NTP with authentication
G H
uothrawn at yahoo.com
Fri Jun 14 16:35:27 UTC 2024
I am unable to get NTP peering working with authentication. I ran ntpkeygen to generate ntp.keys and added that file to ntp.conf. I copied the file contents to another host and ran a test with ntpdig. According to tcpdump, the host is not sending a response packet. ntpdig works fine if I do not use the -a or --keyfile arguments.
Anyone have any ideas? Thank you.
On my NTP client host:
$ ntpdig --version
ntpdig ntpsec-1.2.2
$ ntpdig --debug --keyfile=/tmp/ntp.keys -a 1 ntp
ntpdig: querying 10.10.10.10 (ntp)
ntpdig: authenticating with AES-128 key 1
ntpdig: no eligible servers
On my NTP server host:
$ cat ntp.keys
1 AES L`y1he4AK=1-\+vD
2 AES E at EiFG6H;gL>9ES3
3 AES ?_Mp2QH:2uj5ytmV
...
$ cat ntp.conf
driftfile /var/lib/ntpsec/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list
keys /etc/ntpsec/ntp.keys
tos maxclock 11
tos minclock 4 minsane 3
pool 0.debian.pool.ntp.org iburst
restrict default kod nomodify nopeer noquery limited
restrict 127.0.0.1
restrict ::1
More information about the users
mailing list