On Thu, Dec 8, 2011 at 14:38, Joe Smithian <[email protected]> wrote: > A,N,S, and M keys are defined in the man ntp.keys > > http://www.gsp.com/cgi-bin/man.cgi?section=5&topic=ntp.keys
That's a good example of why one should be suspicious of man pages for ntpd and friends -- the distribution docs are maintained as HTML and any man page variant is likely to be based on out of date information. That page describes a ntp.keys scheme where the type column is always a single letter and it determines not only the digest algorithm, but also the representation. That's not how ntp.keys works today. The type column specifies only the digest algorithm, and only 'M' (or MD5) is supported prior to ntp 4.2.6. With 4.2.6 and later, the type column can specify the name of any suitable OpenSSL-provided digest algorithm which produces a 16-20 octet digest. The format choice (between hexadecimal and ASCII) is driven by the length of the key value. If it is 20 characters or less, the ASCII is used directly as the key value. If it is 21 characters or longer, it is interpreted as hexadecimal-encoded. Cheers, Dave Hart _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
