R wrote: > This is probably a stupid question, which would take the experts a > minute to answer. > > I'm planning to have a NTP daemon-A communicate with another NTP > deamon-B using authentication/security enabled and I also want other > NTP daemons (configured as pure clients) to communicate with NTP > deamon-A. Is this possible? In other words can you mix and match > authentication and no-authentication? > > Thanks in advance, > SR. >
Yes, it's possible. Authentication authenticates the server to the client. It's done by cryptographicly "signing" the transmitted packet. NTP will work just fine without authentication. You can use an authenticated packet without checking its authenticity if you wish. Normally this would happen only in a broadcast or multicast environment but you are at liberty to send packets with authentication and ignore it on the receiving end. Authentication is only needed if you must be able to prove where your time came from or if you believe that somebody would bother to try to spoof a server that you intended to use and give you an incorrect time. Some people REALLY need authentication but most don't. _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
