<div dir="ltr"><div dir="ltr"><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Mar 22, 2019 at 7:24 AM Gary E. Miller via devel <<a href="mailto:devel@ntpsec.org">devel@ntpsec.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">> I have been lurking and trying to set up NTS to talk to the <a href="http://rellim.com" rel="noreferrer" target="_blank">rellim.com</a><br>
> servers. This is a recent git head.<br>
<br>
Cool.<br></blockquote><div><br></div><div>I just did a git pull and rebuilt.<br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
> My ntp.conf snippet:<br>
> <br>
> nts enable<br>
> nts cert /etc/letsencrypt/live/<a href="http://ntpmon.dcs1.biz/fullchain.pem" rel="noreferrer" target="_blank">ntpmon.dcs1.biz/fullchain.pem</a><br>
> nts key /etc/letsencrypt/live/<a href="http://ntpmon.dcs1.biz/privkey.pem" rel="noreferrer" target="_blank">ntpmon.dcs1.biz/privkey.pem</a><br>
> server <a href="http://pi3.rellim.com" rel="noreferrer" target="_blank">pi3.rellim.com</a> nts<br>
> server <a href="http://kong.rellim.com" rel="noreferrer" target="_blank">kong.rellim.com</a> nts<br>
<br>
Looks good. What is your server so I can try to connect back?<br></blockquote><div><br></div><div>My server is <a href="http://ntpmon.dcs1.biz">ntpmon.dcs1.biz</a> . It is in the pool, BTW.<br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
> Been runnig for a few hours now. ntpq -pn output:<br>
> <a href="http://pi3.rellim.com" rel="noreferrer" target="_blank">pi3.rellim.com</a> .NTS. 16 u - 1024 0 0.0000 0.0000 0.0005<br>
> <a href="http://kong.rellim.com" rel="noreferrer" target="_blank">kong.rellim.com</a> .NTS. 16 u -1024 0 0.0000 0.0000 0.0005<br>
<br>
Odd, you are not even getting the cookies.<br>
<br>
> And the log is here: <a href="https://pastebin.com/fM9uDwVi" rel="noreferrer" target="_blank">https://pastebin.com/fM9uDwVi</a><br>
<br>
Weird:<br>
<br>
2019-03-22T03:56:32 ntpd[21039]: NTSc: nts_probe: DNS error trying to contact <a href="http://pi3.rellim.com" rel="noreferrer" target="_blank">pi3.rellim.com</a>: -8, Servname not supported for ai_socktype<br>
<br>
<br>
What version of OpenSSL do you have? I'm finding that matters.<br></blockquote><div><br></div><div><span style="font-family:monospace,monospace">root@ntpmon:~/ntpsec# openssl version -a<br>OpenSSL 1.1.1a 20 Nov 2018<br>built on: Thu Nov 22 18:40:54 2018 UTC<br>platform: debian-i386<br>options: bn(64,32) rc4(1x,char) des(long) blowfish(ptr)<br>compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-5z4Qxa/openssl-1.1.1a=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2<br>OPENSSLDIR: "/usr/lib/ssl"<br>ENGINESDIR: "/usr/lib/i386-linux-gnu/engines-1.1"<br>Seeding source: os-specific<br></span><br></div><div>This is debian/testing, up to date.</div></div><div class="gmail_quote"><br></div><div class="gmail_quote">Thanks,<br></div><div class="gmail_quote">--</div><div class="gmail_quote">Sanjeev<br></div></div></div>