[ntp:questions] Re: Crypto iffpar
kostecke at ntp.isc.org
Sun Dec 4 05:38:40 UTC 2005
On 2005-12-02, Kevin Golder <kgolder at spectracomcorp.com> wrote:
> I'm attempting to override the ntpkey_iff_hostname link using
> the iffpar option of the crypto command. I first setup a trusted
> authority and client using the iff identity scheme successfully. Then
> I configured the override of the ntpkey_iff_hostname on my trusted
> authority successfully. When I proceeded to do the same on the client,
> it then could never reach the server and with the debug turned on, the
> client kept reporting "no compatible identity scheme found."
If you wish to use a TA to distribute Identity Scheme Parameters for
time servers you will need to use the '-i' and, possibly, the '-s'
Set the subject name to name. This is used as the subject field in
certificates and in the file name for host and sign keys.
Set the issuer name to name. This is used for the issuer field in
certificates and in the file name for identity files.
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/
More information about the questions