Manualshelf

HP-UX Internet Services Administrator's Guide (May 2010)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
61626364656667686970
Figure 4-5 Authentication Example
In Figure 4-5, authentication is enabled for both Penelope and Golden. An NTP time
request from Penelope to Golden includes the authentication fields – key ID (10),
and a checksum, tickle, encrypted with the key corresponding to the key ID 10. When
Golden receives this request, it recomputes the checksum using the packet’s key ID
field (10) to look up for the key ID 10 in its key file (tickle) and compares the checksum
with the authentication field in the request.
Golden sends back time information with the key ID 10 and a checksum encrypted
using the encryption key tickle.
Additionally, Penelope accepts time synchronizations from hosts that have used the
key ID 10 and the corresponding encryption key tickle.
To enable authentication on the local host, include the following statement in the
/etc/ntp.conf configuration file:
authenticate yes
If you do not specify this statement, authentication is not enabled. When you enable
authentication, you can specify the following options:
-e authdelay
This option indicates the amount of time (in seconds) required to encrypt an NTP
authentication field on the local host.
Advanced NTP Topics 65