S o n o m a U s e r M a n u a l
22
C H A P T E R T H R E E
23
S o n o m a U s e r M a n u a l
N E T W O R K T I M E P R O T O C O L ( N T P )
IMPORTANT
Handling of the
/etc/ntp.keys
file is the weak link in the MD5 authentication scheme. It is very impor-
tant that it is owned by
root
and not readable by anyone other than
root
.
After transferring the file by
ftp
, and placing it in the
/etc
directory on the client computer, issue
these two commands at the shell prompt:
chown root.root /etc/ntp.keys
chmod 600 /etc/ntp.keys
Configure NTP
You must edit the
ntp.conf
file which
ntpd
, the NTP daemon, looks for by default in the
/etc
directo-
ry. Assuming that you have created two trusted keys as shown in
Configuring the NTP Server Using
the Network Interface or Serial Port
above, add these lines to the end of the
ntp.conf
file:
keys /etc/ntp.keys
trustedkey 1 2
Modify the line added previously in
Unix-like Platforms: Basic NTP Client Setup
so that authenti-
cation will be used with the Sonoma server using one of the trusted keys, in this example, key # 1:
server 192.168.1.120 key 1
Restart
ntpd
to have it begin using the Sonoma server with MD5 authentication. Use the NTP utility
ntpq
to check that
ntpd
is able to communicate with the Sonoma. After issuing the command
ntpq
you will see the
ntpq
command prompt:
ntpq>
Use the command
peers
to display the NTP peers which your computer is using. One of them should be the Sonoma server
which you have just configured. You should verify that it is being ‘reached’. (You may have to con-
tinue issuing the peers command for a minute or two before you will see the ‘reach’ count increment.)
You can verify that authentication is being used by issuing the command
associations
to display the characteristics of the client server associations. In the “auth” column of the display,
you should see “OK” for the row corresponding to the Sonoma server. If you see “bad”, you should
wait a few minutes to be sure that there is a problem since “bad” is the initial state of this setting. If
the “bad” indication persists then you must check your configuration for errors. Typically this is due
to a typing error in creating the
/etc/ntp.keys
file on the client that causes a mismatch between the
keys being used by the server and client. (If you transfer the file by
ftp
or
scp
, this shouldn’t be a
Summary of Contents for Sonoma D12
Page 2: ......
Page 20: ...S o n o m a U s e r M a n u a l 4 C H A P T E R O N E This page intentionally left blank...
Page 32: ...S o n o m a U s e r M a n u a l 16 C H A P T E R T W O This page intentionally left blank...
Page 48: ...S o n o m a U s e r M a n u a l 32 C H A P T E R T H R E E This page intentionally left blank...
Page 70: ...S o n o m a U s e r M a n u a l 54 C H A P T E R S I X This page intentionally left blank...
Page 82: ...S o n o m a U s e r M a n u a l 66 C H A P T E R S E V E N This page intentionally left blank...
Page 104: ...S o n o m a U s e r M a n u a l 88 C H A P T E R N I N E This page intentionally left blank...
Page 128: ...S o n o m a U s e r M a n u a l 112 A P P E N D I X A This page intentionally left blank...
Page 138: ...S o n o m a U s e r M a n u a l 122 A P P E N D I X B This page intentionally left blank...
Page 160: ...S o n o m a U s e r M a n u a l 144 A P P E N D I X G This page intentionally left blank...
Page 166: ...S o n o m a U s e r M a n u a l 150 A P P E N D I X H...
Page 167: ...151 S o n o m a U s e r M a n u a l S P E C I F I C AT I O N S...
Page 168: ...S o n o m a U s e r M a n u a l 152 A P P E N D I X H This page intentionally left blank...
Page 171: ......