HTTP/HTTPS
W
EB
GUI
–
W
EB
B
ROWSER
C
ONFIGURATION
I
NTERFACE
8029HEPTA-V2/GPS GPS - NTP Time Server with LAN Interface - V08.00
78 / 130
hopf
Elektronik GmbH
Nottebohmstr. 41
• D-58511 Lüdenscheid • Tel.: +49 (0)2351 9386-86 • Fax: +49 (0)2351 9386-93 • Internet: http://www.hopf.com • E-Mail: [email protected]
8.3.3.8 Symmetric Key
8.3.3.8.1 Why Authentication?
Most NTP users do not require authentication as the protocol contains several filters (for bad
time).
Despite this, however, the use of authentication is common. There are certain reasons for this:
•
Time should only be used from safe sources
•
An attacker broadcasts false time signals
•
An attacker poses as another time server
8.3.3.8.2 How is Authentication used in the NTP Service?
Client and server can execute an authentication whereby a code word is used on the client
side and a restriction on the server side.
NTP uses keys to implement the authentication. These keys are used when data are
exchanged between two machines.
In principle both sides must know this key. The key can generally be found in the
"*.*/etc/ntp.keys" directory. It is unencrypted and hidden from public view. This means that the
key has to be distributed on a safe route to all communication partners. The key can be
downloaded for distribution under "Downloads / Configuration Files" on the DEVICE tab. It is
necessary to be logged in as "Master" in order to access this.
The keyword key of a client’s ntp.conf determines the key that is used to communicate with
the designated server (e.g. the Time Server 8029HEPTA/GPS). The key must be reliable if
time is to be synchronised. Authentication causes a delay. This delay is automatically taken
into account and adjusted in the current versions.