From: Miroslav Lichvar Date: Fri, 21 Jun 2013 09:45:44 +0000 (+0200) Subject: Update example config files more X-Git-Tag: 1.28-pre1~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=551541d9c813d4fa3271cb30a36319806ceece4e;p=thirdparty%2Fchrony.git Update example config files more --- diff --git a/examples/chrony.conf.example2 b/examples/chrony.conf.example2 index 6e64c038..4c9e40ba 100644 --- a/examples/chrony.conf.example2 +++ b/examples/chrony.conf.example2 @@ -18,9 +18,13 @@ rtcsync # if the adjustment is larger than 100 seconds. makestep 100 3 -# Allow client access from local network. +# Allow NTP client access from local network. #allow 192.168/16 +# Listen for commands only on localhost. +bindcmdaddress 127.0.0.1 +bindcmdaddress ::1 + # Serve time even if not synchronized to any NTP server. #local stratum 10 @@ -29,6 +33,9 @@ keyfile /etc/chrony.keys # Specify the key used as password for chronyc. commandkey 1 +# Generate command key if missing. +generatecommandkey + # Disable logging of client accesses. noclientlog diff --git a/examples/chrony.keys.example b/examples/chrony.keys.example index d287f3d3..15831740 100644 --- a/examples/chrony.keys.example +++ b/examples/chrony.keys.example @@ -9,21 +9,20 @@ # # Copyright 2002 Richard P. Curnow # -####################################################################### -# A valid key line looks like this - -#1 MD5 HEX:B028F91EA5C38D06C2E140B26C7F41EC - -# The key should be random for maximum security. If you wanted to use the -# above line as your commandkey (i.e. chronyc password) you would put the -# following line into chrony.conf (remove the # from the start): +###################################################################### -# commandkey 1 +# Examples of valid keys: -# A secure command key can be generated and added to the keyfile automatically -# by adding the following directive to chrony.conf: +#1 ALongAndRandomPassword +#2 MD5 HEX:B028F91EA5C38D06C2E140B26C7F41EC +#3 SHA1 HEX:1DC764E0791B11FA67EFC7ECBC4B0D73F68A070C -# generatecommandkey +# The keys should be random for maximum security. If you wanted to use a key +# with ID 1 as your commandkey (i.e. chronyc password) you would put +# "commandkey 1" into chrony.conf. If no commandkey is present in the keys +# file and the generatecommandkey directive is specified in chrony.conf, +# a random commandkey will be generated and added to the keys file +# automatically on chronyd start. # You might want to define more keys if you use the authentication facility # in the network time protocol to authenticate request/response packets between