Adam Chou writes: > First off, I'm not entirely certain if it's a problem with the documentation > or just the way I'm implementing IFF autokey. > > I'm running RHEL 6.3 x86_64 with ntpd 4.2.4p8
That is Really Old Software. Many changes and improvements have been made to how things work since then. > The issue I'm having is in this section: https://support.ntp.org/bin/view/Sup > port/ConfiguringAutokeyFourTwoFour#Section_6.8.3.4.1. > > Specifically, the section that says: > > "You must create an ntpkey_iff_client sym-link to activate IFF. You > may set this sym-link to point to any file in the keysdir. Such as: > > ln -s ntpkey_host_client ntpkey_iff_client" > > I can't find any mention about needing to do that in the man page for > ntp-keygen. Furthermore, when I create the symlink, my cryptostats > shows: > > "error 10e opcode 82070000" > > running ntpd -D4 displays: > "peer x.x.x.x event 'bad_or_missing_group_key' (0x10e) status 'unreach, conf, > auth, 1 event, event_14' (0xe01e)" > > Needless to say, my client isn't able to get time from the > server. However, when I remove that symlink, time syncs correctly. > Since the wiki page seems pretty assertive on needing that symlink, > I'm not sure if I did something wrong or if it is actually an issue > with that symlink. But even if I did do something wrong, the > documentation doesn't mention a use case where that symlink will break > ntp. > > btw, sorry I didn't post more info. This system is on a network not > connected to the Internet. I have to type out everything. You might get more information if you crank up the debugging level a bit. Can you get support from RH for your problem? -- Harlan Stenn <[email protected]> http://networktimefoundation.org - be a member! _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
