[ntp:questions] (Software) timeserver for windows being broadcast-able incl. keys

Richard B. gilbert rgilbert88 at comcast.net
Thu Mar 15 18:23:12 UTC 2007


Danny Mayer wrote:
> Tom Smith wrote:
> 
>>>Do you have any idea why (in the ntp.keys-file on all clients) more
>>>than one key is specified?
>>
>>You'll have to ask whomever put them there. Presumably because
>>at one time different keys were used for different purposes
>>somebody thought they would be.
>>
> 
> 
> Well each server, broadcast line, etc. can use a different key. There's
> no requirement to use the same key for all packets sent from the server.
> 
> Danny

There may be three keys in the ntp.keys file because one was used to 
authenticate the server to the client, one was used to access the 
privileged functions of ntpq and another to access the privileged 
functions of ntpdc.  These keys may be designated as the "trusted key",
the, "request key" (ntpdc) and the "control key" (ntpq).

Another possibility is that three keys were intended for use by three 
different servers.

Note that the ntp.conf file allows comments.  Comments should be used 
liberally to document what you did, why you did it, and perhaps even 
when you did it.  Unless you have a perfect memory you will need to 
refer to those comments sooner or later.  Even if you do have a perfect 
memory, someone else may need to understand what you did and why.





More information about the questions mailing list