|Summary:||Network Time Security|
|Product:||[Fedora] Fedora||Reporter:||Ben Cotton <bcotton>|
|Component:||Changes Tracking||Assignee:||Miroslav Lichvar <mlichvar>|
|Status:||CLOSED CURRENTRELEASE||QA Contact:|
|Version:||33||CC:||bcotton, mkolman, thozza|
|Fixed In Version:||Doc Type:||If docs needed, set a value|
|Doc Text:||Story Points:||---|
|Last Closed:||2020-10-27 14:47:46 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
|Bug Depends On:||1872624|
Description Ben Cotton 2020-05-12 14:26:44 UTC
This is a tracking bug for Change: Network Time Security For more details, see: https://fedoraproject.org/wiki/Changes/NetworkTimeSecurity Support for the Network Time Security (NTS) authentication mechanism in the NTP client/server (chrony) and installer (anaconda).
Comment 1 Miroslav Lichvar 2020-07-16 09:37:12 UTC
Pull request for NTS support in anaconda: https://github.com/rhinstaller/anaconda/pull/2738
Comment 2 Ben Cotton 2020-08-11 14:42:27 UTC
Branching F33 Change Tracker bugs. Today is the code complete (testable) deadline. All bugs should be at least in MODIFIED state by now to indicate they are testable.
Comment 3 Miroslav Lichvar 2020-08-11 14:50:26 UTC
A chrony 4.0 prerelease with enabled NTS support is in rawhide. It doesn't use the newly assigned port for NTS-KE (4460) by default yet. An update to another prerelease and then final release is expected before Fedora 33 is released. NTS support in anaconda was added in version 33.24.
Comment 4 Miroslav Lichvar 2020-08-26 09:09:33 UTC
chrony was updated to the latest prerelease, which uses the new NTS-KE port by default. Everything should be working as expected. selinux-policy needs an update to allow connecting and binding to the port (bug #1872624).
Comment 5 Ben Cotton 2020-08-27 01:11:57 UTC
Yesterday we reached the Code complete (100% code complete) deadline for Fedora 33 Changes. If your Change is complete, please set this tracking bug to ON_QA. If you need to defer this Change to Fedora 34, please let NEEDINFO me. As a reminder, we are now in the Beta Freeze. If you need to land package updates, please propose it as a Freeze Exception at https://qa.fedoraproject.org/blockerbugs/propose_bug
Comment 6 Miroslav Lichvar 2020-10-08 09:14:02 UTC
The final chrony-4.0 is now in updates testing.
Comment 7 Ben Cotton 2020-10-27 14:47:46 UTC
Closing tracking bugs for F33. If your change didn't make it into F33 for some reason, please reopen this and NEEDINFO me.