X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fntp%2Ffiles%2Fetc-default-ntp;h=d5bcb4287245ac8ed0dd52781f10d36061a43e4b;hb=828fd5cab8e07c1dba361e49838294d6df38030d;hp=68df55542fb41d8d8e8ff89a291bd0177c05e13f;hpb=268603a8b57bfbe4480b25e37488f5b1276054ba;p=mirror%2Fdsa-puppet.git

diff --git a/modules/ntp/files/etc-default-ntp b/modules/ntp/files/etc-default-ntp
index 68df55542..d5bcb4287 100644
--- a/modules/ntp/files/etc-default-ntp
+++ b/modules/ntp/files/etc-default-ntp
@@ -7,6 +7,8 @@
 #
 NTPD_OPTS='-g'
 
+rm -vf /var/lib/ntp/ntp.conf.dhcp
+
 #
 # make sure this host already has ntp keys:
 #
@@ -14,7 +16,8 @@ h="`hostname`"
 KEYSDIR="/etc/ntp.keys.d"
 if ! [ -e "$KEYSDIR/ntpkey_cert_$h" ] ||
    ! [ -e "$KEYSDIR/ntpkey_host_$h" ] ||
-   ! [ -e "$KEYSDIR/ntpkey_iff_$h" ]; then
+   (! [ -e "$KEYSDIR/ntpkey_iff_$h" ] &&
+    ! [ -e "$KEYSDIR/ntpkey_iffkey_$h" ]); then
 	# on a "server" we would have to add -T to the ntp-keygen call
 	# and then run something like this:
 	#
@@ -38,6 +41,6 @@ if ! [ -e "$KEYSDIR/ntpkey_cert_$h" ] ||
 	# on the client this is all we need:
 	if [ -x /usr/sbin/ntp-keygen ] ; then
 		[ -d "$KEYSDIR" ] || install -d -o root -g ntp -m 770 "$KEYSDIR"
-		( cd "$KEYSDIR" && RANDFILE=/dev/urandom /usr/sbin/ntp-keygen -I -H -c RSA-SHA1 -m 1024 )
+		( cd "$KEYSDIR" && RANDFILE=/dev/urandom /usr/sbin/ntp-keygen -I -H -c RSA-SHA256 -m 2048 )
 	fi
 fi