Patrice Renard wrote: > Dear Richard, > > I received yesterday a mail with a possible solution to configure Autokey > with the NTP version 4.2.0b (see > http://ntp.isc.org/Support/ConfiguringAutokey). > > But I have some troubles to configure Autokey on my Windows machine. > > When I use the nt-keygen on my test server, it creates 2 files: - > C:\WINDOWS\system32\drivers\etc\ntpkey_cert_wdmcswxp001 > > - C:\WINDOWS\system32\drivers\etc\ntpkey_host_wdmcswxp001 > Use the ntpd service this 2 files to transmit a secure NTP package to the > public time servers? > I generate a crypto file from the website https://ntp.isc.org/crypto.php. The > file size is 0KB and it contains nothing. Is that correct? > > NTP.log file: > 20 Mar 23:39:11 ntpd.exe[4412]: logging to file C:\Program > Files\NTP\etc\ntp.log > 20 Mar 23:39:11 ntpd.exe[4412]: precision = 0.798 usec > 20 Mar 23:39:11 ntpd.exe[4412]: Listening on interface wildcard, 0.0.0.0#123 > Disabled > 20 Mar 23:39:11 ntpd.exe[4412]: Listening on interface IP Interface 1, > 192.168.1.135#123 Enabled > 20 Mar 23:39:11 ntpd.exe[4412]: Listening on interface Loopback Interface 2, > 127.0.0.1#123 Enabled > 20 Mar 23:39:11 ntpd.exe[4412]: frequency initialized 10.211 PPM from > C:\Program Files\NTP\etc\ntp.drift > 20 Mar 23:39:11 ntpd.exe[4412]: frequency initialized 10.211 PPM from > C:\Program Files\NTP\etc\ntp.drift > 20 Mar 23:39:11 ntpd.exe[4412]: crypto_key error:06065064:digital envelope > routines:EVP_DecryptFinal_ex:bad decrypt > 20 Mar 23:39:11 ntpd.exe[4412]: crypto_setup: host key file > ntpkey_host_wdmcswxp001 not found or corrupt 20 Mar 23:39:11 ntpd.exe[4412]: > The Network Time Protocol Service has stopped. > > NTP.conf file: > # NTP Network Time Protocol > # Configuration File created by Windows Binary Distribution Installer Rev.: > 1.16 mbg # please check http://www.ntp.org for additional documentation and > background information crypto pw Cindy33Patrice keysdir > "C:\Windows\System32\Drivers\etc" > > > # Use drift file > driftfile "C:\Program Files\NTP\etc\ntp.drift" > > # your local system clock, should be used as a backup > # (this is only useful if you need to distribute time no matter how good or > bad it is) > #server 127.127.1.0 > # but it operates at a high stratum level to let the clients know and force > them to > # use any other timesource they may have. > #fudge 127.127.1.0 stratum 12 > > # Use a NTP server from the ntp pool project (see http://www.pool.ntp.org) > # Please note that you need at least four different servers to be at least > protected against > # one falseticker. If you only rely on internet time, it is highly > recommended to add > # additional servers here. > # The 'iburst' keyword speeds up initial synchronization, please check the > documentation for more details! > server be.pool.ntp.org autokey > server nl.pool.ntp.org autokey > server fr.pool.ntp.org autokey > > > # End of generated ntp.conf --- Please edit this to suite your needs > > What's wrong with my configuration; Can you help me? > > Greetz, > > Patrice >
You are in an area that I haven't had a chance to get into due to lack of time and other priorities. I don't know of anyone else doing this on Windows yet. Danny _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
