Scripsit [EMAIL PROTECTED] > 'M' stands for MD5;
Of course. Typo on my part. > the DES crypto code is no longer in the distribution. Whoops. I worked from the NTP FAQ which uses DES keys freely in section 6.2.2, and only mentions the absence of DES as an aside in 6.1.3.3 (which is not even where one would expect to find important caveats like that). > Think of peer (symmetric mode) as each machine functioning > simultaneously as a client and a server for the other machine. Time > flows from the machine at the lower stratum to the other > machine. I gathered at much from the docmentation, but it was not clear to me that it only works as described when the communication is authentified. On reflection I can see that it does make excellent sense to require authentification here, but it would have helped me if, say, the description of the 'nopeers' restriction keyword and/or the "peer" configuration command had included a short caveat that the association will only really be bidirectional if authentified (or if the auth flag is off). > Usually, both peers are clients of different lower stratum > servers and usually operate at the same stratum, so time doesn't flow > between them. Hmm, yes. Is there a way to specify that time should flow in the direction of larger synchronization distance, even at the possible expense of one of the servers operating on a higher stratum? Or is that a situation that is just expected not to happen? -- Henning Makholm "... and that Greek, Thucydides" _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
