[ntp:hackers] NTP Development Snapshot 4.2.5p208 Released

Dave Hart davehart at gmail.com
Mon Sep 7 07:43:38 UTC 2009

On Mon, Sep 7, 2009 at 6:21 AM, M. Warner Losh<imp at bsdimp.com> wrote:
> Or to allow it at all...  That would allow complete control of the
> policy here by providing the tools necessary to implement any of the
> common policies.

Currently there are several ways it can be disabled.  You need
trustedkey and controlkey (or possibly requestkey, I always set the
latter two the same) in ntp.conf as well as a keys directive.  With
any of those missing, neither remote configuration nor remote saving
of the configuration is possible.  Next, restrict default nomodify
prevents both, lacking a more permissive restrict match.  Finally, you
can pass --disable-saveconfig to the configure script before building.

Dave Hart

More information about the hackers mailing list