[ntp:questions] Weak Security algorithms used in NTP Autokey protocol

Joe Smithian joe.smithian at gmail.com
Mon Mar 21 16:11:49 UTC 2016


H All,

I am surprised that NTP still supports insecure algorithms such as MD2, MD5
and small key sizes  256,512,1024 in the Autokey authentication! Any plan
to deprecate weak algorithms and add more secure algorithms such as SHA-2
and SHA-3?


Below is a list of supported keys and algorithms in ntp-keygen version
4.2.8p6


ntp-keygen(8) - Linux man pageName

ntp-keygen - generate public and private keys

Synopsis

*ntp-keygen [ -deGgHIMPT ] [ -c [RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 |
RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ] ] [ -i name ] [
-m modulus ] [ -p password ] [ -q password ] [ -S [ RSA | DSA ] ] [
-s name ] [ -vnkeys ] [ -V params ]*

Thanks,

Joe


More information about the questions mailing list