[ntp:questions] Re: ntpd as broadcastclient - not working?
kostecke at ntp.isc.org
Wed Oct 6 23:30:34 UTC 2004
On 2004-10-06, W. D. <NewsGroups at US-Webmasters.com> wrote:
> Steve Kostecke wrote:
>> On 2004-10-06, W. D. <NewsGroups at US-Webmasters.com> wrote:
>> > At 01:52 8/29/2004, Harlan Stenn, wrote:
>> >>It's pretty easy to set up authentication.
>> > Do you know of a short, step-by-step, HowTo for this?
> Thanks a bunch for this link. I am looking at a bunch of stuff up one
> directory: http://ntp.isc.org/bin/view/Support/
That's the http://ntp.isc.org/bin/view/Support/WebHome page. It's the index for
the Support Web. You need to be looking at
> However, I am lost concerning configuring authentication for
Autokey requires configuration on both the server and the client.
The first thing to do is choose which Autokey Identity Scheme you wish
to use. I suggest that you use IFF.
Follow the steps shown at
to configure your broadcast server to use Autokey. The instructions for
enabling Broadcast Autokey are shown at
> For each client, the ntp.conf only consists of:
> driftfile /etc/ntp.drif
Follow the steps shown at
to configure one of your client systems for Autokey. Once you have one
client working you can easily replicate the client configuration to
> On the 'ConfiguringAutokey' page, I don't see any reference to
In broadcast mode you enable Autokey in the server conf file as
> and there are lots changes to lines that don't exist in my ntp.conf
Lots of changes? You only have to add TWO lines to your ntp.conf files
to set-up Autokey and modify one line in our broadcast server ntp.conf
file to use Autokey for your broadcast associations.
> How do my clients make use of authentication?
If you properly configure Autokey on your broadcast server and your
broadcast clients it will just work.
> Also, is authentication really necessary on a local area network (LAN)
> that is hidden beyond a firewall, and users can be trusted?
If you don't use authentication one of your "trusted users" could bring
up a rogue broadcast server on your LAN.
> Another complication is that I have Windows computers that run K9.
> (http://www.kaska.demon.co.uk/k9.htm) As far as I know, K9 doesn't
> know how to authenticate. Would it still be able to set time properly
> if broadcast signals are being sent from an 'authenticated' NTP
>> And feel free to stop by #ntp on irc.freenode.net if you have
> Thanks for the offer! Unfortunately, I don't have IRC setup.
There is nothing to set-up beyond installing an IRC client.
> Also, with the newsgroups, others can benefit from reading these
IRC allows you to engage in a real-time discussion. Usenet does not.
Steve Kostecke <kostecke at ntp.isc.org>
More information about the questions