[ntp:hackers] Using authentication
Majdi S. Abbas
msa at latt.net
Thu Nov 5 17:17:54 UTC 2015
On Thu, Nov 05, 2015 at 08:45:29AM -0500, Brian Utterback wrote:
> So, the thing is, most people don't authenticate NTP. I'd like to understand
> why and discuss what we can do about it. Any ideas? Didn't we even talk
> recently about removing autokey?
Autokey is probably dead, but there is another mechanism coming
to replace it. Symmetric key auth doesn't get used on the Internet for
the usual key distribution reasons.
I should point out that even with autokey around, setting aside
the security implications of using it these days... it was never an easy
thing to stand up and run, which relegates its use to basically the
people on this list.
More information about the hackers