Symmetricom Time Server Network Card User Manual


 
6000-100Ch4.fm Rev. D TimeVault™ User’s Manual 4-71
Extended Function Commands Chapter 4: Serial or Telnet I/O Functions
The NTP client “ntp.keys” file is identical to the one on the NTP server. For the specific
keys used by the NTP server, the NTP client must have the identical line in its version of
the file. You’ll want to use your own hard-to-guess key names, using random letters. The
critical lines of the “ntp.keys” file are:
Id M Value
---- --- --------
1 M Symmetricom
2 M xyz123
where 1 and 2 are key identifiers.
The first column is the key identification number, which may range in whole positive
numbers from 1 to 65,535. The second column is the type of key, which is always set to
the letter M when using MD5 authentication. The third column is the private key that is
ASCII text from 1 to 32 characters in length.
Editing the MD5 keys on the NTP Client
For NTP client authentication, the line trustedkey 1 2 in the “ntp.conf” file is required
to enable the private keys 1 and 2 from the “ntp.keys” file. The line bclient is required
for broadcast time packets to be processed by the NTP client. In this case, sample
information from a client “ntp.conf” file might look like:
trustedkey 1 2
bclient
Sample information in a client “ntp.keys” file might look like:
1 M Symmetricom
2 M longshot
When you invoke the NTP client at the command line, use the following options:
–b
to turn on broadcast reception
–k /etc/ntp.keys
to specify the name and location of the keys file
–d
for debugging.
An example command line might look like:
ntpd –d –d –d –b –k /etc/ntp.keys
After configuring all MD5 keys, carry out step 4 in the configuration procedure outlined
above.
For maximum security, use a unique combination of 32 letters and numbers for each key
identifier. For correct configuration, do not use zero as a key identifier. Zero means the key
identification will not be used.