Authenticated NTP still indicating that is in syn when it is not

Solution Unverified - Updated -

Issue

  • Authenticated NTP is configured using pre shared symetric keys: https://access.redhat.com/site/solutions/393663.
  • It works as expected but if a man in the middle attack is simulated by changing the key on the upstream ntp device (Cisco), RHEL ntp client continues to indicate that it is syncing without problems.
  • There are no indications in syslog and ntpq -p still shows the asterix "*" next to the upstream device.
  • In ntpq -c as the condition field does switch from sys.peer to rejected:
ind assID status  conf reach auth condition  last_event cnt
===========================================================
  1  6620  e033   yes   yes   ok     reject  lost reach  3

Environment

  • Red Hat Enterprise Linux
  • Network Time Protocol (NTP)
  • Cisco as NTP server

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content