Hello,
I've compiled ntp-4.2.6p2 from the source code with crypto, openssl and
autokey enabled on CentOS 5.4 platform. I've configured my CentOS 5.4 client
to use Autokey but it doesn't sync as you can see below. Authentication is
OK but it rejects the trusted server. I've done the same configurat
Hi All,
I am trying to configure a trusted NTP server and some clients using
Autokey.
ntp-keygen document:
-HGenerate a new encrypted RSA public/private host key file and link. Note
that if the sign key is the same as the host key, generating a new host key
invalidates all certificates signed w
Hi All,
I tried building ntp 4.2.6p3 with openssl-0.9.8n on Redhat 7.2 but it failed
as you can see below. Build was OK with openssl-0.9.7d.
Is there a bug or a configuration issue?
I would appreciate your comments.
/bin/sh ./libtool --tag=CC --mode=link gcc -g -O2 -Wall -Wcast-qual
-Wmissin
Hi
I tried to build ntp with static link to openssl. The build was fine but
openssl was not linked
and as a result crypto operations were not supported.
I'd appreciate your comment on what's wrong in the these commands and how to
fix it.
Platform: Redhat 7.2 Linux
ntp-4.2.6p3
openssl 0.9.8.n
I
I tried --disable-shared and --enable-static; they didn't work. It still
built with the shared openssl library.
Any other idea? Should I modify the configure or Makefile?
Thanks.
Joe
On Wed, Jun 1, 2011 at 6:21 PM, Harlan Stenn wrote:
> You might also want --disable-shared .
>
> H
>
___
Hi,
I've defined the following symmetric keys in my NTP client and serve but
they didn't work. I defined them based on my understanding of the ntp key
man page which doesn't have sample keys.
1 A passA1
2 N 0xC7D3C7D3C7D3C7D3
3 S 0xD7DAD7DAD7DAD7DA
4 S 0xd5b5cdd9dcfec1f1
NTP Associations
ri, Dec 2, 2011 at 1:42 PM, Dave Hart wrote:
> On Fri, Dec 2, 2011 at 14:39, Joe Smithian wrote:
> > Hi,
> >
> > I've defined the following symmetric keys in my NTP client and serve but
> > they didn't work. I defined them based on my understanding of the
A,N,S, and M keys are defined in the man ntp.keys
http://www.gsp.com/cgi-bin/man.cgi?section=5&topic=ntp.keys
On Mon, Dec 5, 2011 at 11:48 AM, Dave Hart <
davehart_gmail_exchange_...@davehart.net> wrote:
> On Mon, Dec 5, 2011 at 14:34, Joe Smithian wrote:
> > Hi Dave,
>
tch with the type of
certificate scheme used when generating keys with ntp-keygen -c?
Thanks
Joe.
On Thu, Dec 8, 2011 at 2:01 PM, Steve Kostecke wrote:
> On 2011-12-08, Joe Smithian wrote:
>
> > A,N,S, and M keys are defined in the man ntp.keys
> >
> > http://www.gsp.
tch with the type of
certificate scheme used when generating keys with ntp-keygen -c?
Thanks
.
>
>
>
>
> On Thu, Dec 8, 2011 at 2:01 PM, Steve Kostecke wrote:
>
>> On 2011-12-08, Joe Smithian wrote:
>>
>> > A,N,S, and M keys are defined in the man ntp.keys
&
Hello,
I have configured my NTP server and client to use Autokey with IFF Identity
scheme and it's working, client synchronizes to my servers.
It synchronizes with and without copying the IFF parameter to the client.
So I'm wondering if IFF identity scheme is actually being used; How can I
verify
GQ is actually
being used.
BTW, I found two problems in this document:
http://support.ntp.org/bin/view/Support/ConfiguringAutokey<http://support.ntp.org/bin/view/Support/ConfiguringAutokey#Section_6.7.4>
In sections 6.7.2.5 and 6.7.3.6:
ntp-keygen -T -q `awk '/crypto pw/ { print $3 }'
Hi all,
I've written a test script to test all the symmetric and autokey
authentication key types and algorithms. The scripts waits for a delay
time after restarting ntpd and then runs the "ntpq -c as" command to see
if '*' has appeared beside the server name.The problem is that the
synchronizat
I tried to generate autokey with -V 1 option for MV identity scheme but it
failed as you can see below.
I tried on two machines, both failed
ntp-4.2.6p2- on Linux Fedora core 6, kernel 2.6.18-1.2798.fc6 and CentOs
5.4 with kernel 2.6.18-164.el5
*[root@myserver ntp]# ntp-keygen -T -V 1 -p serve
OpenSSL version 90802f
> Using host myserver group myserver
> Corrupt file ntpkey_host_myserver or wrong key myserver
> error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
>
> Regards
>
> Joe
>
>
>
> On Tue, Dec 13, 2011 at 10:55 AM, Steve K
clear how can I verify that IFF or GQ are actually working!
Thanks
Joe.
On Fri, Dec 16, 2011 at 1:06 PM, Steve Kostecke wrote:
> On 2011-12-16, Joe Smithian wrote:
>
>> I tried ntpq -c "rv assID flags" command, it shows the Identity Scheme
>> that the server supports
H All,
I am surprised that NTP still supports insecure algorithms such as MD2, MD5
and small key sizes 256,512,1024 in the Autokey authentication! Any plan
to deprecate weak algorithms and add more secure algorithms such as SHA-2
and SHA-3?
Below is a list of supported keys and algorithms in nt
Thanks all for your comments. Good to know that NTPSec is coming. When do
you expect NTPSec be available in major Linux distributions such as Red Hat
and Ubuntu?
Joe
On Thu, Mar 24, 2016 at 3:40 AM, Harlan Stenn wrote:
> Danny Mayer writes:
> > On 3/21/2016 12:11 PM, Joe Smith
Thanks Harlan for your comments. So for a while we have no better option
than NTP Autokey for authentication.
Joe
On Mon, Apr 4, 2016 at 9:34 PM, Harlan Stenn wrote:
> Joe Smithian writes:
>
> > Thanks all for your comments. Good to know that NTPSec is coming. When do
> > yo
19 matches
Mail list logo
