[ntp:questions] NTP Autokey authentication issue.

prerak jainprerak at gmail.com
Thu May 22 09:04:08 UTC 2014


I am trying to create a NTP client-server setup using Autokey authentication for server validations. I have followed the instruction on link http://support.ntp.org/bin/view/Support/ConfiguringAutokey to setup client and server on NTP 4.2.6 . The setup I had created is working in some unexpected manner. 

I had created server and client certificates using ntp-keygen as mentioned in the above link. I have edited the client's ntp.conf to use autokey to authenticate server. As mentioned in the above link, I have to copy the server key to client for authentication to work, but while testing I have found that client is able to verify the server even if I do not copy the server certificate on the client. The result for "ntpq -c as" show auth field "ok" for the server and ntpq -c "rv 0 certs" shows the server certificate bindings. 

Can someone explain me why NTP is able to verify server without copying the server certificate on client ? 
If this is not the expected behavior, what are the changes I have to make in the configuration to get it working correctly. 

Thanks, 
Prerak



More information about the questions mailing list