Grzegorz , Please review your Unix documentation on how to redirect standare outpu. I see no ">" character on your command line. Also, including both a -e and -q option on the same command line would lead to a most confusing redirected file.
Dave Grzegorz Daniluk wrote: >Hi, >Thank you David for your patience and answers. I understand what you >wrote. However, maybe once again, here is the full procedure I'm using >to generate those parameters for IFF scheme (with full output that >ntp-keygen gives to me): > > >[grzeg...@rocket ~/keys]$ ntp-keygen -T -I -p serverpasswd -s hostname >Using OpenSSL version 90705f >Using host hostname group hostname >Generating RSA keys (512 bits)... >RSA 0 4 9 1 11 24 3 1 2 >Generating new host file and link >ntpkey_host_hostname->ntpkey_RSAhost_hostname.3452396802 >Using host key as sign key >Generating IFF keys (256 bits)... >IFF 0 31 140 1 49 135 2 1 2 3 1 4 >Confirm g^(q - b) g^b = 1 mod p: yes >Confirm g^k = g^(k + b r) g^(q - b) r: yes >Generating new iffkey file and link >ntpkey_iffkey_hostname->ntpkey_IFFkey_hostname.3452396802 >Generating new certificate hostname RSA-MD5 >X509v3 Basic Constraints: critical,CA:TRUE >X509v3 Key Usage: digitalSignature,keyCertSign >X509v3 Extended Key Usage: trustRoot >Generating new cert file and link >ntpkey_cert_hostname->ntpkey_RSA-MD5cert_hostname.3452396802 > > >[grzeg...@rocket ~/keys]$ ls >ntpkey_IFFkey_hostname.3452396802 ntpkey_cert_hostname >ntpkey_RSA-MD5cert_hostname.3452396802 ntpkey_host_hostname >ntpkey_RSAhost_hostname.3452396802 ntpkey_iffkey_hostname > > >[grzeg...@rocket ~/keys]$ ntp-keygen -e -q serverpasswd -p clientpasswd >Using OpenSSL version 90705f >Using host rocket group rocket >Generating RSA keys (512 bits)... >RSA 0 0 209 1 11 24 3 1 2 >Generating new host file and link >ntpkey_host_rocket->ntpkey_RSAhost_rocket.3452396816 >Using host key as sign key > > >[grzeg...@rocket ~/keys]$ ls >ntpkey_IFFkey_hostname.3452396802 ntpkey_cert_hostname >ntpkey_RSA-MD5cert_hostname.3452396802 ntpkey_host_hostname >ntpkey_RSAhost_hostname.3452396802 ntpkey_host_rocket >ntpkey_RSAhost_rocket.3452396816 ntpkey_iffkey_hostname > > >my problem is that even if I would redirect the result of ntp-keygen -e >to the file it still does not look like exported IFF crypto parameters. >As it says (and if I understand correctly) ntp-keygen generates here new >host key for my machine 'rocket' instead of exporting IFF public values. >This result is exactly the same as if I would remove generated keys and run: >%ntp-keygen -q serverpasswd -p clientpasswd >so without '-e' parameter. > >thank you very much for your advise, >best regards, >Grzegorz Daniluk > > >David Mills wrote: > > >>Grzegorz, >> >>I think this has been said before: Autokey does not work properly in the >>current release version.That version includes a mongrel of old and new >>files that are mutually incompatible. Autokey works only in the >>development version, at least until the release version catches up. >> >>Dave >>_______________________________________________ >>questions mailing list >>[email protected] >>https://lists.ntp.org/mailman/listinfo/questions >> >> >> >> > >_______________________________________________ >questions mailing list >[email protected] >https://lists.ntp.org/mailman/listinfo/questions > > _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
