[ntp:questions] Re: Autokey problems as well
kostecke at ntp.isc.org
Tue Oct 25 02:36:24 UTC 2005
On 2005-10-24, DJ <drnj at freemail.redherring.co.uk> wrote:
> [On trusted host Alice:] ntp-keygen -H -T -I -p xyz
I don't use the '-H' here; just '-T -I -p .....'
The second paragraph of the "Trusted Hosts and Groups" section of
"On each trusted host as root, change to the keys directory. To insure
a fresh fileset, remove all ntpkey files. Then run ntp-keygen -T to
generate keys and a trusted certificate."
> [On host Bob:] ntp-keygen -H -p abc
> where abc is different for each group host.
> The trusted host generates a password-protected group key using
> ntp-keygen -q xyz -p abc -e >temp
You must perform this export operation for each member of the group if
they are using unique passwords.
Don't forget to create the symlink after you copy the IFFKey from Alice
ln -s ntpkey_IFFkey_alice.NNNNNNNNNN ntpkey_iff_alice
FWIW: The information at http://ntp.isc.org/Support/ConfiguringAutokey
is based on actual hands-on experience.
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/
More information about the questions