MD5 Authentication for NTP Servers and Clients

MD5 authentication is available for Masterclock NTP servers and network clocks  via WinDiscovery. MD5 keys are used for authentication only, not encryption. The purpose of the keys is to ensure a client it is receiving NTP time stamps from ONLY the intended server. MD5 keys must be printable ASCII characters and can be up to 15 characters in length. There are no minimum requirements for the complexity of the key.

MD5 in a Masterclock NTP server

  • In WinDiscovery open the Device Settings window. 
  • Click Output Control at top left.
  • Click NTP Server on next pane. 
  • Click NTP Server Authentication Settings near bottom of next pane. The window for MD5 key settings appears.

NOTE:

  • Enter the keys you want to use in the server. Multiple boxes can be checked as Trusted/Allowed. 
  • You can enter multiple keys, but only enable certain keys available at any given time.
  • To enable MD5 check the box Enable MD5 Authentication for client request. After MD5 authentication is enabled, the server will still respond to non-authenticated NTP requests. 
  • If you want the server to ignore non-authenticated requests then check the box Ignore Request if not authenticated.

 

MD5 in a Masterclock NTP client

  • In WinDiscovery open the Device Settings window. 
  • Click Input Control at top left.
  • Click NTP Client on next pane. 
  • Click NTP Client Authentication Settings near bottom of next pane. The window for MD5 key settings appears. 

NOTE:

  • Enter the keys you want to use in the client. Multiple boxes can be checked as Trusted/Allowed. This allows you to enter multiple keys but only have certain keys available at any given time.
  • Out of the keys marked as being Trusted/Allowed, you must select which key to use for NTP synchronization.
  • MD5 is enabled by checking the box Enable MD5 Authentication. 
  • Normally, you will also want to check the box Ignore Response if not authenticated.