Cloak icon indicating copy to clipboard operation
Cloak copied to clipboard
verified publisher icon cbeuw

Failed to prepare connection to remote: cipher: message authentication failed

Open holyslav opened this issue 1 year ago • 1 comments

Hi, I raised openvpn + cloak in docker. I checked openvpn separately, there are no problems, everything connects, and when I try to send traffic through the client, I get an error from the header, and only in the client, the server is silent. The Cloak server itself generally responds to packets, if you send some garbage to it via the telnet utility, it will say:

time="2024-11-21T14:11:10Z" level=warning msg="error reading first packet: unrecognised protocol" remoteAddr="172.30.0.2:43732"

docker-compose.yml

 cloak:
  container_name: "cloak"
  restart: always
  build:
    context: cloak
    dockerfile: Dockerfile
  image: cloak:local
  command: "/usr/bin/ck-server -c /etc/cloak/ckserver.json -verbosity trace"
  volumes:
    - type: bind
      source: ./cfg/cloak.json
      target: /etc/cloak/ckserver.json
    - type: bind
      source: ./userinfo.db
      target: /userinfo.db
  network_mode: service:openvpn
  depends_on:
    openvpn:
      condition: 'service_healthy'

ckserver.json

{
      "ProxyBook":
      {
          "openvpn":
          [
              "tcp",
              "127.0.0.1:1194"
          ]
      },
      "BindAddr":
      [
          ":443"
      ],
      "BypassUID":
      [
          "BypassUID=="
      ],
      "RedirAddr": "theyr.com",
      "PrivateKey": "PrivateKey=",
      "AdminUID": "AdminUID==",
      "DatabasePath": "/userinfo.db",
      "StreamTimeout": 300
  }

client.json

{
    "BrowserSig": "chrome",
    "EncryptionMethod": "aes-gcm",
    "NumConn": 1,
    "ProxyMethod": "openvpn",
    "PublicKey": "PublicKey=",
    "RemoteHost": "SeverIP",
    "RemotePort": "443",
    "ServerName": "google.com",
    "StreamTimeout": 300,
    "Transport": "direct",
    "UID": "AdminUID=="
}

./ck-client-linux-amd64-v2.10.0 -c ./client.json -verbosity trace

INFO[0000] Starting standalone mode                     
INFO[2024-11-21T14:19:25Z] Listening on TCP 127.0.0.1:1984 for openvpn client 
INFO[2024-11-21T14:19:28Z] Attempting to start a new session            
TRAC[2024-11-21T14:19:28Z] client hello sent successfully               
TRAC[2024-11-21T14:19:28Z] waiting for ServerHello                      
ERRO[2024-11-21T14:19:28Z] Failed to prepare connection to remote: cipher: message authentication failed

holyslav avatar Nov 21 '24 14:11 holyslav

I have the same issue but using shadowsocks. It was working but, in some moment, it wasn't (server update maybe?).

However, when I use the same combo in android (shadowsocks + ck-client) I don't have any problem.

chrisvte avatar Feb 21 '25 11:02 chrisvte