This is a tracking bug for Change: Network Time Security For more details, see: https://fedoraproject.org/wiki/Changes/NetworkTimeSecurity Support for the Network Time Security (NTS) authentication mechanism in the NTP client/server (chrony) and installer (anaconda).
Pull request for NTS support in anaconda: https://github.com/rhinstaller/anaconda/pull/2738
Branching F33 Change Tracker bugs. Today is the code complete (testable) deadline. All bugs should be at least in MODIFIED state by now to indicate they are testable.
A chrony 4.0 prerelease with enabled NTS support is in rawhide. It doesn't use the newly assigned port for NTS-KE (4460) by default yet. An update to another prerelease and then final release is expected before Fedora 33 is released. NTS support in anaconda was added in version 33.24.
chrony was updated to the latest prerelease, which uses the new NTS-KE port by default. Everything should be working as expected. selinux-policy needs an update to allow connecting and binding to the port (bug #1872624).
Yesterday we reached the Code complete (100% code complete) deadline for Fedora 33 Changes. If your Change is complete, please set this tracking bug to ON_QA. If you need to defer this Change to Fedora 34, please let NEEDINFO me. As a reminder, we are now in the Beta Freeze. If you need to land package updates, please propose it as a Freeze Exception at https://qa.fedoraproject.org/blockerbugs/propose_bug
The final chrony-4.0 is now in updates testing.
Closing tracking bugs for F33. If your change didn't make it into F33 for some reason, please reopen this and NEEDINFO me.