Authenticating NTP peers
To turn on authentication of synchronization requests from
NTP peers:
-
Create a set of keys that will be used for authenticating requests
to synchronize with peers.
Typically, you would define one key per group of peers.
The format of such keys is described in
``The NTP keys file''.
-
On each host on which you want to configure authentication, add
the following lines to the /etc/inet/ntp.conf file if not already
present:
authenticate yes
keys /etc/inet/ntp.keys
If the line currently defines authenticate as no,
change the value to yes.
-
Add the following line to /etc/inet/ntp.conf:
trustedkey ID1 ID2 ... IDn
This line lists the IDs of the keys from the keys file
that will be used to authenticate synchronization requests from
certain groups of peers.
-
If it does not already exist,
create a /etc/inet/ntp.keys keys file on each peer, and add the keys
for the groups of peers with which this peer will be allowed to
synchronize.
-
To have xntpd re-read its configuration file, do one of the
following:
-
Stop xntpd by
killing its process ID found using ps, then
restart it using the command in.xntpd &.
-
If a key entry exists to allow runtime reconfiguration (see
``Authenticating NTP runtime reconfiguration''),
run xntpdc and use the readkeys command to have
xntpd read the keys file.
© 1999 The Santa Cruz Operation, Inc. All rights reserved.
UnixWare 7 Release 7.1.1 - 5 November 1999