NTP Authentication Testing
NTP Authentication Testing
NTP authentication is not the same as NTP encryption. NTP (Network Time Protocol) authentication uses symmetric keys such as MD5 or SHA message digests to add a cryptographic checksum (message authentication code) to the request packet. The server uses the shared key to verify that the request came from an authorized client before replying. However, the reply itself is neither authenticated nor encrypted, and no cryptographic proof is included in the server’s response. This means an attacker can still forge replies or replay old responses, because the client has no way to verify that a response came from the legitimate server. In other words, traditional authentication provides only limited protection and does not ensure confidentiality or strong integrity of the time data. If secure time synchronization is needed, modern NTP deployments should use NTS (Network Time Security) where available, as it provides robust encryption and authentication specifically designed for NTP.
Please log into the web browser on your time server and go to the NTP Keys section. You can find it under the NTP menu.
In the NTP Keys File editable area, please enter the following information:
1 MD5 KeyForMD5
2 SHA1 KeyForSHA1
3 SHA256 KeyForSHA256
4 SHA384 KeyForSHA384
5 SHA512 KeyForSHA512
Then click the Update Keys button.
Now go to NTP Customisation, which is also under the NTP menu.
In the NTP Customisation File editable area, please enter the following information:
trustedkey 1 2 3 4 5
controlkey 1
The next piece of information to enter in the NTP Customisation File editable area needs to be adjusted to match your network. For example:
restrict 192.168.0.0 mask 255.255.0.0 limited
restrict 192.168.0.0 mask 255.255.0.0 auth
These lines will work if your time server and clients are on the 192.168.x.x network.
Finally, click the Update button.
Now you can use the software in the link to test NTP authentication.
Related Articles
NTP Checker
https://www.galsys.co.uk/download/ntpchecker.exeFirmware Updates - NTS-6000 Series
Software Upgrade Instructions for NTS-6002 If you are using an NTS-6002 time server running software version 12 #11, you can apply the following software patch to upgrade to version 13 #191. Important: Before proceeding with the major version ...GalleonOS V13 Patch Notes
GalleonOS Version 13 - Patch Notes Current Firmware Download: https://firmware.galleonos.io/ Note: Only publicly released versions are listed below. Versions not shown were used for internal development and testing purposes. Version 13 #318 Updated ...NTS-6001 Manuals
NTS-6001 ManualsTimeSync Manual
TimeSync Manual