from Alice’s Adventures in Wonderland, Lewis Carroll Our resident cryptographer; now you see him, now you don’t.
1. Related Links
2. Commands and Options
Unless noted otherwise, further information about these commands is on the Authentication Support page.
The following declarations control MAC authentication:
- controlkey key
Specifies the key identifier to use with the ntpq(1) utility, which uses the standard protocol defined in RFC 5905. The key argument is the key identifier for a trusted key, where the value can be in the range 1 to 65,535, inclusive.
- keys keyfile
Specifies the complete path and location of the key file containing the keys and key identifiers used by ntpd(8), and ntpq(1) when operating with symmetric-key cryptography. This is the same operation as the -k command line option.
- trustedkey key…
Specifies the key identifiers which are trusted for the purposes of authenticating peers with symmetric key cryptography, as well as keys used by the ntpq(1) program. Multiple keys on the same line should be separated by spaces. Key ranges can be specified as (first … last). The spaces around the … are necessary. Multiple trustedkey lines are supported and trusted keys can also be specified on the command line.
The MAC authentication procedures require that both the local and remote servers share the same key and key identifier for this purpose, although different keys can be used with different servers. The key arguments are 32-bit unsigned integers with values from 1 to 65,535.