#
NTPD_OPTS='-g'
+rm -vf /var/lib/ntp/ntp.conf.dhcp
+
#
# make sure this host already has ntp keys:
#
KEYSDIR="/etc/ntp.keys.d"
if ! [ -e "$KEYSDIR/ntpkey_cert_$h" ] ||
! [ -e "$KEYSDIR/ntpkey_host_$h" ] ||
- ! [ -e "$KEYSDIR/ntpkey_iff_$h" ]; then
+ (! [ -e "$KEYSDIR/ntpkey_iff_$h" ] &&
+ ! [ -e "$KEYSDIR/ntpkey_iffkey_$h" ]); then
# on a "server" we would have to add -T to the ntp-keygen call
# and then run something like this:
#
# on the client this is all we need:
if [ -x /usr/sbin/ntp-keygen ] ; then
[ -d "$KEYSDIR" ] || install -d -o root -g ntp -m 770 "$KEYSDIR"
- ( cd "$KEYSDIR" && RANDFILE=/dev/urandom /usr/sbin/ntp-keygen -I -H -c RSA-SHA1 -m 1024 )
+ ( cd "$KEYSDIR" && RANDFILE=/dev/urandom /usr/sbin/ntp-keygen -I -H -c RSA-SHA256 -m 2048 )
fi
fi