NTP Authentication

Enhanced PTP User Guide (UG1602)

Document ID
UG1602
Release Date
2023-04-07
Revision
1.1 English

Before sfptpd can query the local NTP client, it is necessary to setup symmetric key authentication parameters in the NTP daemon configuration files and in the sfptpd configuration file.

Identical authentication integer and string values must appear in these files. The integer value is any positive integer.

The maximum length of the authentication string for an M type key (MD5) should be 31 ASCII characters, but this might not be supported on earlier NTP versions. Some systems support up to a maximum 20 character string. Special chars should be escaped with a \ symbol. There can be no spaces in the authentication string.

In the following example we use the following authentication values:

5 abcdefghijklmnopqrst
  1. In the sfptpd config file:
    [ntp_fallback]
    ntp_key 5 abcdefghijklmnopqrst
    In the above example ntp_fallback is the name of the NTP sync module instance.
  2. In the /etc/ntp.conf file:
    # Key file containing the keys and key identifiers used when operating
    # with symmetric key cryptography.
    keys /etc/ntp/keys
    # Specify the key identifiers which are trusted.
    trustedkey 5
    # Specify the key identifier to use with the ntpdc utility.
    requestkey 5
    In the above example, the integer value is the same value as specified in the sfptpd config file.
  3. In the /etc/ntp/keys file:
    # id    type    key
    5       M       abcdefghijklmnopqrst
    In the above example, the integer value and string are identical to the values specified in the sfptpd configuration file.