ntpv4 steps for AES128CMAC authentication
Shamsher singh
meetshamsher at gmail.com
Mon Jun 14 17:27:57 UTC 2021
Hi,
I have taken latest NTPv4 from https://www.freshports.org/net/ntp/ <https://www.freshports.org/net/ntp/>
I am able to test MD5 and SHA authentication. But not able to test AES128CMAC.
For all test used below parts:
Added keys for MD5, SHA1 and AES128MAC
Ref: used from http://doc.ntp.org/current-stable/keygen.html <http://doc.ntp.org/current-stable/keygen.html>
Example:
1 MD5 <xyz>
2 SHA1 <Xyz>
3 AES128CMAC <XYZ>
...
at /etc/ntp.keys in client and /etc/ntp/keys in server.
I am able to see authentication working fine for Md5 and SHA1 using
ntpdate -d -a 1 <ntp server ip> --> working fine
ntpdate -d -a 2 <ntp server ip> --> working fine
ntpdate -d -a 3 <net server ip> --> fails
The 1st two passes easily but 3rd one fails for AES128CMAC.
It seems i am missing something here to test/validate it.
Can you please tell/guide me the steps how can i test it?
I am using below NTP version :
# ntpd --version
ntpd 4.2.8p15 at 1.3728-o <mailto:4.2.8p15 at 1.3728-o> Wed Jun 2 11:00:34 UTC 2021 (1)
Thanks & regards
Shamsher
More information about the freebsd-security
mailing list