Config file format - (Was: [ntp:hackers] FreeBSD serial ports)
David L. Mills
mills at udel.edu
Sat Feb 19 10:36:52 PST 2005
Harlan,
Lemme hear the word s*e*c*u*r*i*t*y here. I have no trouble with your
suggestion as long as it is as secure as TLS (ssh). Is there a secure
precedent for configuration file URL's?
If you think I am being paranoid here, you should see the comments from
the reviewers of the proposed SNTP RFC. Four paes of tiny text, 90% of
which is on security.
If you want a common configuration file from a local server, mount
/usr/local/etc from a server machine as we do here with several hundred
clients. Almost all of these use multicast.
Dave
Harlan Stenn wrote:
>I see no reason to lose the remote config stuff - it is mode7 and is
>implementation-specific.
>
>I would also like to see the -c flag take a URL as an option, so one might
>say:
>
> ntpd -c file:///etc/ntp.conf (current behavior)
>
> ntpd -c http://ntpconf.my.dom.ain (get a conf file from a local server)
>
>
>I'd also like to have the ability for ntpd to write its current config file.
>
>Just some thoughts.
>
>H
>
More information about the hackers
mailing list