Hello Dave, Looking back into this, I looked at the source code of ntp-keygen and at the same time playing with the command line arguments of openssl.
Is it right to say that ntp-keygen was created as a convenient tool and everything it can do has an equivalent openssl command? For example to create a host key, $ ntp-keygen -H -p pass is the same with $ openssl req -newkey rsa:512 -md5 -x509 -days 365 -keyout ntpkey... something blah blah (I haven't really figured out yet the exact arguments) I am currently weighing the benefits of just using ntp-keygen entirely or use our existing infrastructure that executes the openssl command to create public/private keys. Thanks. Victor --- On Sat, 5/9/09, David Mills <[email protected]> wrote: > From: David Mills <[email protected]> > Subject: Re: [ntp:questions] ntp-keygen and openssl > To: [email protected] > Date: Saturday, May 9, 2009, 7:50 AM > Victor, > > Look in the ntp-geygen source file. See the gen_iff() > routine. Look in > the ntp_crypto.c file for the crypto_alice(), crypto_bob() > and > crypto_iff() routines. > > Dave > > Victor Jesus Angus wrote: > > >If on the NTP client only host, there is no ntp-keygen > but openssl is available, what are the equivalent openssl > commands to generate certificates with the Schnorr (IFF) > scheme? > > > >Thanks. > > > >Victor > > > > > > > >_______________________________________________ > >questions mailing list > >[email protected] > >https://lists.ntp.org/mailman/listinfo/questions > > > > > > _______________________________________________ > questions mailing list > [email protected] > https://lists.ntp.org/mailman/listinfo/questions > _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
