[ntp:questions] NTP Autokey - who is actively using it?

Martin Burnicki martin.burnicki at meinberg.de
Mon Jan 19 13:41:15 UTC 2015

Antonio M. Moreiras schrieb:
> We were using autokey at our public ntp servers(1) since 2011. We are
> now in the middle of a process to deactivate it, since 4.2.8 is broken
> (we could not make autokey work with 4.2.8 on Linux, it seems to be some
> issue related to the version 1.0.x of openssl).

Which NTP version have you been using before?

There has been a bug which could be the reason for the problem:

Bug 1243 - MD5auth_setkey zero-fills key from first zero octet

This has been fixed before 4.2.6, but unfortunately the fix break 
compatibilty between versions of ntpd which have it and versions which 
don't. See comment #22:

In 4.2.6 and newer there is a configuration option which can be used to 
force the old behavior:

   --enable-bug1243-fix    + use unmodified autokey session keys

So this may also depend on how the earlier versions of ntpd have been built.

Martin Burnicki

Meinberg Funkuhren
Bad Pyrmont

More information about the questions mailing list