[ntp:questions] NPT Autokey authentication issue

jainprerak at gmail.com jainprerak at gmail.com
Thu May 22 09:01:56 UTC 2014

I am trying to create a NTP client-server setup using Autokey authentication for server validations. I have followed the instruction on link http://support.ntp.org/bin/view/Support/ConfiguringAutokey to setup client and server on NTP 4.2.6 . The setup I had created is working in some unexpected manner.

I had created server and client certificates using ntp-keygen as mentioned in the above link. I have edited the client's ntp.conf to use autokey to authenticate server. As mentioned in the above link, I have to copy the server key to client for authentication to work, but while testing I have found that client is able to verify the server even if I do not copy the server certificate on the client. The result for "ntpq -c as" show auth field "ok" for the server and ntpq -c "rv 0 certs" shows the server certificate bindings.

Can someone explain me why NTP is able to verify server without copying the server certificate on client ?
If this is not the expected behavior, what are the changes I have to make in the configuration to get it working correctly.


More information about the questions mailing list