[ntp:questions] Unable to initialize .rnd file

Danny Mayer mayer at gis.net
Wed Aug 10 18:08:17 UTC 2005


derek.flake at bell.ca wrote:
> Hello, 
> 
>  
> 
> I'm getting the following error in Event Viewer each time I restart the
> NTP Daemon Service.  "Unable to initialize .rnd file."
> 
> Other than this error, the service seems to run fine.
> 

I forgot about this one. This is due to OpenSSL needing this file and 
the way it looks for where to find it. I documented here:
http://www.eecis.udel.edu/~mills/ntp/html/hints/winnt.html

I suggest you create an System Environmental Variable called RANDFILE
and give a a full path name and file name to a directory in which the 
process can write, eg C:\ntp\etc\.rnd and then restart ntpd. If ntpd is 
the name of the account then it needs write permission on the C:\ntp\etc 
folder if you use the example I gave above.

>  
> 
> Also note, however, that the line "restrict 127.0.0.1" is necessary for
> NTPQ -P to work, otherwise it gives an error saying it "timed out" at
> this IP.  To my knowledge, this is not normal behaviour, can anyone
> explain why the NTPQ -P command times out without unrestricting the loop
> back IP?  Would it be better to use "restrict default ignore" rather
> than the line used below?
> 
>  

Currently there are no defaults for allowing or denying any ip addresses 
so if you deny all it also deny 127.0.0.1 as well. You have to 
specifically allow it after denying all.

Danny
> 
> Thanks in advance!
> 
> \\Derek
> 
>  
> 
> Here is a copy of my ntp.conf file:
> 
> # Restrictions
> 
> restrict default kod nomodify notrap noquery nopeer
> 
> restrict 127.127.1.1
> 
> restrict 127.0.0.1
> 
> restrict 10.x.x.gps   mask 255.255.255.255 nomodify notrap noquery
> 
> # We will permit other clients to synchronize with this server, 
> 
> # but not allow these clients to modify the config or act as peers.
> 
> restrict 10.x.x.x    mask 255.255.192.0 nomodify notrap
> 



More information about the questions mailing list