Bah...I did miss a press release
- From: "Wayne Pinette" <Wpinette@xxxxxx>
- Date: Wed, 12 Apr 2006 10:04:43 -0700
Ok, my bad, more googling (less lazy googling) revealed the answer :
Only use restrict notrust if you are using crypto. notrust probably
means something other than what you expect. See 184.108.40.206. Problems with
'notrust' option on a LAN for more information.
The behavior of notrust changed between versions 4.1 and 4.2.
In 4.1 (and earlier) notrust meant "Don't trust this host/subnet for
In 4.2 (and later) notrust means "Ignore all NTP packets that are not
cryptographically authenticated." This forces remote time servers to
authenticate themselves to your (client) ntpd. See ConfiguringAutokey
for information about configuring NTP Authentication.
Sorry for the bandwidth :-)
redhat-list mailing list