Bug #16058
closed
NTPD issue with authenticated update since upgrade
0%
Description
Hi there,
I have happily setup authenticated NTPD using a sha256 key a while ago, and it was working quite happily (I was on 24.08). Last week I upgraded, and last night one of my servers refused to auth, refused TOTP tokens etc.... So I investigated and found out that server (as others) was not getting time from my pfsense. The log I get is:
Feb 19 05:03:28 ntpd 39338 MAC decrypt: MAC length error: 24 not 36 for key 1
Feb 19 05:03:01 ntpd 39338 MAC decrypt: MAC length error: 24 not 36 for key 1
If I disable authenticated NTP, the spamming stops and my devices can get time. I use Chrony as a client on my servers
Updated by Marcos M 3 months ago
- Status changed from New to Rejected
The authenticated NTP feature was implemented with pfSense+ 24.11. It may be that the configuration applied during the 24.08 development snapshots are not supported. If you are able to reproduce the issue starting from a fresh 24.11 configuration, detail the exact steps taken along with the relevant config.xml sections (redacted as needed). Please open a thread on the forum for further discussion.