[ntp:hackers] 4.2.5p203 adds ntpq dumpcfg command

Danny Mayer mayer at ntp.org
Thu Aug 27 04:09:19 UTC 2009


Todd Glassey wrote:
> Reg Clemens wrote:
>> I guess this gets back to my previous question about a lack of
>> documentation.
>>
>> I have no idea what problem having 'dumpcfg' is trying to solve.
>> If its for backup, why not just copy the ntp.conf file?
>>   
> If the intent was to pre-populate the NTP service from DHCP and pass the
> config file to the server then this would make total sense. As to the
> idea of being able to remotely read and write the config files, this is
> a key process in updating Audit (AutoKEY) tokens from the service. In
> that case you would want both READ-CONFIG and WRITE-CONFIG
> command-functions to allow for downloading and uploading the config
> templates. This also if it is to be done should have an API so NEA can
> do this as well. Also it will need an AutoKEY or other HSM/token process
> for passing secure authorizations into the system.

Huh? You opposed having DHCP populating NTP in the Working Group and now
you are saying this is a good idea? Reading and writing is a security
issue and should not be in general allowed without great precautions and
will require authentication. There are no audit tokens whatsoever in NTP
and there has been no proposal to do so. Autokey is something totally
different. There has been no proposal for an API from NEA or anywhere
else and certainly there is none in prospect. I consider ntpq to be a
very poor interface from the security standpoint and we should not
burden it down with something that it was not originally designed to do
without any security involved.

Danny



More information about the hackers mailing list