[ntp:questions] NTP Autokey - who is actively using it?
martin.burnicki at meinberg.de
Mon Jan 19 13:41:15 UTC 2015
Antonio M. Moreiras schrieb:
> We were using autokey at our public ntp servers(1) since 2011. We are
> now in the middle of a process to deactivate it, since 4.2.8 is broken
> (we could not make autokey work with 4.2.8 on Linux, it seems to be some
> issue related to the version 1.0.x of openssl).
Which NTP version have you been using before?
There has been a bug which could be the reason for the problem:
Bug 1243 - MD5auth_setkey zero-fills key from first zero octet
This has been fixed before 4.2.6, but unfortunately the fix break
compatibilty between versions of ntpd which have it and versions which
don't. See comment #22:
In 4.2.6 and newer there is a configuration option which can be used to
force the old behavior:
--enable-bug1243-fix + use unmodified autokey session keys
So this may also depend on how the earlier versions of ntpd have been built.
More information about the questions