Andrew,
I was not even aware of the move from NTP to NTPsec. Thanks for
posting. I should [fully] read the release notes.
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#changes-to-packages-that-set-the-system-clock
5.1.2. Changes to packages that set the system clock
The ntp package, which used to be the default way to set the system
clock from a Network Time Protocol (NTP) server, has been replaced by
ntpsec.
When I did a bit of research I found this comment which seems similar
to your issue (well at least to me it does):
https://forums.debian.net/viewtopic.php?t=156136
/etc/ntpsec/ntp.conf
Re: NTPSec: no servers found error despite finding the server
#3 Post by michael_S » 2023-09-26 13:54
Solved the problem for me. The cause behind this behaviour is the
following line in /etc/ntpsec/ntp.conf
Code: Select all
tos minclock 4 minsane 3
The option minsane 3 implies to (my understanding) that the ntpd wants
at least 3 "good" NTP servers, i.e. servers that somewhat agree. I
changed this to
Code: Select all
tos minclock 4 minsane 2
And now it works for me with 2 NTP servers available. If you only have
a single NTP server, change this to 1 should work - but it naturally
there won't be any redundancy in there.
Last edited by michael_S on 2023-09-26 13:55, edited 1 time in total.
https://docs.ntpsec.org/latest/miscopt.html
minsane _minsane_
Specify the number of servers used by the selection algorithm
as the minimum to set the system clock. The default is 1 for legacy
purposes; however, for critical applications the value should be
somewhat higher (e.g. 3) but less than minclock.
Please let me know if the above solves your problem?
George.
https://docs.ntpsec.org/latest/quick.html
On Tuesday, 24-09-2024 at 06:05 Andrew Wood wrote:
Hi
Is there a way to get MariaDB on Bookworm to log verbosely
everything
to do with connection attempts in order to try and debug why a client
keeps getting error 2026 SSL connection error: protocol version
mismatch?
There is currently nothing being logged on the server other than:
[Warning] Aborted connection 332 to db: 'unconnected' user: 'unauthenticated' host: '192.168.253.231' (This connection closed
normally without authentication)
SHOW GLOBAL VARIABLES LIKE 'tls_version'; gives
TLSv1.1,TLSv1.2,TLSv1.3
and the client is based on a relatively recent version of
libmysqlclient
so Im struggling to understand what is going wrong without some more
detailed logging. I cant find anything in the MariaDB manual.
Thanks
Andrew
<html>
<head>
<style type="text/css">
body,p,td,div,span{
font-size:13px; font-family:Arial, Helvetica, sans-serif;
};
body p{
margin:0px;
}
</style>
</head>
<body><div>Andrew,</div><div><br></div><div>I was not even aware of the move from NTP to NTPsec. Thanks for posting. I should [fully] read the release notes.<br><br><a href="
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.
html#changes-to-packages-that-set-the-system-clock">
https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#changes-to-packages-that-set-the-system-clock</a><br>5.1.2. Changes to packages that set the system clock<br>The ntp
package, which used to be the default way to set the system clock from a Network Time Protocol (NTP) server, has been replaced by ntpsec. <br></div><div><br></div><div>When I did a bit of research I found this comment which seems similar to your issue (
well at least to me it does):</div><div><br></div><div><a href="
https://forums.debian.net/viewtopic.php?t=156136">https://forums.debian.net/viewtopic.php?t=156136</a></div><div>/etc/ntpsec/ntp.conf</div><div><br></div><div><b>Re: NTPSec: no servers found
error despite finding the server</b><br>#3 Post by michael_S » 2023-09-26 13:54<br>Solved the problem for me. The cause behind this behaviour is the following line in /etc/ntpsec/ntp.conf<br>Code: Select all<br>tos minclock 4 minsane 3 <br><br><b>The
option minsane 3 implies to (my understanding) that the ntpd wants at least 3 "good" NTP servers</b>, i.e. servers that somewhat agree. I changed this to<br>Code: Select all<br>tos minclock 4 minsane 2 <br><br>And now it works for me with 2 NTP servers
available. <b>If you only have a single NTP server, change this to 1 should work </b>- but it naturally there won't be any redundancy in there.<br>Last edited by michael_S on 2023-09-26 13:55, edited 1 time in total. <br></div><div><br><a href="
https://
docs.ntpsec.org/latest/miscopt.html">
https://docs.ntpsec.org/latest/miscopt.html</a><br>minsane <b><i>minsane</i></b><br><br> Specify the number of servers used by the selection algorithm as the minimum to set the system clock. The
default is 1 for legacy purposes; however, for critical applications the value should be somewhat higher (e.g. 3) but less than minclock.<br><br><br></div><div>Please let me know if the above solves your problem?</div><div><br></div><div>George.</div><
<br></div><div>https://docs.ntpsec.org/latest/quick.html</div><div><br></div><div><br></div><div><br></div><br>On Tuesday, 24-09-2024 at 06:05 Andrew Wood wrote:<br><blockquote style="border:0;border-left: 2px solid #22437f; padding:0px; margin:0px;
padding-left:5px; margin-left: 5px; ">Hi<br>
Is there a way to get MariaDB on Bookworm to log verbosely everything <br>
to do with connection attempts in order to try and debug why a client <br> keeps getting error 2026 SSL connection error: protocol version mismatch?<br>
There is currently nothing being logged on the server other than:<br>
[Warning] Aborted connection 332 to db: 'unconnected' user: <br> 'unauthenticated' host: '192.168.253.231' (This connection closed <br>
normally without authentication)<br>
SHOW GLOBAL VARIABLES LIKE 'tls_version'; gives TLSv1.1,TLSv1.2,TLSv1.3 <br> and the client is based on a relatively recent version of libmysqlclient <br> so Im struggling to understand what is going wrong without some more <br> detailed logging. I cant find anything in the MariaDB manual.<br>
Thanks<br>
Andrew</blockquote></body></html>
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)