如何使用SHA散列身份验证构建chrony

我正在尝试为嵌入式linux系统构建chorny。我目前能够编译、运行和同步时间。我还可以使用MD5启用身份验证，这也同样有效。

我不知道如何启用SHA哈希。在构建包时会使用它，但在配置中没有此选项。以前有人这样做过吗？

感谢

如果我将chrony.keys文件中的哈希类型设置为SHA1:，这就是输出

root@gsdm:~# chronyd -d 
2000-01-08T00:54:56Z chronyd version 2.2 starting (+CMDMON +NTP +REFCLOCK +RTC -PRIVDROP -SCFILTER -SECHASH +ASYNCDNS +IPV6 -DEBUG)
2000-01-08T00:54:56Z Unknown hash function in key 12
2000-01-08T00:54:56Z Initial frequency 1.355 ppm

当我跑步的时候/configure-h我得到这个：

`configure' configures this package to adapt to many kinds of systems.
Usage: ./configure [OPTION]...
Defaults for the options are specified in brackets.
Configuration:
  -h, --help              display this help and exit
Installation directories:
  --prefix=PREFIX         install architecture-independent files in PREFIX
                          [/usr/local]
  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
                          [PREFIX]
By default, `make install' will install all the files in
`/usr/local/bin', `/usr/local/lib' etc.  You can specify
an installation prefix other than `/usr/local' using `--prefix',
for instance `--prefix=/home/user'.
For better control, use the options below.
  --disable-readline     Disable line editing support
  --without-readline     Don't use GNU readline even if it is available
  --without-editline     Don't use editline even if it is available
  --readline-dir=DIR     Specify parent of readline include and lib directories
  --readline-inc-dir=DIR Specify where readline include directory is
  --readline-lib-dir=DIR Specify where readline lib directory is
  --with-ncurses-library=DIR Specify where ncurses lib directory is
  --disable-sechash      Disable support for hashes other than MD5
  --without-nss          Don't use NSS even if it is available
  --without-tomcrypt     Don't use libtomcrypt even if it is available
  --disable-cmdmon       Disable command and monitoring support
  --disable-ntp          Disable NTP support
  --disable-refclock     Disable reference clock support
  --disable-phc          Disable PHC refclock driver
  --disable-pps          Disable PPS refclock driver
  --disable-ipv6         Disable IPv6 support
  --disable-rtc          Don't include RTC even on Linux
  --disable-privdrop     Disable support for dropping root privileges
  --without-libcap       Don't use libcap even if it is available
  --enable-scfilter      Enable support for system call filtering
  --without-seccomp      Don't use seccomp even if it is available
  --disable-asyncdns     Disable asynchronous name resolving
  --disable-forcednsretry Don't retry on permanent DNS error
  --with-ntp-era=SECONDS Specify earliest assumed NTP time in seconds
                         since 1970-01-01 [50*365 days ago]
  --with-user=USER       Specify default chronyd user [root]
  --with-hwclockfile=PATH Specify default path to hwclock(8) adjtime file
  --with-sendmail=PATH   Path to sendmail binary [/usr/lib/sendmail]
  --enable-debug         Enable debugging support
Fine tuning of the installation directories:
  --sysconfdir=DIR       chrony.conf location [/etc]
  --bindir=DIR           user executables [EPREFIX/bin]
  --sbindir=DIR          system admin executables [EPREFIX/sbin]
  --datarootdir=DIR      data root [PREFIX/share]
  --infodir=DIR          info documentation [DATAROOTDIR/info]
  --mandir=DIR           man documentation [DATAROOTDIR/man]
  --docdir=DIR           documentation root [DATAROOTDIR/doc/chrony]
  --localstatedir=DIR    modifiable single-machine data [/var]
  --chronysockdir=DIR    location for chrony sockets [LOCALSTATEDIR/run/chrony]
  --chronyvardir=DIR     location for chrony data [LOCALSTATEDIR/lib/chrony]
Overriding system detection when cross-compiling:
  --host-system=OS       Specify system name (uname -s)
  --host-release=REL     Specify system release (uname -r)
  --host-machine=CPU     Specify machine (uname -m)
Some influential environment variables:
  CC          C compiler command
  CFLAGS      C compiler flags
  CPPFLAGS    C preprocessor flags, e.g. -I<include dir> if you have
              headers in a nonstandard directory <include dir>
  LDFLAGS     linker flags, e.g. -L<lib dir> if you have libraries in a
              nonstandard directory <lib dir>
Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.

--disable-sechash      Disable support for hashes other than MD5
--without-nss          Don't use NSS even if it is available
--without-tomcrypt     Don't use libtomcrypt even if it is available

If development files for the Nettle, NSS, or libtomcrypt library are available, chronyd will be built with support for other cryptographic hash functions than MD5, which can be used for NTP authentication with a symmetric key. 

apk add nettle-dev
./configure
... ...
Checking for nettle : Yes
Features : +CMDMON +NTP +REFCLOCK +RTC -PRIVDROP -SCFILTER -SIGND +ASYNCDNS -READLINE +SECHASH +IPV6 -DEBUG
Creating Makefile
Creating doc/Makefile
Creating test/unit/Makefile
make install