[ntp:questions] using keys with external ntp clients
Brad Knowles
brad at stop.mail-abuse.org
Thu Jul 14 14:40:12 UTC 2005
At 2:05 PM +0000 2005-07-14, dave wrote:
> I've got a local ntp server that restricts access to itself to my local
> subnet. I want to allow roaming users to connect up to it but not the rest
> of the internet. Is there a way i can use some sort of key between the
> roaming client and the server to secure and validate each party, and to
> allow the ntp transaction?
Nope. There is no client authorization in NTP. There is server
authentication, so that the clients can cryptographically prove that
the time values they've gotten are from a given server, but that's as
far as the crypto stuff goes.
If you set up VPN access, those clients could access the NTP
server just like any other client on the internal network. But that
might be more work than you're willing/able to do.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the questions
mailing list