Steve, The ntpkey_IFF_ file contains both the server and client keys; the ntpkey_IFFkey_ contains only the client key. Be sure to copy the correct one.
Dave Steve Kostecke wrote: > On 2007-05-07, Vladimir Smotlacha <[EMAIL PROTECTED]> wrote: > > >>I setup up an IFF identity scheme at my labs NTP server and client. >>I did it exactly according to available documentation and it worked O.K. >>However, I tried it once more with new keys and certficates but without >>copying IFF parameters to the client (i.e. the client did not know IFF >>parameters). I expected that the authentication fails but it was >>successful again. > > > The Trusted Certificate (TC) Identity Scheme was being used because you > generated trusted host parameters (with '-T') on the server, > > >>It seems that the client acts the same way as in previous case. > > > Because the authentication was successful. > > >>Should there be observed a difference in client behavior in both >>cases? > > > The only difference that you will see is in the flags for that > association on the client end. > > >>What profit has client from knowledge of the IFF params and key? > > > I'll let someone else answer that. > _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
