[ntp:hackers] NTP Development Snapshot 4.2.5p208 Released
davehart at gmail.com
Mon Sep 7 07:43:38 UTC 2009
On Mon, Sep 7, 2009 at 6:21 AM, M. Warner Losh<imp at bsdimp.com> wrote:
> Or to allow it at all... That would allow complete control of the
> policy here by providing the tools necessary to implement any of the
> common policies.
Currently there are several ways it can be disabled. You need
trustedkey and controlkey (or possibly requestkey, I always set the
latter two the same) in ntp.conf as well as a keys directive. With
any of those missing, neither remote configuration nor remote saving
of the configuration is possible. Next, restrict default nomodify
prevents both, lacking a more permissive restrict match. Finally, you
can pass --disable-saveconfig to the configure script before building.
More information about the hackers