[ntp:questions] Generating keys for ntpdc control

Bob bobsjunkmail at bellsouth.net
Fri Jul 4 19:13:50 UTC 2008


"Steve Kostecke" <kostecke at ntp.org> wrote in message 
news:slrng6sdqh.lip.kostecke at stasis.kostecke.net...
> On 2008-07-04, Bob <bobsjunkmail at bellsouth.net> wrote:
> >
>> that ntpdc is supposed to prompt for a password.
>
> It has to.
The Windows version does not. It asks for keyid, and when entered, moves to 
a new line with no prompt.

> It is possible that ntpdc is not seeing the password you typed in.

After getting past the key file content, and ntp.conf issue, what I finally 
figured out is that  ntpdc will remember that it got a "permission denied", 
and no further attempts will be made without stopping and restarting it.

> None of the following is germane to your symmetric key issue, but ...
>
>> keys "C:\Program Files\NTP\etc\ntp.keys"
>> enable auth
>
> Auth is enabled by default. It can be disabled on the command-line. The
> worst that can happen is this line will generate an extra log entry.

I disabled auth earlier this week, and promptly got attacked. I did an 
enable auth with the intention of reversing my disable auth.
>
> This minpoll/maxpoll combination means that you are polling this server
> every 16 seconds. That's generally considered to be "unfriendly" unless
> it's your server.

Agreed... REAL unfriendly!  It is a Truetime NTS-100. I can't use it 
directly as my publicly visible server because of some firmware bugs in it 
where it's ntp output isn't universaly liked by clients. Also, sending 
packets to these too quickly - several per second - puts them to sleep.
>
> ntpd has been designed to choose the correct poll interval to strike a
> balance between quick short term correction and long term stability. It
> is generally considered better to allow ntpd to manage the poll
> interval.

The shorter poll interval seems to smooth out the Windows induced timing 
variations. I've tried it with no special instructions, and the offset 
variation seems smaller. This server (NTS-100) is favored as the selected 
clock because it's got ~0 round trip time, and it's got little jitter.


> -- 
> Steve Kostecke <kostecke at ntp.org>
> NTP Public Services Project - http://support.ntp.org/ 





More information about the questions mailing list