On 2006-06-06, David L. Mills <[EMAIL PROTECTED]> wrote: >Dave Mills wrote: > >> Steve Kostecke wrote: >> >>> 3. Generate GQ parameters on each peer: >>> >>> ntp-keygen -T -G -p common_password
<snip> >>> 4. 'cross copy' the GQPar files between the systems which will be peers >>> and create the sum-link. In a two peer trust group you would see the >>> following in each peers' keys dir (in addition to the host parameters): >>> >>> ntpkey_GQpar_peer1.xxxxxxxxxx >>> ntpkey_GQpar_peer2.xxxxxxxxxx >>> ntpkey_gq_peer1 -> ntpkey_GQpar_peer1.xxxxxxxxxx >>> ntpkey_gq_peer2 -> ntpkey_GQpar_peer2.xxxxxxxxxx >> >> This of course is the acid test for Autokey - symmetric modes and >> something other than IFF. > > Further to my last: Remember, there must be a valid certificate > trail from every dependent host to a host with trusted, self-signed > certificate. <snip> > ... how about making all peers trusted and all have all the keys for. That's what I did. -- Steve Kostecke <[EMAIL PROTECTED]> NTP Public Services Project - http://ntp.isc.org/ _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
