On Fri, Mar 22, 2019 at 7:24 AM Gary E. Miller via devel <[email protected]> wrote:
> > I have been lurking and trying to set up NTS to talk to the rellim.com > > servers. This is a recent git head. > > Cool. > I just did a git pull and rebuilt. > > My ntp.conf snippet: > > > > nts enable > > nts cert /etc/letsencrypt/live/ntpmon.dcs1.biz/fullchain.pem > > nts key /etc/letsencrypt/live/ntpmon.dcs1.biz/privkey.pem > > server pi3.rellim.com nts > > server kong.rellim.com nts > > Looks good. What is your server so I can try to connect back? > My server is ntpmon.dcs1.biz . It is in the pool, BTW. > Been runnig for a few hours now. ntpq -pn output: > > pi3.rellim.com .NTS. 16 u - 1024 0 0.0000 0.0000 0.0005 > > kong.rellim.com .NTS. 16 u -1024 0 0.0000 0.0000 0.0005 > > Odd, you are not even getting the cookies. > > > And the log is here: https://pastebin.com/fM9uDwVi > > Weird: > > 2019-03-22T03:56:32 ntpd[21039]: NTSc: nts_probe: DNS error trying to > contact pi3.rellim.com: -8, Servname not supported for ai_socktype > > > What version of OpenSSL do you have? I'm finding that matters. > root@ntpmon:~/ntpsec# openssl version -a OpenSSL 1.1.1a 20 Nov 2018 built on: Thu Nov 22 18:40:54 2018 UTC platform: debian-i386 options: bn(64,32) rc4(1x,char) des(long) blowfish(ptr) compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-5z4Qxa/openssl-1.1.1a=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2 OPENSSLDIR: "/usr/lib/ssl" ENGINESDIR: "/usr/lib/i386-linux-gnu/engines-1.1" Seeding source: os-specific This is debian/testing, up to date. Thanks, -- Sanjeev
_______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
