Testing NTPSec with NTS

Hal Murray hmurray at megapathdsl.net
Fri Mar 22 01:03:03 UTC 2019


> No rest for the helpful: How do I check if I am an NTS server?

The real check is that somebody can connect to your server.

Other maybe helpful sources of info:

netstat -tl

Should show:
tcp        0      0 0.0.0.0:ntp             0.0.0.0:*               LISTEN     
tcp6       0      0 [::]:ntp                [::]:*                  LISTEN     


There should be a few messages in the log file during initialization.

21 Mar 13:56:43 ntpd[705]: NTSs: starting NTS-KE server listening on port 123
21 Mar 13:56:43 ntpd[705]: NTSs: loaded certificate (chain) from /etc/ntp/hgm.example.com.cert-chain.pem
21 Mar 13:56:43 ntpd[705]: NTSs: loaded private key from /etc/ntp/hgm.example.com.key.pem
21 Mar 13:56:43 ntpd[705]: NTSs: Private Key OK
21 Mar 13:56:43 ntpd[705]: NTSs: OpenSSL security level is 1
21 Mar 13:56:43 ntpd[705]: NTSs: listen4 worked
21 Mar 13:56:43 ntpd[705]: NTSs: listen6 worked
21 Mar 13:56:43 ntpd[705]: NTSc: Using system default root certificates.


-- 
These are my opinions.  I hate spam.





More information about the devel mailing list