Fortigate client not able to sync with chrony when using SHA symmetric key

Solution In Progress - Updated -

Issue

  • There is no reply from the RHEL NTP server when using a FortiGat device with SHA key.
  • The authentication fails, as showed in chrony debug log:
Jun 27 13:36:12 localhost chronyd[2555001]: 2025-06-27T08:06:12Z D:socket.c:795:(log_message) Received message from <clientIP>:123 to <serverIP> fd=5 len=72 if=2 tss=K
Jun 27 13:36:12 localhost chronyd[2555001]: 2025-06-27T08:06:12Z D:ntp_io.c:460:(process_message) Updated RX timestamp delay=0.000062026 tss=1
Jun 27 13:36:12 localhost chronyd[2555001]: 2025-06-27T08:06:12Z D:clientlog.c:574:(CLG_LogServiceAccess) service 0 hits 96965 rate -16 trate -128 tokens 0
Jun 27 13:36:12 localhost chronyd[2555001]: 2025-06-27T08:06:12Z D:ntp_core.c:2707:(NCR_ProcessRxUnknown) NTP packet failed auth mode=1 kod=0

Environment

Red Hat Enterprise Linux (RHEL) 8
chrony-4.5-2.el8_10

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content