NTP Authentication, Authentication NTP | Symmetricom S100 instruction

detected. Therefore, the Reference Timestamp will indicate the time at which the timing signal was lost. When the timing signal returns, the Reference Timestamp will be updated.

Originate Timestamp

This is the local time at which the request departed the client host for the service host, in 64- bit time stamp format.

Receive Time stamp

This is the local time at which the request arrived at the service host, in 64-bit time stamp format.

Transmit Time stamp

This is the local time at which the reply departed the service host for the client host, in 64-bit time stamp format.

Authenticator

This field is used to hold a cryptochecksum if authentication has been enabled. Refer to the next section for more information about this mechanism.

Autokey

This field contains various autokey parameter requests and responses if autokey is enabled for the association. These parameters can include signatures, certificates, or other data.

NTP Authentication

NTP authentication enables an NTP client to ensure two things: that the time stamp received has come from a trusted source, and that it has not been modified in transit. Because Symmetricom has extended the authentication method, you can use it to deny service to unauthorized clients who submit NTP time stamp requests.

The NTP protocol includes space for two variables related to authentication: an authentication key identifier field and a cryptochecksum field.

Authentication: NTP v3

The NTP client can operate with both non-authenticated and authenticated servers. This approach uses symmetric-key cryptography. Thus, keys and key identifiers are determined in advance and distributed in traditional ways.

