[ntp:questions] Recompiling ntp with FIPS openssl

Danny Mayer mayer at ntp.org
Mon Dec 14 15:01:15 UTC 2009


Gellatly, Anna wrote:
> Hello all -
> 
>  
> 
> I am recompiling ntp with a FIPS compliant openssl. 
> 

Can you provide a reference to the FIPS compliance information and where
you got this version of openssl. I've never heard of a FIPS compliant
openssl.

> I have compiled and installed the fips compliant openssl to
> /tmp/openssl.
> 
> I have checked out ntp version 4.2.4p7-1
> 

Please upgrade to either 4.2.4p8 or get the new stable release 4.2.6.
There's a security bug fix in those versions.

>  
> 
> I have configured/installed ntp in the following fashion
> 
> bootstrap
> 
> configure -with-openssl-libdir=/tmp/openssl/usr/local/ssl/fips/lib
> -with-openssl-incdir=/tmp/openssl/usr/local/ssl/fips/include/openssl
> 
> make
> 
> make intsll prefix=/tmp/ntp
> 
>  
> 
> I have packaged what was placed in /tmp/ntp and installed it on a system
> with the fips compliant openssl installed
> 
>  
> 
> When I launch ntpd with the following command line
> 
> /usr/sbin/ntpd -c /etc/ntp.conf.vmware -u ntp:ntp -p /var/run/ntpd.pid
> 
>  
> 
> The ntpd.pid file is created but the process does not launch (the pid in
> the .pid file does not exist when running ps -ef | grep ntp).
> 

Are you sure no other version of ntpd is running? Are you launching this
with privileges? What does the syslog say? What O/S and version are you
running?

>  
> 
> Is there a place I can look to find out what might be happening?

The first place to look is the syslog.

Danny

> Thanks,
> 
> Anna.

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the questions mailing list