[ntp:questions] Re: symmetric-active mode (peer) and autokey

Peter Pramberger peter.pramberger at 1012surf.net
Mon Feb 6 17:51:47 UTC 2006


Steve,

is your "test system" still operational? Can you try putting the current
leapfile on both hosts and tell me the result?


Thanks,
Peter


Steve Kostecke schrieb:

> On 2006-02-01, Peter Pramberger <peter.pramberger at 1012surf.net> wrote:
> 
> 
>>Anyone else running autokey successfully with symmetric-active mode?
> 
> 
> I just brought up one of those associations between two of my systems.
> 
> Both peers were configured with identical crypto passwords to keep
> things simple. Here's the steps I used on EACH peer:
> 
> 1. Starting with an empty keysdir
> 
> 2. Generate trusted host parameters and IFF parameters:
> 
> 	ntp-keygen -T -I -p password
> 
> 3. Export the IFFkey:
> 
> 	ntp-keygen -e -q password -p password
> 
> 4. Paste the IFFkey text into an editor, save the file and create the
> symlink on the other peer (via an ssh session).
> 
> 5. Add 'peer the.other.peer autokey' in the ntp.conf on each peer
> along with the 'crypto pw' and 'keysdir' lines.
> 
> 6. Restart both ntpds and wait a bit.
> 
> Versions:
> 
> Peer #1:
> version="ntpd 4.2.0a at 1:4.2.0a+stable-2-r Fri Aug 26 10:30:12 UTC 2005 (1)"?,
> 
> Peer #2:
> version="ntpd 4.2.0a at 1:4.2.0a+stable-2-r Sun Jan  9 16:13:27 CET 2005 (1)"?,




More information about the questions mailing list