from Alice’s Adventures in Wonderland, Lewis Carroll

Our resident cryptographer; now you see him, now you don’t.

2. Commands and Options

Unless noted otherwise, further information about these commands is on the Authentication Support page.

The following declarations control MAC authentication:

controlkey key

Specifies the key identifier to use with the ntpq(1) utility, which uses the standard protocol defined in RFC 5905. The key argument is the key identifier for a trusted key, where the value can be in the range 1 to 65,535, inclusive.

keys keyfile

Specifies the complete path and location of the key file containing the keys and key identifiers used by ntpd(8), and ntpq(1) when operating with symmetric-key cryptography. This is the same operation as the -k command line option.

trustedkey key…​

Specifies the key identifiers which are trusted for the purposes of authenticating servers with symmetric key cryptography, as well as keys used by the ntpq(1) program. Multiple keys on the same line should be separated by spaces. Key ranges can be specified as (first …​ last). The spaces around the …​ are necessary. Multiple trustedkey lines are supported and trusted keys can also be specified on the command line.

The MAC authentication procedures require that both the local and remote servers share the same key id, key type, and key text. The easiest way to do this is to copy the whole line. Different keys should be used for each server-client pair. The key_id arguments are integers with values from 1 to 65,535.

homeHome Page

sitemapSite Map