[ntp:questions] Re: Crypto iffpar
serge.bets at NOSPAM.laposte.invalid
Wed Dec 21 11:27:17 UTC 2005
On Saturday, December 17, 2005 at 6:17:28 +0000, Steve Kostecke wrote:
> In that message I omitted the fact that the client, _at_ _that_
> _time_, had an IFFpar file so that it could serve authenticated time
> to another system.
Climbing up the thread, in that message and since then you said:
>>>>>>> files in the client's /etc/ntp: [no ntpkey_iff_stasis]
>>>>>>> [1st cryptostats]
>>>>>>> 53712 65898.557 ntpkey_IFFpar_stasis.3342803910 mod 384
>>>>> No, I don't. Please re-read my previous article; that line you
>>>>> quoted above is from a much older article.
>>>>> Those tests were performed with 'stasis' configured purely as a
>>>>> unicast client of 'ntp0'.
>>> No. I really don't
>>> [2nd cryptostats]
And you call that an "omitted fact"? Nice terminology. I would have
naively called that a voluntary propagation of misleading informations
in the intent to hide a previous mistake. But your wording is way
better. While at it you should have dared to suggest that there is
confusion on my side... Hey, wait a second. Bravo, you've done it:
>>> You may be confused by the fact the one of my sets of results was
>>> generated while stasis was configured to serve authenticated time to
>>> a third host.
> The existence of this IFFpar file is [...]
The heart of the ConfiguringAutokey problem. The main reason of this
whole debate. The *only* single point of disagreement between us. There
are other disagreements, but they are only secondary consequences of
this one single point, and they will mostly self-dissolve once the truth
>> What means this 0x2 at certificate loading?
Thank you for the informations.
> Here's yet another extract. For this one I regenerated the client
> parameters with 'ntp-keygen -H -p .....' to make sure that we're using
> "strict client" host parameters.
Thanks. Very odd 3rd cryptostats, I don't understand it:
- Your 1st cryptostats was similar to mine when I have added a
ntpkey_iff_Client to be loaded at startup.
- Your 2nd cryptostats was similar to mine when I have added a
"crypto ident iff" ntp.conf statement.
- This 3rd cryptostats doesn't look like anything I ever saw. What is
it? Not client mode I suppose?
Serge point Bets arobase laposte point net
More information about the questions