0

I have two ubuntu 18.04 machines with ntpd ntpsec-1.1.0+419 installed. The ubuntu-1 has access to public internet and it synchronizes time with ntp pools provided by ubuntu like 0.ubuntu.pool.ntp.org. The ubuntu-2 does not have access to the public internet and it synchronizes time with ubuntu-1. There is a symmetric key created that is used for NTP authentication between ubuntu-1 and ubuntu-2.

Everything is working fine, time is synchronizing and NTP messages are authenticated.

But when I check associations on ubuntu-2 I see auth: bad:

# ntpq -c as ind assid status conf reach auth condition last_event cnt =========================================================== 1 19530 d61a yes yes bad sys.peer sys_peer 1

What does the 'bad' exactly mean in this printout? And what I can do to see 'ok' instead of 'bad'?

ntp.conf on ubuntu-1 (shortened with auth related conf only):

keys /etc/ntp.keys trustedkey 1

ntp.conf on ubuntu-2 (shortened with auth related conf only):

keys /etc/ntp.keys trustedkey 1 server ubuntu-1 key 1

ntp.keyes are same on both nodes:

1 MD5 V?^F@BCwwt)6yqgg7E|,
Improve this question

1 Answer 1

Reset to default
0

It is a known bug in the ntpsec. Ntpq says "bad" in auth column for working servers because ntpd says the server is bad. The bug was reported to ntpsec development in https://gitlab.com/NTPsec/ntpsec/issues/513 and a correction was done in the ntpsec 1.1.3.

The bad actually means that the authentication failed but the information is wrong in ntpsec older than 1.1.3.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.