Subject: Re: Serious problems with ntpd authentication in 1.5
To: Alexis Rosen <alexis@panix.com>
From: Simon Burge <simonb@wasabisystems.com>
List: current-users
Date: 08/29/2000 20:34:44
Alexis Rosen wrote:

> [CC: simonb@netbsd.org]
> 
> I am having major problems with ntpd in 1.5, from 07/25/00. I did some
> research by looking in the archives of this list and found what appears
> to be the beginning of an answer in messages from Simon Burge and others,
> but I don't think this issue is even close to settled. Before I open a PR
> I'd like to know what others think, and if anyone knows offhand what
> exactly is happening with authentication at the moment.
> 
> Apparently, ntpd 4.x comes with DES support disabled by default, and this
> configuration is maintained within NetBSD. I suggest that this is a very
> bad decision; people using DES authentication will find that their timeservers
> are broken once they upgrade, and they're unlikely to discover the cause
> without serious headaches. (Yes, despite the syslog message about the bad
> key.)

The DES code is not going to be maintained by the NTP people anymore,
and they are actively pushing people towards MD5.

> Whatever is decided about compiling in DES, I bit the bullet and decided to
> convert from DES to MD5. And I've run into some problems.

I believe that ntp-4.0.99k solves a few authentication problems - if I
put together some patches will you be able to test it?

Simon.
--
Simon Burge                            <simonb@wasabisystems.com>
NetBSD Sales, Support and Service:  http://www.wasabisystems.com/