[ntp:questions] using keys with external ntp clients

Brad Knowles brad at stop.mail-abuse.org
Thu Jul 14 14:40:12 UTC 2005


At 2:05 PM +0000 2005-07-14, dave wrote:

>      I've got a local ntp server that restricts access to itself to my local
>  subnet. I want to allow roaming users to connect up to it but not the rest
>  of the internet. Is there a way i can use some sort of key between the
>  roaming client and the server to secure and validate each party, and to
>  allow the ntp transaction?

	Nope.  There is no client authorization in NTP.  There is server 
authentication, so that the clients can cryptographically prove that 
the time values they've gotten are from a given server, but that's as 
far as the crypto stuff goes.

	If you set up VPN access, those clients could access the NTP 
server just like any other client on the internal network.  But that 
might be more work than you're willing/able to do.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.



More information about the questions mailing list