S100 User Guide – Rev. D – June 2005

93

Image 101

Symmetricom S100 manual NTP Authentication, Authentication NTP

Contents

S100 User Guide S100 User Guide Rev. D June Table of Contents Chapter Web-Based Interface TCP/IP Chapter Operations & Time-Protocols Appendix a S100 Specifications 119 Appendix C Appendix E Antenna Replacement 141 Index 143 Chapter How to Go here for the answerIntroduction and Overview Term Definition Conventions Used Global Positioning System GPS Product DetailsTime Standards Stratum Level Significance Stratum LevelsTime Synchronization and Business Country Name of NMI Abbreviation How the S100 Solves the ProblemNational Measurement Institutes Special Safety Instructions Overview S100 TechnologyS100 Product Overview Sources of Time Web-based Access How the S100 Works Time Distribution Model S100 and Client Software S100 and NTP v4’s Security FeaturesS100 and Time Distribution S100 and the Global Positioning System SyncServer S100 Getting Up and Running Installation and ConfigurationUnpacking Your S100 For the S100-Dial-up/ACTS For the S100-GPS For the S100-Dial-up/ACTS For the S100-GPS N c S e rv e r Your CD-ROM PuTTY Folder Details Using the Software PSFTP.EXE PUTTYGEN.EXE Primary Power Connection Installing Your S100Important Safety Instructions Rack Mounting Making All Connections An Overview On the S100 Front Panel Setting Up the Hardware Appendix E on On the S100 Rear Panel Outdoors Installing the GPS AntennaChoosing an Antenna Location Establishing a Serial Connection Installing the GPS antennaConnecting the Rubidium Option 4Connecting the S100 5COM Port Properties Setting Up the IP Address 6Login and Command Line 9IPCONFIG and Ping Screen Testing Network Functionality Normal Turning Off Your S100 Logging On How to Acquire Time System Status Logged Administrator Log-In Next Step Configuration Wizard Choose Your Time Source Dial-up to NISTs Automated Computer Time Service Acts 17Configuring the S100 Time Source GPS Then click Next for the System Information dialog Test Results dialog System Tests Dialog Dialup Settings dialog Setup Complete dialog System Information dialog System Tests dialog Test Results dialog NTP 30System Information fields Click Test Now IRIG-B v.120,122,123 Configuring NTP Dialup Backup dialog 36System Testing options 37Test Results shown Installing SymmTime Using SymmTime SyncServer S100 To Synchronize SymmTime Next Use the Web-Based Interface SyncServer S100 Interface Screen Reference Web-Based Interface Logging Administrative Interface 2Administrative Interface Base Menu Admin Interface Base Menu 3Interface Admin Menu, expanded Administrative Menu Expanded System Status Timing Configuration NTP Relationships 5Configuring New Clients and Servers S100 User Guide Rev. D June NTP Dialup NTP Time Source Test NTP Status NTP Restart SyncServer S100 Advanced ntp.conf 10Viewing the NTP Configuration File 11Obtaining and Generating Keys Certificates Advanced Keys/Certificates Timing Engine Main Settings IRIG-A IRIG-B Timecode Settings Bit Position Meaning if bit value = GPS InformationGPS Health 15GPS Signal Strength GPS Signal Strength GPS Position GPS Time Engine Time Clock SettingsOther Information 20Control Settings Control Settings Model Information Networking S100 User Guide Rev. D June Ping Ifconfig Output Options Traceroute Shutdown/Reboot Administration Restart Web Interface Admin Users Time Zone System Log Configuration Snmp Edit Snmp Configuration 33Setting Alarm Parameters Alarms NTP Log Logs System Log Boot Log Http Log Config Log SyncServer Help HelpNtpd Help Search Ntpd Manual 40Log Off screen Logging Off SyncServer S100 How the S100 Uses the Sysplex Timer Sysplex TimerOperations & Time-Protocols S100 Operations and Time Protocols 41Time Information String Parameters Daytime Protocol RFC Time Protocol RFC NTP Data Format Simple Network Time Protocol RFCNetwork Time Protocol RFC Mode Leap Indicator LIStratum Poll Precision Version Number VN Stratum ModePoll Interval Synchronizing Distance Root Distance Version Authentication NTP NTP Authentication Authentication NTP v4 Autokey Typical NTP Configuration ConsiderationsHow NTP Defines the Authentication Process Public Domain NTP Package Clients Other NTP Considerations Basic NTP Configuration S100 User Guide Rev. D June SyncServer S100 S100 User Guide Rev. D June 43Large Net NTP Configuration 44Large Net NTP Configuration 45Small Net NTP Configuration Security Acts Interface Dial-upPeers Acts Operation Snmp Simple Network Management Protocol Version 106 S100 User Guide Rev. D June Parameter Command Line Flag Snmp.conf token An authenticated and encrypted request example 108 S100 User Guide Rev. D June Questions Frequently Asked QuestionsHow can we obtain NTP client software to use with the S100? What are the main differences between Sntp and NTP clients? How do I check versions of the software in the S100? How does the S100 handle Leap Second? Cable length and Type Antenna How do I know if the satellite signal strength is good? Can the S100 utilize a certificate from an external CA? Does the S100 support NTP v4?How is the interface to the S100 secured? What security functions are provided with the S100? How-to’s and Tips How to install your S100 How to install NTP v4 on a Unix systemHow to get time using dial-up How to get time using GPS How to acquire and install SymmTime How to install your GPS antennaUse the quick How to guide How to change the root password How to get information about NTP SolutionsS100 does not respond to ping command S100 does not respond to NTP queries My S100 won’t track satellites Possible cause of tracking problems How to fix 118 S100 User Guide Rev. D June S100 Data Sheet Specifications S100 SpecificationsAppendix a Component Specifics Description Pin Descriptions Appendix B Time Glossary Cdsa BCDCdma Certificate Authority CA Content FilteringCertificate Extension Certificate Request Dhcp DclsDES SS/NTP DSADSS DTT GPS GMTHtml Http ITU IKEIrig Ldap LANMD5 MIB NOC NistNtms NTP PCI OSIPkcs PKI Mime RSASHA-1 SSL SnmpSSL-LDAP TCP/IP TLS TftpTMC TPC TSP TSATSR UDP/IP VPN UTCW3C WAN 509 v3 Certificate Extension Appendix D Customer AssistanceUS Assistance Center Emea Assistance Center Emeasupport@symmetricom.com Appendix C Declaration of ConformitySymmetricom, Inc Westwind Blvd Santa Rosa, Ca USA Conforms to the Following European Union Directives FCC Appendix E Antenna Replacement 142 S100 User Guide Rev. D June Numerics Index 144 S100 User Guide Rev. D June S100 User Guide Rev. D June 145 Denial of Service DES S100 User Guide Rev. D June 147 Https Irig a 150 S100 User Guide Rev. D June S100 User Guide Rev. D June 151 152 S100 User Guide Rev. D June S100 User Guide Rev. D June 153 154 S100 User Guide Rev. D June S100 User Guide Rev. D June 155 Vault Verification Version Virus VPN W3C Wait time WAN 509 v3 Certificate Extension Coordinate Year 158 S100 User Guide Rev. D June