Visit The New, Modern Unix Linux Community


NTP Authentication Issues: Help Please!


 
Thread Tools Search this Thread
Operating Systems Linux Red Hat NTP Authentication Issues: Help Please!
# 1  
Wrench NTP Authentication Issues: Help Please!

Hello everyone,

I've been trying to set up NTP authentication between a server and a workstation. Both point to the same NTP server which is on a different physical box with its own IP address. I followed the steps below but I get the following result. How can I get this working?

Expected (on workstation):
Code:
ind  assID  status  conf  reach  auth  condition  last_event  cnt
=================================================================
  1  12345   f123   yes    yes   ok    sys.peer   reachable    1

Result:
Code:
ind  assID  status  conf  reach  auth  condition  last_event  cnt
=================================================================
  1  12345   c000   yes    yes   bad    reject   

Directions followed:
Server Configuration
•	Ensure the following entries are in /etc/ntp.conf
driftfile /var/lib/ntp/drift
restrict 127.0.0.1
restrict -6 ::1
server <ntp.server.com>
broadcast <broadcast/multicast ip> autokey
crypto
includefile /etc/ntp/crypto/pw
keysdir /etc/ntp/
•	Generate the server-side keys
# cd /etc/ntp
# ntp-keygen -T -p password
•	Restart the NTP service
# service ntpd restart
•	Ensure that the service started
# ntpq -p
    remote       refid     st  t  when  poll  reach  delay  offset  jitter
==============================================================================
<brdcst.address> .BCST.    16  u   -     64     0    0.000  0.000   0.000
<ntp.server.com> <refid>     5  u  17     64     377  0.000  0.000   0.000   
Client Configuration
•	Ensure the following entries are in /etc/ntp.conf
driftfile /var/lib/ntp/drift
restrict 127.0.0.1
restrict -6 ::1
crypto
includefile /etc/ntp/crypto/pw
keysdir /etc/ntp/
server <ntp.server.com> autokey
•	Generate the client-side keys
# cd /etc/ntp
# ntp-keygen -H -p clientpassword
•	Restart the NTP service
•	Ensure authenticated NTP is connecting successfully
# ntpq -c as
ind  assID  status  conf  reach  auth  condition  last_event  cnt
=================================================================
  1  12345   f123   yes    yes   ok    sys.peer   reachable    1
Crypto Configuration
•	Sample /etc/ntp/crypto/pw file
# Specify the password to decrypt files containing private keys and identity
# parameters.  This is required only if these files have been encrypted.
#
crypto pw <password>
Diagnostic Steps
Troubleshooting the Configuration
•	For error: "RAND_load_file /root/.rnd not found or empty"
dd if=/dev/urandom of=/root/.rnd bs=512 count=1
•	For error: "crypto_setup: random seed file not found error:"
◦	Add crypto
◦	 randfile /dev/urandom entry to /etc/ntp.conf
•	Important: Ensure that no keys, key directories, or files containing passwords are world readable


Last edited by Scott; 10-30-2013 at 02:18 PM.. Reason: Added code tags

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #720
Difficulty: Medium
Alan Minsky was an adviser on Stanley Kubrick's movie 2001: A Space Odyssey.
True or False?

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

NTP time issue with md5 authentication.

Hi All Appreciate your help. Here is the scenario: 1. Five months back we configured md5 authentication with network devices and NTP server and it worked fine. 2.Last week all of a sudden the network devices are out of sync. 3.We changed the md5 key and it started working. ... (0 Replies)
Discussion started by: iqtan
0 Replies

2. Red Hat

Ntp client sync with local over ntp server

Hi, I have two ntp servers in my cluster and I want all the nodes in my cluster to sync with either of the ntp servers or just one. Unfortunately it keep rotating the sync, between my ntp server 1, ntp server 2 and local. Is there anyway I can change the sync to avoid local? # ntpq -p ... (3 Replies)
Discussion started by: pjeedu2247
3 Replies

3. HP-UX

Setting up NTP HP-UX clients from solaris NTP server

Hi I wonder if its possible to setup NTP clients running HP-UX o.s. from a solaris 10 NTP server? FR (3 Replies)
Discussion started by: fretagi
3 Replies

4. Linux

How often does Linux NTP server update its time with the external NTP server?

All here, thank you for listening. Now I've set up a Linux NTP server by adding a external windows NTP server in /etc/ntp.conf. Then I start the ntpd daemon. But how often does the Linux NTP server update its time with the external NTP server? I've looked up everywhere but found no information... (1 Reply)
Discussion started by: MichaelLi
1 Replies

5. Solaris

SSH and PAM authentication issues on Solaris 10

This is a zone running Solaris 10u8 on a 6320 blade. The global zone is also running 10u8. One my users is attempting to change his password and getting a following screen: $ ssh remotesys Password: Warning: Your password has expired, please change it now. New Password: Re-enter new... (1 Reply)
Discussion started by: bluescreen
1 Replies

6. Red Hat

NTP issues

Hi, I have gone through various sites describing on how to setup NTP and also troubleshooting. Even then, I have problems. It is described as under: My NTP server is running on Windows 2003. It is also a PDC. It gets its time through a GPS based solution. While all my workstations running on XP... (10 Replies)
Discussion started by: jagsrao
10 Replies

7. UNIX for Dummies Questions & Answers

Solaris 10: Cannot ssh into machine- authentication issues

Greetings! I just managed to install Solaris 10 on a Sparc based machine. However, there might be a problem with the way ssh is configured. I CAN ssh from the machine into another on the network (same subnet, as root), but then the newly installed machine CANNOT seem to accept incoming ssh... (2 Replies)
Discussion started by: agummad
2 Replies

8. Solaris

ntp server and ntp client

All, How do you set a Solaris 9 server which received ntp updates from a ntp server to broadcast them on a local subnet. I have created a /etc/inet/ntp.conf file to receive the updates from a server on network and need to make this server become like a ntp relay from the main server. Any... (1 Reply)
Discussion started by: bubba112557
1 Replies

9. IP Networking

Ntp

How can I install ntp on AIX (4.3-5.1) ? thnx (1 Reply)
Discussion started by: Gismo
1 Replies

10. UNIX for Advanced & Expert Users

NTP and 11.i .....

Hi there! Does anybody know if HP-UX 11.i supports NTP? If yes, what version on NTP should be used? Thanx (1 Reply)
Discussion started by: penguin-friend
1 Replies

Featured Tech Videos