Crypto, passwords

Hal Murray hmurray at
Fri Jan 5 09:32:24 UTC 2018

Does anybody use shared keys between NTP servers?

The keys file format is text for MD5 and hex for all others.

ntpkeygen makes 10 MD5 and 10 SHA1 keys.

MD5 is no longer considered safe.
Is SHA1 considered safe?  What other types should we test and/or suggest 
people use?

ntpq needs a password to modify things.  (and examine some things)

I don't use passwords with ntpq.  It's got code to read the local keys file 
and if looking at localhost, it looks in ntp.conf to find the control key.  I 
assume you can type in a password.  Can you type in hex passwords?  Is there 
a standard recipe for converting a text password to hex?

Should we fix the code that reads keys to allow text for other types than MD5?

These are my opinions.  I hate spam.

More information about the devel mailing list