[ntp:questions] Re: NTP server authentication
kostecke at ntp.isc.org
Fri May 20 19:26:52 UTC 2005
On 2005-05-20, Vladimir Smotlacha <vs at cesnet.cz> wrote:
> Steve Kostecke wrote:
>> This should be:
>> ntp-keygen -e -q server_password -p client_password > output_file
> Thank you for the suggestion. I tested this method of password change and it
> works. But it does not solve my problem as it requires to generate the key
> for every particular client password.
You can use something like https://ntp.isc.org/crypto.php to solve this
> I'd like to arrange authentication for public ntp server without taking care
> for each individual client.
A shared client key with a shared password forces all clients of your
time-server to use the same crypto password.
A shared client key without a password forces all clients of your
time-server to not use any crypto password.
Neither of these choices are good.
The best solution is to export the client keys on the fly using an SSL
web-page (see the URL shown above).
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/
More information about the questions