mibere
January 6, 2024, 2:32pm
1
Hi all,
I run chrony 4.5 with enabled NTS. Ports 123/udp and 4460/tcp are opened in the firewall.key / keyfile parameter in chrony.conf.
The output of
chronyc serverstats
shows
NTS-KE connections accepted: 11
NTS-KE connections dropped : 0
Authenticated NTP packets : 0
Is something wrong with my configuration or is it correct that Authenticated NTP packets is zero? Because according to the documentation
Authenticated NTP packets: The number of received NTP requests that were authenticated (with a symmetric key or NTS)
You have a valid certificate?
mibere
January 6, 2024, 3:29pm
3
I hope so
A client (also chrony 4.5) is configured with
server myserver nts iburst
can connect to the server (Reach is 377), chronyc authdata on the client shows
Name/IP address Mode KeyID Type KLen Last Atmp NAK Cook CLen
=========================================================================
myserver NTS 1 30 128 49h 0 0 8 64
and chronyc ntpdata on the client
NTP tests : 111 111 1111
Authenticated : Yes
Both, client and server, have no errors in chrony log.
It’s a bug. It counts requests that trigger a KoD response (NTS NAKs) instead of those that pass the authentication check.
mibere
January 6, 2024, 4:29pm
5
Thanks for the info, Miroslav. Then we hope there will be a fix.
