Antonio M. Moreiras schrieb:
We were using autokey at our public ntp servers(1) since 2011. We are
now in the middle of a process to deactivate it, since 4.2.8 is broken
(we could not make autokey work with 4.2.8 on Linux, it seems to be some
issue related to the version 1.0.x of openssl).
Which NTP version have you been using before?
There has been a bug which could be the reason for the problem:
Bug 1243 - MD5auth_setkey zero-fills key from first zero octet
https://bugs.ntp.org/show_bug.cgi?id=1243
This has been fixed before 4.2.6, but unfortunately the fix break
compatibilty between versions of ntpd which have it and versions which
don't. See comment #22:
https://bugs.ntp.org/show_bug.cgi?id=1243#c22
In 4.2.6 and newer there is a configuration option which can be used to
force the old behavior:
--enable-bug1243-fix + use unmodified autokey session keys
So this may also depend on how the earlier versions of ntpd have been built.
Martin
--
Martin Burnicki
Meinberg Funkuhren
Bad Pyrmont
Germany
_______________________________________________
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions
