faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add recommendation on password security to keyfile description

Browse source
This commit is contained in:
Miroslav Lichvar 2013-05-21 14:02:45 +02:00
parent 1c901b82dc
commit d510154ba2
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
chrony.texi.in
View file

@ -1755,6 +1755,10 @@ password can be encoded as a string of characters not containing a space with
optional @code{ASCII:} prefix or as a hexadecimal number with @code{HEX:} optional @code{ASCII:} prefix or as a hexadecimal number with @code{HEX:}
prefix. prefix.
For maximum security, it's recommended to use SHA1 or stronger hash function.
The passwords should be random and they should be as long as the output size of
the configured hash function, e.g. 160 bits with SHA1.
The ID for the chronyc authentication key is specified with the commandkey The ID for the chronyc authentication key is specified with the commandkey
command (see earlier). The command key can be generated automatically on command (see earlier). The command key can be generated automatically on
start with the @code{generatecommandkey} directive. start with the @code{generatecommandkey} directive.