[ntp:questions] How can I mix authenticated and not authenticated clients in an ntp network?
martin.burnicki at meinberg.de
Tue Nov 20 16:16:32 UTC 2018
giovanni.razzetta at gmail.com wrote:
> I would like to configure ntpd as a server providing time.
> I want to use symmetric key authentication.
> In my network I have ntp clients configured for authentication and client configured with no authentication.
> How do I configure my ntpd server to supply time to both type of clients?
> Does ntpd as a time server respond to requests with authentication with authenticated packets and to requests without authentication without appending the hash?
> Thank you in advance for clarification
There's nothing special to do.
ntpd's approach of authentication in client/server packet exchange is to
let the client be able to verify that a reply it receives has indeed
been sent by the expected server, and not by some node that pretends to
be the server.
So if the ntpd server instance receives a client request with a
signature appended, it verifies the signature and send a signed packet
back to the client.
If it receives a request packet without signature then it simply sends a
response without signature.
More information about the questions