Ok, my bad, more googling (less lazy googling) revealed the answer : From: http://ntp.isc.org/bin/view/Support/AccessRestrictions#Section_6.4.3.1. Only use restrict notrust if you are using crypto. notrust probably means something other than what you expect. See 6.4.3.2. Problems with 'notrust' option on a LAN for more information. The behavior of notrust changed between versions 4.1 and 4.2. In 4.1 (and earlier) notrust meant "Don't trust this host/subnet for time". In 4.2 (and later) notrust means "Ignore all NTP packets that are not cryptographically authenticated." This forces remote time servers to authenticate themselves to your (client) ntpd. See ConfiguringAutokey for information about configuring NTP Authentication. Sorry for the bandwidth :-) Wayner -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
