[ntp:questions] NTP with Authkey working only when ntpd started as root??

Ulrich Windl Ulrich.Windl at RZ.Uni-Regensburg.DE
Tue Sep 11 12:34:20 UTC 2007


I guess the root jail in which ntpd runs lacks the ntp.keys file. For SLES you
can configure additional files that should bee in the root jail; for Redhat I
don't know.

Ulrich

"Richard B. Gilbert" <rgilbert88 at comcast.net> writes:

> Mike Toler wrote:
> > I have several blades in a server that need to timesync off of another
> > server.
> > I've setup the authkey information correctly and if I start the ntpd on
> > the client blade WITHOUT using the authkey code, it starts up and syncs
> > with the time server no matter how I start the daemon (i.e. start as
> > root from command line, or start as ntp:ntp from redhat init.d).
> > When I add the "authkey" tag for the server in the ntp.conf file, and
> > start as root, everything works fine.  The client authenticates with the
> > server,  "ntpq -c lpeer" shows low jitter and eventually, the "ntpq -c
> > as" shows the status of "sys.peer".
> > But if I let the redhat daemon controller start he process (or if I
> > start it by hand with "-u ntp:ntp"), it never syncs up.  I see the
> > following when I add in the "-d" command line options (IPs changed to
> > mask the guilty :-)
> > Using Wireshark, the IFF Ack message from the Server arrives back to the
> > client machine (i.e. I see it on the interface) but it never gets back
> > to the process itself.
> >
> 
> Does ntpd have read access to the keys file when not running as root?




More information about the questions mailing list