Operating NTP in a secure manner requires the usage of NTP authentication, refer to my Why should I run own NTP Servers? blogpost. Using the Meinberg LANTIME NTP appliance with NTP authentication is quite simply since it requires just a few clicks. Even adding more and more keys (which requires manual work on any other Linux ntp installation) is done within clicks. That’s the way it should be.
I am using a Meinberg LANTIME M200 with Firmware-Build: 6.24.021 at the time of writing. The first step is to generate keys via: NTP -> NTP Symmetric Keys -> Auto generate keys:
You will get a green information while you can click on the “Edit NTP Keys” button to have a look at the keys. You need to copy them anyway in order to use them in your NTP clients:
The final step is to set the trusted keys, in my case key IDs from 11 to 20, since these are the SHA-1 based ones. Note that I was not able to use the ntp syntax as “(11 … 20)” but needed to put every single number in there. Feature request is pending:
Followed by a “Save Settings” and “Save as startup configuration now” as always.
That’s it. Happy authenticating NTP connections. ;)
In case you need more keys, simply hit the “Auto generate keys” button a few more times. It will generate 10 more MD5 and SHA-1 keys while appending them in the keyfile. Of course you need to trust the new SHA-1 key IDs in the “Local Trusted Keys” section as well.
11 SHA1 c8ea1e9d5496925e12b903945a4d87c93450f37d
12 SHA1 187125a3702a2217e6dc74c847e7c00dc17ca38b
Featured image “Siegel” by Tim Reckmann is licensed under CC BY 2.0.