Technical data

ManualsBrandsCompaq ManualsComputer equipmentCompaq TCP/IP Services for OpenVMS

241

242

243

244

245

246

247

248

249

250

Conﬁguring and Managing NTP

12.7 NTP Authentication Support

12.7.1 NTP Authentication Commands

Table 12–2 describes additional conﬁguration statements and options used to

support authentication.

Table 12–2 Authentication Commands

Command Description

keys

keys-ﬁle Speciﬁes the ﬁle name for the keys ﬁle, which contains the

encryption keys and key identiﬁers used by NTP, NTPQ, and

NTPDC when operating in authenticated mode.

trustedkey

key-ID [...] Speciﬁes the encryption key identiﬁers that are trusted for the

purposes of authenticating peers suitable for synchronization,

as well as keys used by the NTPQ and NTPDC programs. The

authentication procedures require that the local and remote

servers share the same key-ID and key value for this purpose,

although different key values can be used with different

servers. The key-ID arguments are 32-bit unsigned decimal

integers from 1 to 15. Note that the NTP key 0 is used to

indicate an invalid key value or key identiﬁer; therefore, it

should not be used for any other purpose.

requestkey

key-ID Speciﬁes the key identiﬁer to use with the NTPDC

program, which uses a proprietary protocol speciﬁc to this

implementation of NTP. This program is useful to diagnose

and repair problems that affect the operation of NTP. For

information about NTPDC, see Section 12.8.3.

The key-ID argument to this command is an unsigned 32-bit

decimal number that identiﬁes the trusted key in the keys ﬁle.

If no

requestkey

command is included in the conﬁguration

ﬁle, or if the keys do not match, any request to change a server

variable is denied.

controlkey

key-ID Speciﬁes the key identiﬁer to use with the NTPQ program,

which uses the standard protocol deﬁned in RFC-1305. This

program is useful to diagnose and repair problems that affect

the operation of NTP. For more information about NTPQ, see

Section 12.8.4.

The key-ID argument to this command is a 32-bit decimal

integer that identiﬁes a trusted key in the keys ﬁle. If no

controlkey

command is included in the conﬁguration ﬁle,

or if the keys do not match, any request to change a server

variable is denied.

Keys are deﬁned in a keys ﬁle, as described in Section 12.7.2.

12.7.2 Authentication Key Format

The NTP service reads keys from a keys ﬁle that is speciﬁed using the

keys

command in the conﬁguration ﬁle. You can supply one or more keys from 1 to 15

in the keys ﬁle.

Key entries use the following format:

key-ID key-type key-value

12–14 Conﬁguring and Managing NTP