[ntp:questions] Re: Autokey problems as well

Steve Kostecke kostecke at ntp.isc.org
Tue Oct 25 02:36:24 UTC 2005

On 2005-10-24, DJ <drnj at freemail.redherring.co.uk> wrote:

> [On trusted host Alice:] ntp-keygen -H -T -I -p xyz

I don't use the '-H' here; just '-T -I -p .....'

The second paragraph of the "Trusted Hosts and Groups" section of
http://www.eecis.udel.edu/~mills/ntp/html/keygen.html states:

"On each trusted host as root, change to the keys directory. To insure
a fresh fileset, remove all ntpkey files. Then run ntp-keygen -T to
generate keys and a trusted certificate."

> [On host Bob:] ntp-keygen -H -p abc
> where abc is different for each group host.


> The trusted host generates a password-protected group key using
> ntp-keygen -q xyz -p abc -e >temp

You must perform this export operation for each member of the group if
they are using unique passwords.

Don't forget to create the symlink after you copy the IFFKey from Alice
to Bob:

ln -s ntpkey_IFFkey_alice.NNNNNNNNNN ntpkey_iff_alice

FWIW: The information at http://ntp.isc.org/Support/ConfiguringAutokey
is based on actual hands-on experience.

Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/

More information about the questions mailing list