@ -1,4 +1,4 @@
.\" $OpenBSD: ntpd.conf.5,v 1.39 2019/11/10 18:46:53 deraadt Exp $
.\" $OpenBSD: ntpd.conf.5,v 1.40 2019/11/10 19:28:34 deraadt Exp $
.\"
.\"
.\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
.\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
.\"
.\"
@ -146,6 +146,7 @@ A server with a weight of 5, for example,
will have five times more influence on time offset calculation
will have five times more influence on time offset calculation
than a server with a weight of 1.
than a server with a weight of 1.
.It Xo Ic server Ar address
.It Xo Ic server Ar address
.Op Ic trusted
.Op Ic weight Ar weight-value
.Op Ic weight Ar weight-value
.Xc
.Xc
Specify the IP address or the hostname of an NTP
Specify the IP address or the hostname of an NTP
@ -169,7 +170,19 @@ server ntp.example.org weight 1
To provide redundancy, it is good practice to configure multiple servers.
To provide redundancy, it is good practice to configure multiple servers.
In general, best accuracy is obtained by using servers that have a low
In general, best accuracy is obtained by using servers that have a low
network latency.
network latency.
.Pp
The
.Ic trusted
keyword indicates the server is connected closely on a secure network such that
NTP packets cannot be injected as man-in-the-middle attacks.
NTP packets from these servers are considered truthful without validation
by
.Ic constraints .
This is useful for boot-time correction in environments where
.Ic constraints
cannot be used.
.It Xo Ic servers Ar address
.It Xo Ic servers Ar address
.Op Ic trusted
.Op Ic weight Ar weight-value
.Op Ic weight Ar weight-value
.Xc
.Xc
As with
As with