Hi I know how to make the stdout redirection. My point is, that what ntp-keygen in development version 4.2.4p179 produces to the stdout is not the public crypto values needed for client in IFF scheme. Actually there is no difference in the output text when using or not using '-e' option.
thank you for your suggestions, best regards, Grzegorz Daniluk David Mills wrote: > Grzegorz , > > Please review your Unix documentation on how to redirect standare outpu. > I see no ">" character on your command line. Also, including both a -e > and -q option on the same command line would lead to a most confusing > redirected file. > > Dave > > Grzegorz Daniluk wrote: > > >> Hi, >> Thank you David for your patience and answers. I understand what you >> wrote. However, maybe once again, here is the full procedure I'm using >> to generate those parameters for IFF scheme (with full output that >> ntp-keygen gives to me): >> >> >> [grzeg...@rocket ~/keys]$ ntp-keygen -T -I -p serverpasswd -s hostname >> Using OpenSSL version 90705f >> Using host hostname group hostname >> Generating RSA keys (512 bits)... >> RSA 0 4 9 1 11 24 3 1 2 >> Generating new host file and link >> ntpkey_host_hostname->ntpkey_RSAhost_hostname.3452396802 >> Using host key as sign key >> Generating IFF keys (256 bits)... >> IFF 0 31 140 1 49 135 2 1 2 3 1 4 >> Confirm g^(q - b) g^b = 1 mod p: yes >> Confirm g^k = g^(k + b r) g^(q - b) r: yes >> Generating new iffkey file and link >> ntpkey_iffkey_hostname->ntpkey_IFFkey_hostname.3452396802 >> Generating new certificate hostname RSA-MD5 >> X509v3 Basic Constraints: critical,CA:TRUE >> X509v3 Key Usage: digitalSignature,keyCertSign >> X509v3 Extended Key Usage: trustRoot >> Generating new cert file and link >> ntpkey_cert_hostname->ntpkey_RSA-MD5cert_hostname.3452396802 >> >> >> [grzeg...@rocket ~/keys]$ ls >> ntpkey_IFFkey_hostname.3452396802 ntpkey_cert_hostname >> ntpkey_RSA-MD5cert_hostname.3452396802 ntpkey_host_hostname >> ntpkey_RSAhost_hostname.3452396802 ntpkey_iffkey_hostname >> >> >> [grzeg...@rocket ~/keys]$ ntp-keygen -e -q serverpasswd -p clientpasswd >> Using OpenSSL version 90705f >> Using host rocket group rocket >> Generating RSA keys (512 bits)... >> RSA 0 0 209 1 11 24 3 1 2 >> Generating new host file and link >> ntpkey_host_rocket->ntpkey_RSAhost_rocket.3452396816 >> Using host key as sign key >> >> >> [grzeg...@rocket ~/keys]$ ls >> ntpkey_IFFkey_hostname.3452396802 ntpkey_cert_hostname >> ntpkey_RSA-MD5cert_hostname.3452396802 ntpkey_host_hostname >> ntpkey_RSAhost_hostname.3452396802 ntpkey_host_rocket >> ntpkey_RSAhost_rocket.3452396816 ntpkey_iffkey_hostname >> >> >> my problem is that even if I would redirect the result of ntp-keygen -e >> to the file it still does not look like exported IFF crypto parameters. >> As it says (and if I understand correctly) ntp-keygen generates here new >> host key for my machine 'rocket' instead of exporting IFF public values. >> This result is exactly the same as if I would remove generated keys and run: >> %ntp-keygen -q serverpasswd -p clientpasswd >> so without '-e' parameter. >> >> thank you very much for your advise, >> best regards, >> Grzegorz Daniluk >> >> >> >> _______________________________________________ >> questions mailing list >> [email protected] >> https://lists.ntp.org/mailman/listinfo/questions >> >> >> > > _______________________________________________ > questions mailing list > [email protected] > https://lists.ntp.org/mailman/listinfo/questions > > _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
