[ntp:security] [Non-DoD Source] Re: Problems with new ntpd

Prillaman, Jeffrey jeffrey.prillaman at usno.navy.mil
Fri Apr 22 19:43:26 UTC 2016

The bytes themselves aren't always zero, just the leading byte in the "Key ID" spot has always been zero. They're not a response packets from what I can tell.

From: Harlan Stenn [stenn at nwtime.org]
Sent: Friday, April 22, 2016 13:57
To: Prillaman, Jeffrey
Cc: sgraves at nwtime.org; security at ntp.org
Subject: Re: [Non-DoD Source] Re: Problems with new ntpd

4 bytes of 0 at the end of the packet is a crypto-NAK, meaning "the packet you sent me that I'm responding to failed its auth check".

Sent from my iPhone - please excuse brevity and typos

> On Apr 21, 2016, at 12:42 PM, Prillaman, Jeffrey <jeffrey.prillaman at usno.navy.mil> wrote:
> Hi Sue,
> It's the latest stable, 4.2.8p7, that was uploaded today to http://people.ntp.org/stenn/private/bark/.
> The daemon is incurring errors on an incoming packet containing an extra 4 bytes. What would be the "Key ID" in the MAC is zero in these packets.
> Jeff
> ________________________________________
> From: Sue Graves [sgraves at nwtime.org]
> Sent: Thursday, April 21, 2016 13:59
> To: Prillaman, Jeffrey; Harlan Stenn; security at ntp.org
> Subject: [Non-DoD Source] Re: Problems with new ntpd
> Hi Jeff,
> Which patch did you download, I know Harlan fixed a couple of things and
> uploaded a new one yesterday. Best to use security at ntp.org for reporting
> until the public release.
> Thanks
> Sue
> On 4/21/2016 10:48 AM, Prillaman, Jeffrey wrote:

More information about the security mailing list