[ntp:questions] Autokey sequence error

Martin.Gerdes at directbox.com Martin.Gerdes at directbox.com
Fri Mar 11 10:13:51 UTC 2011

Thank you for your answer. Yes, that was something I considered. However, there is no newer Version in lenny-backports, and I have shied away from building it myself (additional error potential and all that.)
Anyway, I just found my "mistake":

In my client config I had the lines:
keysdir /etc/ntp
crypto pw none
crypto ident iff

(sorry about forgetting to post them the first time around)
Which ntp swallowed without complaining.
However, it does not work.
I redid my commands this Morning (emtied /etc/ntp, and continued from there), but did on the client "ln -s ntpkey_iff_server ntpkey_iff_client" instead of the line "crypto ident iff". Lo and behold: It works!
No idea whether this behaviour still exists in version 4.2.6, but for anyone working with the lenny version:
Do NOT use the "crypto ident iff" line instead of the symlink. It may look neater, but its buggy.

Now i just get a flash value of 0x0400 as reason that he refuses to take the time (means "distance threshold exceeded").
I am going to assume that this is just ntp complaining that the time source is too laggy.
Which is logical, given that server and client are running on the same vmware server (->context switches needed).
Lets deploy to physical systems, and see whether it works. :-)

Thank you for your help!

-------- directBOX Reply ---------------
From: david-taylor at blueyonder.co.uk.invalid
To  : questions at lists.ntp.org
Date: 11.03.2011 10:15:20

> Versions: System is debian Lenny, ntp is version 
> '1:4.2.4p4+dfsg-8lenny3'
> I've followed the rabbit hole as far as I can. Can someone point me in 
> the right direction from here?

Martin, I don't know whether it will help, but the current stable version 
of NTP is now 4.2.6p3, form:


Perhaps there is a bug fix - it might be worth checking.


questions mailing list
questions at lists.ntp.org

More information about the questions mailing list