On Saturday, February 28, 2015 at 2:25:02 AM UTC+8, Jan Ceuleers wrote:
> On 27/02/15 10:54, catherine.wei1...@gmail.com wrote:
> > However, when I run ntpq :
> > ~ # ntpq
> > ntpq> :config addserver 192.168.1.101 minpoll 3 maxpoll 4 burst
> > Keyid: 5
> > MD5 Password:(password corresponding to keyid 5 in /etc/ntp.keys)
> > ***Server disallowed request (authentication?)
> >
> > I don't know why this happens? Do I need some other configurations? Thank
> > you so much.
>
> I found that the permissions on the ntp.keys file matter. They should be
> 600.
>
> (I wrote all this in my email to you and the list on the 11th of Feb;
> both points (that you need a controlkey and that you need to set the
> permissions on the keys file) were included).
>
> Final point: when you're done and you got it working, throw away your
> keys file and generate a new-one, because now everybody in the world
> knows your keys.
>
> HTH, Jan
Hi Jan, thank you.
I'm using my own PC as an ntp server, and my embedded box(linux system) as ntp
client. I generate key files through ntp-keygen on my PC and copied it both to
/etc/ntp.keys on ntp client(the box) and my PC, then log on to the box. the
ntp.conf on ntp client is:
driftfile /etc/ntp.drift
keys /etc/ntp.keys
trustedkey 8 600
controlkey 8
restrict default ignore
restrict 127.0.0.1
#enable mode7
broadcastdelay 0.008
#6000000000s because we start at 1970
tinker panic 6000000000
restrict 192.168.1.101 nomodify notrap
server 192.168.1.101 minpoll 3 maxpoll 4
key file is
1 MD5 P[G\;5Ob@[\[Ni4PJx3& # MD5 key
2 MD5 z}6`X[cpV%UDktmbghiA # MD5 key
3 MD5 %(4%pM<~(8p[cn,,S/0N # MD5 key
4 MD5 TT_QA;=x*G$4p1-d"1;C # MD5 key
5 MD5 ml~KoJ*<`vM&7fxTeR.@ # MD5 key
6 MD5 +wc93d8[~tBRyzd<GL{L # MD5 key
7 MD5 _WMzU`YQpwN&?5TYJ^5i # MD5 key
8 MD5 ~mpv # MD5 key
9 MD5 ?N4f+')!S9@7.V*G3,xI # MD5 key
600 MD5 mypassword # MD5 key
11 SHA1 591701ab51fd2936651ce6920ffecc3ea5b99dea # SHA1 key
12 SHA1 6fe71721baef0e91c41e23984cf9f663f18ba112 # SHA1 key
13 SHA1 bb96c2b73f01659194a94cadc496cedfa12f3832 # SHA1 key
14 SHA1 51f5237ef46c99492070deb5a762d7f434794b58 # SHA1 key
15 SHA1 21c578d9e5d56a8bdc0560443f96f1047c93a276 # SHA1 key
16 SHA1 5c3927c1e05559f5695a353636d4c3ddff6e7e11 # SHA1 key
17 SHA1 14321c68317d531e004497bd9b6b0d475630a291 # SHA1 key
18 SHA1 89ac3debc33937ba25638ef0fc035d830fea6fe5 # SHA1 key
19 SHA1 9f47dda7ae80426c6aa8acac22dc9afef4b900fb # SHA1 key
20 SHA1 80515077771a9e6d5bb70d6985b236008d962f34 # SHA1 key
I just changed the 10th one manually. After I logged, and execute: ntpq :config
unconfig 10.172.161.16 . The results still like this:
~ # ntpq
ntpq> :config unconfig 10.172.161.16
Keyid: 600
MD5 Password: (mypassword)
***Server disallowed request (authentication?)
ntpq>
Is there anything wrong in my operation? Thank you.
_______________________________________________
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions
