Jacek,
An index to the cryptic error comment is in ./include/ntp_crypto.h. It
says "bad or missing group key". This message is from the client; you
should see the similar message at the server. Check to be sure you are
using the correct client parameters file.
Recent chjanges to the configuration process makes it much simpler to
deply a secure subnet. This doesn't change the protocol, just the
commands to set it up. See the development documentation on the web and
the Autokey Public Key Cryptography page..
Dave
Jacek Igalson wrote:
Hello,
Some time ago I reported a bug in the implementation of
AutoKey+IFF, in ntp ver 4.2.4p8.
The error is intermittent and has been observed a in the long
run of ntpd, that is within 2 - 10 days.
When the error happens, ntpd keeps on running but authenticated
server is rejected:
ntpq -p
remote refid st t when poll reach delay offset
jitter
====================================================
neptune .CRYP. 16 u 6d 16 0 0.000 0.000
0.000
*ntp2.tp.pl .ATOM. 1 u 15 64 377 2.522 0.008
0.088
ntpq -c associations
ind assID status conf reach auth condition last_event cnt
===========================================
1 60684 e0fe yes yes ok reject 15
2 60685 9614 yes yes none sys.peer reachable 1
Client synchronizes successfully to the another server which is
in the configuration file.
Server with the authentication is not used any more, "reject"
status seems to be permanent (unless ntpd is restarted).
The only hint is in cryptostats logfile:
...ntpkey_IFFkey_xxx.tpnet.pl.3479706582 mod 384
...error 10e opcode 82070000 ts 3505303563 fs 3479706582
What is a meaning of error 10e opcode?
Has someone encountered such a problem in the longer run?
I appreciate your help.
Jacek
_______________________________________________
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions
_______________________________________________
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions
