Re: [ntp:questions] ntp symmetric keys - controlkey test is needed

Tue, 25 Feb 2014 01:55:30 -0800 

On Friday, February 21, 2014 2:59:54 PM UTC+1, Steve Kostecke wrote:
> On 2014-02-21, ardi <[email protected]> wrote: > I have defined 
> symmetric keys on 2 ntp servers. > How can I test whether controlkey is 
> working? > Is it used for ntpq? http://doc.ntp.org/4.2.6p5/authopt.html 
> explains Symmetric Key Cryptography; and the controlkey, requestkey and 
> trustedkey commands. -- Steve Kostecke <[email protected]> NTP Public Services 
> Project - http://support.ntp.org/

Hello Steve,

I have tried the requestkey with the following setup - and I think it is 
working:
/etc/init.d/ntp stop

Update file: /etc/ntp.keys with:

66 M thisispswd #note 66 is key-id, M is type of password (M=MD5);  thisispswd 
is the password

and update /etc/ntp.conf with:

trustedkey 2 66
requestkey 66
controlkey 66

start ntp daemon on server

Let's try requestkey in ntpdc - we are trying to add a new server xx.xx.xx.88 

ntpdc> addserver xx.xx.xx.88
Keyid: 66    <---the requestkey we defined in /etc/ntp.conf
MD5 Password: <---here we fill the password: thisispsw
done!
ntpdc> q

root@server:~#

root@server:~# ntpq
ntpq> pee
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*xx              .GPS.            1 u   15   16  377    0.422    0.099   0.078
-server1           xx.xx.xx.xx    2 u    -   16  377    0.252   -0.066   0.022
+server2           xx.xx.xx.xx    2 u   11   16  377    0.385    0.069   0.016
+server3           xx.xx.xx.xx    2 u    -   16  377    0.350   -0.040   0.080
xx.xx.xx.88      .INIT.          16 u    -   64    0    0.000    0.000   0.000
ntpq>

To remove it from this list we can use the following command:

ntpdc> unconfig xx.xx.xx.88
Keyid: 66
MD5 Password: <--we insert thisispwd as password 
done!
ntpdc>

ntpdc> q
root@server:~# ntpq
ntpq> pee
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*xx              .GPS.            1 u   15   16  377    0.422    0.099   0.078
-server1           xx.xx.xx.xx    2 u    -   16  377    0.252   -0.066   0.022
+server2           xx.xx.xx.xx    2 u   11   16  377    0.385    0.069   0.016
+server3           xx.xx.xx.xx    2 u    -   16  377    0.350   -0.040   0.080

is it a good example for requestkey testing?


But I am not able to test the controlkey for ntpq.
Can you give me some hint or example?

Thanks and kind regards,
ardi


_______________________________________________
questions mailing list
[email protected]
http://lists.ntp.org/listinfo/questions

Reply via email to