[ntp:questions] Q: Is there a simple tutorial, how to use authentication with ntp?

Per Hedeland per at hedeland.org
Wed Nov 1 23:48:28 UTC 2006


In article <ywn9slh3ona6.fsf at ntp1.isc.org> Harlan Stenn
<stenn at ntp.isc.org> writes:
>
>FreeBSD (for example) has an ntp.keys(5) man page - I suspect you can find
>copies using your favorite search engine.
>
>Basically, pick a key number, use an MD5 key type, and pick 1-16 hex
>characters.

Hm, why the 1-16 hex characters? The FreeBSD man page says 1-8 ASCII
characters, the official docs say 16 ASCII characters or less
("printable characters in the range 0x21 through 0x7f excluding space
and the '#' character", though of course space isn't in that range and
0x7f isn't printable, but anyway), ntp-keygen seems to generate 15(!)
ASCII characters, and the code appears to at least store upto 32 8-bit
characters (though comments therein say 1-to-8), excluding only
whitespace and '#'. Oops, well, 16 printable ASCII excluding '#' should
be fine, and have some 40 bits more of possible values.

>I see that we talk about http://ntp.isc.org/Support/ConfiguringAutokey but
>we don't yet have a page for private key

I think the proper term is symmetric or shared key (that's what the
official docs use) - they should be private to the participants of
course, but "private" tends to imply that there's a corresponding
"public" key.

--Per Hedeland
per at hedeland.org




More information about the questions mailing list