[ntp:questions] ntp and iff authentication
Giovanni Clemente
giovanni.clemente at mail.ing.unibo.it
Fri Apr 8 13:20:00 UTC 2005
Hello,
I'm trying to configure an authenticated ntp service at my department,
but I can't figure out how to get IFF work.
Here is a graph of my expected configuration:
host ien1 host ien2 stratum 1 servers from
^ ^ ^ ^ Italy's ref. time institute
| | | |
| +-------------------------+ |
| | |
+--|-----------------------------+
| |
| |
host timeserv1 <-- peers --> host timeserv2 stratum 2 servers in
| | my dep. These will be
| | the roots of my group
+-------------+---------+ |
| | | |
v v v |
|
+-------------+---------+-------+
| | |
v v v
client1 client2 clientn stratum 3 clients
I would let timeserv1 and timeserv2 be both trusted
hosts of a single group, using IFF identity scheme, and
be able to identify their clients with both client group
keys and server group keys (not trusted).
My problem is that I can't configure timeserv1 and timeserv2
to authenticate each other as peers, since I don't know how
ntpkey_IFFpar_ files should be deployed.
Any suggestion?
Thank you,
Giovanni
Italy
More information about the questions
mailing list