[ntp:questions] Possible error with autokey documentation
Harlan Stenn
stenn at ntp.org
Mon Aug 4 02:54:43 UTC 2014
Adam Chou writes:
> First off, I'm not entirely certain if it's a problem with the documentation
> or just the way I'm implementing IFF autokey.
>
> I'm running RHEL 6.3 x86_64 with ntpd 4.2.4p8
That is Really Old Software. Many changes and improvements have been
made to how things work since then.
> The issue I'm having is in this section: https://support.ntp.org/bin/view/Sup
> port/ConfiguringAutokeyFourTwoFour#Section_6.8.3.4.1.
>
> Specifically, the section that says:
>
> "You must create an ntpkey_iff_client sym-link to activate IFF. You
> may set this sym-link to point to any file in the keysdir. Such as:
>
> ln -s ntpkey_host_client ntpkey_iff_client"
>
> I can't find any mention about needing to do that in the man page for
> ntp-keygen. Furthermore, when I create the symlink, my cryptostats
> shows:
>
> "error 10e opcode 82070000"
>
> running ntpd -D4 displays:
> "peer x.x.x.x event 'bad_or_missing_group_key' (0x10e) status 'unreach, conf,
> auth, 1 event, event_14' (0xe01e)"
>
> Needless to say, my client isn't able to get time from the
> server. However, when I remove that symlink, time syncs correctly.
> Since the wiki page seems pretty assertive on needing that symlink,
> I'm not sure if I did something wrong or if it is actually an issue
> with that symlink. But even if I did do something wrong, the
> documentation doesn't mention a use case where that symlink will break
> ntp.
>
> btw, sorry I didn't post more info. This system is on a network not
> connected to the Internet. I have to type out everything.
You might get more information if you crank up the debugging level a bit.
Can you get support from RH for your problem?
--
Harlan Stenn <stenn at ntp.org>
http://networktimefoundation.org - be a member!
More information about the questions
mailing list