Authentication in ntpq

James Browning jamesb192 at jamesb192.com
Mon May 23 18:40:20 UTC 2022


Hal Murray <halmurray at sonic.net> wrote:
> Some commands in ntpq require authentication.
 
> I just tried it, and it wants an MD5 password. MD5 is way old. Is there a way to switch to AES?
 
The default is set to MD5 in ntpq:69 and packet.py:729; might I suggest updating it to 'AES-256' or "SHA{,3-}512"? They would get truncated until (presumably) NTPv5 comes in and replace the authentication trailer with an extension.
 
The keytype command(?) is also available via ntpq -c "keytype AES-256" and the 'keyid' command to go with it. Help is in the usual places.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20220523/f08ba8d4/attachment.htm>


More information about the devel mailing list