On Tue, 09 Oct 2007 21:32:02 -0400, Rob wrote:

> When I reboot, my ntpd server now crashes. Here is the ntp.log:
>
> 9 Oct 21:16:13 ntpd[3800]: crypto_setup: random seed file //.rnd not found
>
> 9 Oct 21:16:14 ntpd[3810]: crypto_setup: random seed file //.rnd not found
>
> But if I try to startup the server via xterm, ntpd will run.
>
> I do have a /dev/urandom file.
> I have also used openssl to generate certificates etc.
> (Doesn't that mean I have a random seed file?)
>
> So why am I getting this error?
> Do I need to somehow create .rnd file via openssl?
> or maybe I need to create a symlink to /dev/urandom etc?
>

I also have /root/.rnd on my host computer.

Does anyone know what is going on?

Rob

On 2007-10-10, Rob wrote:
> On Tue, 09 Oct 2007 21:32:02 -0400, Rob wrote:
>
>> When I reboot, my ntpd server now crashes. Here is the ntp.log:
>>
>> 9 Oct 21:16:13 ntpd[3800]: crypto_setup: random seed file //.rnd not found

//.rnd would be in your /

I have found it helpful to specify the location of the randfile:

crypto randfile /dev/urandom

>> But if I try to startup the server via xterm, ntpd will run.

Probably because /root/.rnd is being used in this case instead of //.rnd

--
Steve Kostecke
NTP Public Services Project - http://support.ntp.org/

Rob,

Which version of NTP are you running? I had the same problem
with ntp-dev-4.2.5p71 and several subsequent versions. The
problem is fixed in version ntp-dev-4.2.5p80; alternatively,
a workaround is to configure ntp with the option

--without-crypto

See https://support.ntp.org/bugs/show_bug.cgi?id=893 for
details.

Paul

On Wed, 10 Oct 2007 02:35:58 +0000, Steve Kostecke wrote:

>
> I have found it helpful to specify the location of the randfile:
>
> crypto randfile /dev/urandom
>

Thanks Steve. That fixed it. I used "crypto randfile /root/.rnd pw
mysecretpassword" in my ntpd.conf file.

But according to the docs, I should not need to do that. I do not have
RANDFILE defined. According to the docs at
http://www.eecis.udel.edu/~mills/ntp...ygen.html#rand , ntpd should
look at /root/.rnd for the random file if RANDFILE is not defined.

It looks like a bug to me. But it is easy to get around.

Rob

On Wed, 10 Oct 2007 08:19:00 -0400, Rob wrote:


>
> It looks like a bug to me. But it is easy to get around.
>

I am running ntp 4.2.4p4 - the stable version.

I have filed a bug report.
See http://support.bugs.org/bugs/show_bug.cgi?id=936

It looks like a bug in EITHER ntpd or in the docs.
I see there is another bug report with respect to the development version.
It looks like the same bug exists in the stable version too.

Rob

Steve Kostecke writes:

> On 2007-10-10, Rob wrote:
>> On Tue, 09 Oct 2007 21:32:02 -0400, Rob wrote:
>>
>>> When I reboot, my ntpd server now crashes. Here is the ntp.log:
>>>
>>> 9 Oct 21:16:13 ntpd[3800]: crypto_setup: random seed file //.rnd not found
>
> //.rnd would be in your /
>
> I have found it helpful to specify the location of the randfile:
>
> crypto randfile /dev/urandom

Shouldn't it be /dev/random? (Urandom is not truely random AFAIK)

Ulrich

>
>>> But if I try to startup the server via xterm, ntpd will run.
>
> Probably because /root/.rnd is being used in this case instead of //.rnd
>
> --
> Steve Kostecke
> NTP Public Services Project - http://support.ntp.org/

Paul.Croome@softwareag.com writes:

> Rob,
>
> Which version of NTP are you running? I had the same problem
> with ntp-dev-4.2.5p71 and several subsequent versions. The
> problem is fixed in version ntp-dev-4.2.5p80; alternatively,
> a workaround is to configure ntp with the option
>
> --without-crypto

The other workaround is not to use crypto (autokey) features. Works with the
existing binary...

>
> See https://support.ntp.org/bugs/show_bug.cgi?id=893 for
> details.
>
> Paul

On 2007-11-06, Ulrich Windl wrote:

> Steve Kostecke writes:
>
>> crypto randfile /dev/urandom
>
> Shouldn't it be /dev/random? (Urandom is not truely random AFAIK)

According to the discussion at http://lwn.net/Articles/185260/ this view
may be FUD.

There is more discussion of /dev/random vs /dev/urandom at:

http://mail.nl.linux.org/linux-crypt.../msg00035.html
http://www.google.com/search?q=%2Fde...Fdev%2Furandom

--
Steve Kostecke
NTP Public Services Project - http://support.ntp.org/

> From: Ulrich Windl
> Date: Tue, 06 Nov 2007 15:27:23 +0100
> Sender: questions-bounces+oberman=es.net@lists.ntp.org
>
>
> Steve Kostecke writes:
>
> > On 2007-10-10, Rob wrote:
> >> On Tue, 09 Oct 2007 21:32:02 -0400, Rob wrote:
> >>
> >>> When I reboot, my ntpd server now crashes. Here is the ntp.log:
> >>>
> >>> 9 Oct 21:16:13 ntpd[3800]: crypto_setup: random seed file //.rnd not found
> >
> > //.rnd would be in your /
> >
> > I have found it helpful to specify the location of the randfile:
> >
> > crypto randfile /dev/urandom
>
> Shouldn't it be /dev/random? (Urandom is not truely random AFAIK)

/dv/urandom used to be less random, but not pseudo-random.

I am not expert on Linux, for FreeBSD has saved entropy across boots for
a long time so that you never have /dev/random run out of numbers. On
FreeBSD, there is no longer any difference between /dev/random and
/dev/urandom.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman@es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751