|
Title: NTP Authentication Post by: newbi on April 29, 2008, 09:11:52 AM Hi All,
Can you advise how to configure NTP authentication from one NTP server to the other? Is there something to be ran to generate ntp.keys or that has to be manually created? Thanks in advance! Title: Re: NTP Authentication Post by: John R Peck on April 29, 2008, 04:07:24 PM The “xntpd” service – for clients of the machine to be able to use the machine as a time server - is configured as follows.
Edit “/etc/ntp.conf”, comment out "broadcastclient" with a "#": #broadcastclient driftfile /etc/ntp.drift tracefile /etc/ntp.trace Add the following lines pointing to the machine itself: server 127.127.1.0 prefer # 10.X.X.X - self fudge 127.127.1.0 stratum 0 # values for local clock keys /etc/ntp.keys # where the keys are trustedkey 15 # keyid's we trust requestkey 15 # keyid for mode 7 requests (xntpdc) controlkey 15 # keyid for mode 6 requests (ntpq) enable auth # turn on authentication #broadcast xxt.xxx.xxx.xxx # turn on broadcast Create the file “/etc/ntp.keys”, based on the sample file provided “/usr/samples/xntp/example.keys”. Change the key values to your own password-like entries: 2 M admin 15 M root Title: Re: NTP Authentication Post by: newbi on May 05, 2008, 07:05:47 AM Thanks a lot John! I have tried out your suggestion on our NTP servers. How do check though if the authentication is working? Is there any command to test? Or probably, how do I test if ntp is still working?
thanks again! Title: Re: NTP Authentication Post by: John R Peck on May 05, 2008, 07:04:06 PM Well if the NTP is working, and therefore the authentication, when you change the clock on the server you should soon have the clients altering their clocks to match. |