Antonio, "Antonio M. Moreiras" writes: > We were using autokey at our public ntp servers(1) since 2011. We are > now in the middle of a process to deactivate it, since 4.2.8 is broken > (we could not make autokey work with 4.2.8 on Linux, it seems to be some > issue related to the version 1.0.x of openssl). > > Probably we will let it deactivated. Maybe we are going back to > symmetric keys (at least between the servers), even if the issue is > fixed. We fostered our users to try and adopt autokey, but it seems > there was no interest in the feature. > > []s > Moreiras. > > [1] {a,b,c,a.st1,b.st1,c.st1,d.st1,gps}.ntp.br
Thanks for the info. I wasn't aware of any new problems with autokey in 4.2.8 and Martin Burnicki tested a number of cases - all worked for him. Unless we find real interest in fixing some known issues with autokey, I think the best thing to do is what you describe - stop using it. We expect to have Network Time Security (the IETF specification) up and running in the next 6 months' time (more or less), and that should be a much better solution. H -- > On 15/01/15 00h06m, Harlan Stenn wrote: > > I'm trying to figure out if anybody is actively using autokey, in a > > production deployment. > > > > If you are, please let me know - I have some questions for you. > > > _______________________________________________ > questions mailing list > questions@lists.ntp.org > http://lists.ntp.org/listinfo/questions > _______________________________________________ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions