[ntp:questions] ntp-keygen problem in ntp-4.2.4p5
youpak2000 at yahoo.com
youpak2000 at yahoo.com
Fri Sep 5 14:01:44 UTC 2008
On Sep 2, 11:03 pm, "David L. Mills" <mi... at udel.edu> wrote:
> Joe,
>
> I seriously dooubt anything autokey works properly in the p5
> (production) version. That version has been on a different maintainence
> track than the p127 (development) version for well over a year. The p5
> protocol and crypto modules date from December 2006 and the keygen
> module from August of this year. The configuration and key management
> procedures did change in the summer of 2007 to both simplify the
> procedures and provide nested, separately keyed secure groups. This is
> documented on the current web and in the development version.
>
> I dispair that the production version lags so far behind the development
> version and especially when production maintenance results in
> incompatible module matches. My advice is to use the development
> version, which is in rather good shape.
>
> By the way, I did verify the -H option does work in p127. The discussion
> on the Authentication Options andntp-keygenpages has been rewritten
> and clarified. You should find things much simpler, more straightforward
> and with consistent defaults.
>
> Dave
>
> youpak2... at yahoo.com wrote:
> > Hi all,
>
> > I installed the new ntp-4.2.4p5 in Redhat 7.2 and I noticed thatntp-> keygendoesn’t works as it used to work in previous versions. I tried
> > to generate Autokey keys and certificates
> > but it doesn’t work as you can see bellow. Is it a bug or I am missing
> > something? Did they change thentp-keygenwithout updating its
> > documents?
> > #ntp-keygen-H
> >ntp-keygen: illegal option – H
> >ntp-keygen(ntp) - Create a NTP host key - Ver. 4.2.4p5
> > USAGE: ntp-keygen[ -<flag> [<val>] | --<name>[{=| }<val>] ]...
> > Flg Arg Option-Name Description
> > -d no debug-level Increase output debug message level
> > -D Str set-debug-level Set the output debug message level
> > -M no md5key generate MD5 keys
> > -v opt version Output version information and exit
> > -? no help Display usage information and exit
> > -! no more-help Extended usage information passed thru pager
> > -> opt save-opts Save the option state to a config file
> > -< Str load-opts Load options from a config file
>
> > Options are specified by doubled hyphens and their name
> > or by a single hyphen and the flag character.
>
> > please send bug reports to: http://bugs.ntp.isc.org, b... at ntp.org
>
> > Regards
>
> > Joe
Thank you Dr. Mills for your reply and suggestion to use the latest
p127 dev version. I'm wondering if this dev version is stable enough
to use it in a commercial product.
As Harlan (thanks) correctly pointed out the reason ntp-keygen didn't
work in my 4.2.4p5 build was that I didn't build it with crypto and
openssl options. I rebuilt it with those options and ntp-keygen works
as I expected.
Thanks again.
Joe
More information about the questions
mailing list