[ntp:questions] Q: Is there a simple tutorial, how to use authentication with ntp?

Harlan Stenn stenn at ntp.isc.org
Thu Nov 2 01:18:53 UTC 2006


>>> In article <eibboc$10t7$1 at hedeland.org>, per at hedeland.org (Per Hedeland) writes:

Per> In article <ywn9slh3ona6.fsf at ntp1.isc.org> Harlan Stenn
Per> <stenn at ntp.isc.org> writes:
>>  FreeBSD (for example) has an ntp.keys(5) man page - I suspect you can
>> find copies using your favorite search engine.
>> 
>> Basically, pick a key number, use an MD5 key type, and pick 1-16 hex
>> characters.

Per> Hm, why the 1-16 hex characters? The FreeBSD man page says 1-8 ASCII
Per> characters, the official docs say 16 ASCII characters or less
Per> ("printable characters in the range 0x21 through 0x7f excluding space
Per> and the '#' character", though of course space isn't in that range and
Per> 0x7f isn't printable, but anyway), ntp-keygen seems to generate 15(!)
Per> ASCII characters, and the code appears to at least store upto 32 8-bit
Per> characters (though comments therein say 1-to-8), excluding only
Per> whitespace and '#'. Oops, well, 16 printable ASCII excluding '#' should
Per> be fine, and have some 40 bits more of possible values.

Because I read the FreeBSD man page and then looked at a working example and
thought "Oh, it's not 1-8, it's (at least) 1-16".  I didn't look at the
code.

I'd go with the official docs on this one, and someday it would be good to
clean this up.

H




More information about the questions mailing list