx has expired. Deleting

Your local secret has expired. Generate a new local identity.

Unable to load skipsup.o -- Exiting!

The SKIP support module could not be loaded. Typically, this means that one of the necessary libraries is not available on the machine that is attempting to run SKIP. Ensure that your system has the required software packages installed according to the instructions in the SunScreen User's Guide.

Modulus too big for U.S. export law

You have attempted to load a key that is not permitted under U.S. export law. Make sure that you have installed both the base SKIP package and any SKIP encryption upgrade packages that you have purchased under appropriate U.S. export license control.

skipd: passphrase required issue skipd_restart to enable encryption

The key manager cannot start without a password to decrypt local secrets. Use the command skip_restart to start the key manager.