Antonio,
"Antonio M. Moreiras" writes:
> We were using autokey at our public ntp servers(1) since 2011. We are
> now in the middle of a process to deactivate it, since 4.2.8 is broken
> (we could not make autokey work with 4.2.8 on Linux, it seems to be some
> issue related to the version 1.0.x of openssl).
>
> Probably we will let it deactivated. Maybe we are going back to
> symmetric keys (at least between the servers), even if the issue is
> fixed. We fostered our users to try and adopt autokey, but it seems
> there was no interest in the feature.
>
> []s
> Moreiras.
>
> [1] {a,b,c,a.st1,b.st1,c.st1,d.st1,gps}.ntp.br
Thanks for the info. I wasn't aware of any new problems with autokey in
4.2.8 and Martin Burnicki tested a number of cases - all worked for him.
Unless we find real interest in fixing some known issues with autokey, I
think the best thing to do is what you describe - stop using it. We
expect to have Network Time Security (the IETF specification) up and
running in the next 6 months' time (more or less), and that should be a
much better solution.
H
--
> On 15/01/15 00h06m, Harlan Stenn wrote:
> > I'm trying to figure out if anybody is actively using autokey, in a
> > production deployment.
> >
> > If you are, please let me know - I have some questions for you.
> >
> _______________________________________________
> questions mailing list
> questions@lists.ntp.org
> http://lists.ntp.org/listinfo/questions
>
_______________________________________________
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions
