[ntp:questions] Symmetric Key samples

E-Mail Sent to this address will be added to the BlackLists Null at BlackList.Anitech-Systems.invalid
Mon Feb 11 23:00:40 UTC 2013


yzgwfyrl at gmail.com wrote:
Joe Smithian wrote:
>> Hi, I've defined the following symmetric keys in my NTP
>>  client and serve but they didn't work.
>> I defined them based on my understanding of the ntp key
>>  man page which doesn't have sample keys.
>> 1 A passA1
>> 2 N 0xC7D3C7D3C7D3C7D3
>> 3 S 0xD7DAD7DAD7DAD7DA
>> 4 S 0xd5b5cdd9dcfec1f1
>> NTP Associations Status:
>>  ind assid status conf reach auth  condition last_event cnt
>>    1 21670  963a   yes  yes  none  sys.peer   sys_peer   3
>>    2 21671  c02c   yes  *no  bad * reject                2
> I'd appreciate it if some one can post sample of A,M,N and S keys
>
>  I have question. it seems you have already pass md5 and sha1 test.
>  Would you tell me these lines below you added directly into
>  ntp.keys or you use ntp-keygen -M to generate?
>> 1 A   passA1
>> 2 N   0xC7D3C7D3C7D3C7D3
>> 3 S   0xD7DAD7DAD7DAD7DA
>> 4 S   0xd5b5cdd9dcfec1f1

<http://www.eecis.udel.edu/~mills/ntp/html/keygen.html>
<http://www.eecis.udel.edu/~mills/ntp/html/authentic.html>
 Figure 1. Typical Symmetric Key File


Is there a trustedkey line in the ntp.conf ?


Matching keys on the other end ?
 and also on the trustedkey line at the other end ?


I remember there being issues circa Fed 2011 ?
 with using old versions of OPENSSL openssl-0.9.8 ?
 with current NTP 4.2.7p1xx or later and 4.2.6p4 or later ?
 that needed to be upgraded to openssl-1.0+;
  although I think it may have been related to just windows libeay32.dll ?


See Also: 16 vs 20 byte keys thread
<https://groups.google.com/group/comp.protocols.time.ntp/browse_thread/thread/e02d22106a25988e>

-- 
E-Mail Sent to this address <BlackList at Anitech-Systems.com>
  will be added to the BlackLists.



More information about the questions mailing list