[ntp:questions] IFF autokey issue
kostecke at ntp.isc.org
Wed May 9 15:27:30 UTC 2007
On 2007-05-09, Vladimir Smotlacha <vs at cesnet.cz> wrote:
> Having still problem to setup IFF on client site, I discovered
> unexpected (and undocumented) behavior: the client of IFF group needs
> any IFF parameter file with name "ntpkey_iff_<hostname>" although that
> parameters are never used (assuming right "ntpkey_iff_<server>" is
> present for each server). The only role of "ntpkey_iff_<hostname>" is to
> set the CRYPTO_FLAG_IFF in crypto_flags variable, otherwise the IFF
> authentication process does not start.
The IFF identity scheme will not be used if that sym-link does not point
to a file, or is not a file, containing the valid IFFkey (aka "group"
key) for that server.
Check the association flags.
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/
More information about the questions