[ntp:questions] Re: ntp authentication setup

Dave dmehler26 at woh.rr.com
Thu Nov 24 00:29:20 UTC 2005


Hi,
    Thanks for the reply. I've got the keys sorted out, was GQ a good 
authentication choice? Would multicast/unicast autokeys be better? I'm still 
getting the noted error about address already in use, i stopped ntpd and 
checked with sockstat -4|grep 123 and it didn't return anything.
Thanks.
Dave.

"Steve Kostecke" <kostecke at ntp.isc.org> wrote in message 
news:slrndo9p8t.hbm.kostecke at stasis.kostecke.net...
> On 2005-11-23, Dave <dmehler26 at woh.rr.com> wrote:
>
>> Should i make the clientpassword the same as serverpassword?
>
> http://ntp.isc.org/bin/view/Support/ConfiguringAutokey
>
> | 6.6.1.3.2. GQ Parameters
> |
> | The GQ parameter generation process produces a key file which is shared
> | between all members of an NTP Trust Group.
> |
> | ALERT! You must use the same crypto password on all members of an NTP
> | Trust Group for the GQ Identity Scheme.
> |
> | 6.6.2.4.2. GQ Group Keys
> |
> | Obtain the GQ group key, generated in 6.6.1.3.2. GQ Parameters via a
> | secure means, copy the key file to the keysdir, and create the standard
> | sym-link:
> |
> | cd /etc/ntp
> | ln -s ntpkey_GQpar_server.3301145293 ntpkey_gq_server
> |
> | ALERT! You must use the same crypto password on all members of an NTP
> | Trust Group for the GQ Identity Scheme.
>
>> In my client log i see:
>> Nov 21 20:17:07 zeus ntpd[92140]: ntpd 4.2.0-a Thu Nov 10 21:05:26 EST 
>> 2005
>> (1)
>> Nov 21 20:17:07 zeus ntpd[92140]: bind() fd 11, family 2, port 123, addr
>> 192.168.0.3, in_classd=0 flags=8 fails: Address already in use
>
> This suggests that you have more than one instance of ntpd running.
>
> -- 
> Steve Kostecke <kostecke at ntp.isc.org>
> NTP Public Services Project - http://ntp.isc.org/ 





More information about the questions mailing list