Re: Fwd: [chrony-users] ntp symmetric auth for internal clients

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]

To: chrony-users@xxxxxxxxxxxxxxxxxxxx
Subject: Re: Fwd: [chrony-users] ntp symmetric auth for internal clients
From: Ede Wolf <listac@xxxxxxxxxxxxxxxx>
Date: Tue, 3 Sep 2024 09:44:34 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nebelschwaden.de; s=1687803001; t=1725349475; bh=1/lcn+QCpTmxBx6CUfCmM5bjDUWQ5HDP3TmWqLbqnFU=; h=Date:Reply-To:Subject:To:References:From:In-Reply-To:From; b=Tudeja7NHkpLrTnvCC9pM9bRiTBr9B/6z4xqje8MF0zIf69kBhwEWqY3syOXucTjV FkKbHtSSASMHBPZUuFByV/epbDJeH/+NwsPmPyE7Ot1rdyU/j4w9yvcb1uBsoJglBG mhta/7MUSqd2HcwSycQfNVsQx1e8m3HJTVPcOSMdw3BTmj2DIluYOvRNcKnbIGt/Pq EvLvjh5rKWDfKFq8G7T+X7yyA/FuiCkQvuLKr2JlVKgCwLvS1u5/0HC5Fqa3yx7sOE N4PoPf1aGoeCNgSbgooBruRYRD/8iNXcBvPGdNt33ps4Iou1aXMLZhZRSnSxhCCMcM tkgpphYsgjskg==

Am 02.09.24 um 14:41 schrieb Miroslav Lichvar:

On Mon, Sep 02, 2024 at 02:31:03PM +0200, Ede Wolf wrote:

As for specifying the key on the client side, that is exactly what I have
done, still ntpd claims auth = bad

The issue seemd to be sha1, as using a md5 key, something I have avoided so
far, makes everything work.


It might be an issue with ntpd using different keys than what you
expect. ntpd interprets shorter keys as ASCII and longer as HEX. With
chrony you have to tell what it is.

If unsure, try this conversion script:
https://github.com/mlichvar/ntp2chrony

Again, thanks very much for your time and help. chronyc keygen showedthe proper syntax as well. As you mentioned, defining the type worked,so simply adding HEX: before the sha1 key (and removing the comments atthe end) made everything work with sha1 keys again.

--

To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxxwith "unsubscribe" in the subject.For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxxwith "help" in the subject.

Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

References:
- Fwd: [chrony-users] ntp symmetric auth for internal clients
  - From: Ede Wolf
- Re: Fwd: [chrony-users] ntp symmetric auth for internal clients
  - From: Miroslav Lichvar

Messages sorted by: [ date | thread ]
Prev by Date: [chrony-users] chrony-4.6 released
Next by Date: [chrony-users] Integrating SOCK and PPS refclocks using custom application
Previous by thread: Re: Fwd: [chrony-users] ntp symmetric auth for internal clients
Next by thread: [chrony-users] chrony-4.6 released

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/