# on the client this is all we need:
if [ -x /usr/sbin/ntp-keygen ] ; then
[ -d "$KEYSDIR" ] || install -d -o root -g ntp -m 770 "$KEYSDIR"
- ( cd "$KEYSDIR" && RANDFILE=/dev/urandom /usr/sbin/ntp-keygen -I -H -c RSA-SHA1 -m 1024 )
+ ( cd "$KEYSDIR" && RANDFILE=/dev/urandom /usr/sbin/ntp-keygen -I -H -c RSA-SHA256 -m 2048 )
fi
fi