Grzegorz, I am using here exactly what I told you. You did not provide evidence you use the > redirect function to produce the paramters file. I have nothing more to tell you. I am done with this mission. You should ask for help elsewhere.
Dave Grzegorz Daniluk wrote: >This problem I have with ntp-4.2.5p179. > >best regards, >Grzegorz > >Grzegorz Daniluk wrote: > > >>Hi, >>Thank you David for your patience and answers. I understand what you >>wrote. However, maybe once again, here is the full procedure I'm using >>to generate those parameters for IFF scheme (with full output that >>ntp-keygen gives to me): >> >> >>[grzeg...@rocket ~/keys]$ ntp-keygen -T -I -p serverpasswd -s hostname >>Using OpenSSL version 90705f >>Using host hostname group hostname >>Generating RSA keys (512 bits)... >>RSA 0 4 9 1 11 24 3 1 2 >>Generating new host file and link >>ntpkey_host_hostname->ntpkey_RSAhost_hostname.3452396802 >>Using host key as sign key >>Generating IFF keys (256 bits)... >>IFF 0 31 140 1 49 135 2 1 2 3 1 4 >>Confirm g^(q - b) g^b = 1 mod p: yes >>Confirm g^k = g^(k + b r) g^(q - b) r: yes >>Generating new iffkey file and link >>ntpkey_iffkey_hostname->ntpkey_IFFkey_hostname.3452396802 >>Generating new certificate hostname RSA-MD5 >>X509v3 Basic Constraints: critical,CA:TRUE >>X509v3 Key Usage: digitalSignature,keyCertSign >>X509v3 Extended Key Usage: trustRoot >>Generating new cert file and link >>ntpkey_cert_hostname->ntpkey_RSA-MD5cert_hostname.3452396802 >> >> >>[grzeg...@rocket ~/keys]$ ls >>ntpkey_IFFkey_hostname.3452396802 ntpkey_cert_hostname >>ntpkey_RSA-MD5cert_hostname.3452396802 ntpkey_host_hostname >>ntpkey_RSAhost_hostname.3452396802 ntpkey_iffkey_hostname >> >> >>[grzeg...@rocket ~/keys]$ ntp-keygen -e -q serverpasswd -p clientpasswd >>Using OpenSSL version 90705f >>Using host rocket group rocket >>Generating RSA keys (512 bits)... >>RSA 0 0 209 1 11 24 3 1 2 >>Generating new host file and link >>ntpkey_host_rocket->ntpkey_RSAhost_rocket.3452396816 >>Using host key as sign key >> >> >>[grzeg...@rocket ~/keys]$ ls >>ntpkey_IFFkey_hostname.3452396802 ntpkey_cert_hostname >>ntpkey_RSA-MD5cert_hostname.3452396802 ntpkey_host_hostname >>ntpkey_RSAhost_hostname.3452396802 ntpkey_host_rocket >>ntpkey_RSAhost_rocket.3452396816 ntpkey_iffkey_hostname >> >> >>my problem is that even if I would redirect the result of ntp-keygen -e >>to the file it still does not look like exported IFF crypto parameters. >>As it says (and if I understand correctly) ntp-keygen generates here new >>host key for my machine 'rocket' instead of exporting IFF public values. >>This result is exactly the same as if I would remove generated keys and run: >>%ntp-keygen -q serverpasswd -p clientpasswd >>so without '-e' parameter. >> >>thank you very much for your advise, >>best regards, >>Grzegorz Daniluk >> >> >>David Mills wrote: >> >> >> >>>Grzegorz, >>> >>>I think this has been said before: Autokey does not work properly in the >>>current release version.That version includes a mongrel of old and new >>>files that are mutually incompatible. Autokey works only in the >>>development version, at least until the release version catches up. >>> >>>Dave >>>_______________________________________________ >>>questions mailing list >>>[email protected] >>>https://lists.ntp.org/mailman/listinfo/questions >>> >>> >>> >>> >>> >>_______________________________________________ >>questions mailing list >>[email protected] >>https://lists.ntp.org/mailman/listinfo/questions >> >> >> >> > >_______________________________________________ >questions mailing list >[email protected] >https://lists.ntp.org/mailman/listinfo/questions > > _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
