Crypto, passwords

Hal Murray hmurray at
Thu Jan 11 06:25:45 UTC 2018

>> When I use ntpq from Classic, I'm never prompted for a password.  I'm not
>> sure if it's reading the key from /etc/ntp.keys on my behalf or not.

>> Are you modifying things, or just looking?
>> For example, ntpq -p doesn't require a password.

> I only run ntpq -p and other read-only operations.


You can read most things without a password, so I'm not surprised that it 
isn't asking for one.

There are a few things that require a password to read.  I haven't looked 
carefully.  I assume they might provide hints to somebody with evil 

There is another possibility here.  If you try to do something that requires 
a password, it could give you an error message and let you figure out how to 
tell it the password,  Or it could lead you by the hand and ask you for the 
keyid, digest type, and password.  If you are looking at localhost, it can 
skip the keyid if it can read /etc/ntp.conf and skip the digest and password 
if it can read /etc/ntp/ntp.keys.

These are my opinions.  I hate spam.

More information about the devel mailing list