[ntp:questions] Re: Crypto iffpar
serge.bets at NOSPAM.laposte.invalid
Sat Dec 3 11:42:21 UTC 2005
On Friday, December 2, 2005 at 19:11:09 +0000, Kevin Golder wrote:
> I'm attempting to override the ntpkey_iff_hostname link using the
> iffpar option of the crypto command.
Same failing as you. "crypto iffpar some_filename" seems to work for
the host's own IFFpar, which will be read and used. But not for another
host's IFFpar: It will be read, will activate IFF scheme negociation
(cryptostats flags 0x80023 where bit 0x20 means IFF), but will finally
not be used (crypto_ident: no compatible identity scheme found).
Note that if additionaly to some_filename, the Server's IFF parameters
file exists on Client also under the standard name ntpkey_iff_Server,
then it works.
That's either a feature, or the intended "crypto iffpar" usage is not
clear in our minds. Given that without "iffpar", renaming
ntpkey_iff_Server to ntpkey_iff_Client does work (IFF is read,
negociated, and used), I'd guess it's a feature. Or the contrary.
Serge point Bets arobase laposte point net
More information about the questions