[ntp:questions] Re: specifying key

Andrew andrew at arda.homeunix.net
Fri Dec 12 02:09:17 UTC 2003


Speaking of trusted keys, I have a question about the notrust access 
control option.

This is the definition given by the man page for ntp.conf that is 
present on my FreeBSD 4.8 box.

notrust
Treat these hosts normally in other respects, but never use them as 
synchronization sources.

And here is the definition given on the NTP web site in the Official 
Documentation.

notrust
Deny service unless the packet is cryptographically authenticated.

I would like to know which definition is correct.

Andrew

David L. Mills wrote:
> Karthik,
> 
> May I suggest you read the Authentication Options page in the
> documentation? You have a mistaken idea on how the server operates. The
> server uses the trustedkey command to specify the active keys it
> supports; the client specifies which one on the server/peer line.
> 
> Dave
> 
> Karthik Palaniappan wrote:
> 
>>Hello,
>>
>> I would like to use NTP authentication in Master-Slave unicast mode
>>using shared keys. Both the client and server have the same key file.
>>The client has the following server command in ntp.conf:
>>
>>server 192.168.1.1 key 1
>>
>> How can I specify in the server that key ID 1 should be used in all
>>unicast responses? For the peer, broadcast and multicast mode, could
>>find the answer (eg: broadcast 192.168.1.255 key 1 ). But for unicast I
>>am unable to find the answer. Thank you for your answer.
>>
>>Regards,
>>Karthik




More information about the questions mailing list