catherine.wei1...@gmail.com schrieb:
On Wednesday, February 27, 2008 at 3:29:58 AM UTC+8, Dennis Hilberg, Jr. wrote:
# Authentication
keys /etc/ntp/keys
trustedkey 1
requestkey 1
controlkey 1
And my keys file looks like this:
1 M somepassword
Thanks,
Dennis
--
Dennis Hilberg, Jr. \ timekeeper(at)dennishilberg(dot)com
NTP Server Information: \ http://saturn.dennishilberg.com/ntp.php
Hi, I'm lately upgrading the ntp from 4.6.5 to 4.8.1p, ...
Hm, I guess you mean from 4.2.6p5 to 4.2.8p1, and I hope your spelling
is more accurate in your config files. ;-)
... when I use ntpq to add server, it prompted for a keyid and MD5
password. I don't know how to get this keyid and password. Before the
upgrade, the keyid is 0, so it doesn't need authentification. Can you
tell me how to get the keyid and password? Thank you.
Have you read what Dennis has written, quoted above?
If you are using symmetric key authentication as for use with ntpq then
you have to create a text file containing one or more keys, for example
a file /etc/ntp.keys with these lines:
1 M somepassword
5 M anotherpassword
In ntp.conf you have to specify a path to this file, e.g.:
keys /etc/ntp.keys # path for keys file
and you need to specify which of the keys (1 or 5 in this example)
should be used for which purposes, e.g.
trustedkey 1 5 # define trusted keys
controlkey 5 # this key to be used with ntpq (mode 6 packets)
In NTP 4.2.6p5 you could also specify
requestkey 5 # this key to be used with ntpdc (mode 7 packets)
but the latter should be obsolete in 4.2.8 since the functionality of
ntpdc has been moved to the ntpq utility, and ntpdc isn't used anymore
by default.
When ntpq asks you for a key ID and password you have to enter key ID
"5" (since this is the control key) and the associated password
"anotherpassword", or whatever your file contains.
You can also use the ntp-keygen utility to generate a file with several
keys. For example, ntp_keygen -M generates a file containing lines like
this:
1 MD5 758gBsvq9OEG@;l;niFT # MD5 key
2 MD5 &5oL9nE/"B3![kpc\Tv0 # MD5 key
3 MD5 w5t/1(E@,lGJi^-]3F"h # MD5 key
4 MD5 QzH$eq/yAb;x>38Ga)0^ # MD5 key
5 MD5 *CUj^t)L"0XL;=[L7-KW # MD5 key
6 MD5 x?_q^3Xd:d[im[iBvM%[ # MD5 key
7 MD5 Zd5wky*r;[0e?h2l{%]t # MD5 key
8 MD5 f[N'S7'&c...@wd.qu^JpB # MD5 key
9 MD5 =[)AG6WZQK-'gFD&rmNV # MD5 key
10 MD5 -3OB0VbnAV0/O=HT5he) # MD5 key
11 SHA1 9b759ab4409e0e24d3949d07e3cf52c2f0e7e2c4 # SHA1 key
12 SHA1 7335501b2b8fbfe622f4d14ad5636ddbcde648ed # SHA1 key
13 SHA1 67b52deb3ff2b5efdc318da522c0f88403e31f8e # SHA1 key
14 SHA1 c0b539b695002f8ce912d8c7ef2a6caa019b5838 # SHA1 key
15 SHA1 0eba962d966aa1723d679dbec08f0f4bc4cc3afa # SHA1 key
16 SHA1 f46a4b9adec3a11abdeb9e55b50ea7fdb775f951 # SHA1 key
17 SHA1 dc50c6de43b7953a87386e4babd0188e36f74527 # SHA1 key
18 SHA1 2ea2a9237824f9e7098c539604de518b89eee2ad # SHA1 key
19 SHA1 5b835caa6409adf2ead5c6639897c20bcf073c39 # SHA1 key
20 SHA1 3826bb111ab07755d790a8d81bb6139991c87e9c # SHA1 key
However, the name of the created file is somewhat different, so either
you have to copy/rename it to /etc/ntp.keys, or you have to specify the
real file name in ntp.conf.
Martin
--
Martin Burnicki
Meinberg Funkuhren
Bad Pyrmont
Germany
_______________________________________________
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions
