[ntp:questions] What to do for clients less than 4.2.8?
david at ex.djwhome.demon.invalid
Sun Dec 21 12:20:14 UTC 2014
On 21/12/14 11:38, Rob wrote:
> David Woolley <david at ex.djwhome.demon.invalid> wrote:
>> On 21/12/14 10:48, Rob wrote:
>>> People say "disable crypto" but there is no clear direction in the docs
>>> on how to do that. There is no "crypto off" or "disable crypto" config
>>> directive at first glance. So how is this done?
>> I would assume by not enabling it.
> Ok, but in that case why the worry about the "millions of vulnerable
> servers" on the internet, I think most users who just want to get and
Paranoia? Security alerts are generally not that explicit (and this one
is actually unusually explicit) because they provide information to the
> serve time don't spend the week of time needed to get the crypto working
> and to coordinate with other servers doing the same.
> So for now I presume it is on by default... also because of what I saw
> in the OpenSUSE example config. (or would the "keys" config directive
> be the magic enable crypto directive?)
There are only two places where crypto_recv is called. One is
definitely only active if autokey has been explicitly configured. The
other is only active for broadcast clients and the comments imply that
it is only used for autokey, but it does seem possible that it is the
remote side that decides this (I didn't follow the code any deeper); it
is in the initial broadcast client handshake.
I'm using 4.2.7p333, rather than the latest 4.2.7 source code.
"Carefully crafted" in alerts generally means that the data has to look
like the address of some instructions and those instructions, with the
exact memory layout under which that instance is running. It also
normally assumes that the machine doesn't have stack execution
permission disabled for ntpd.
More information about the questions