[ntp:questions] Re: Problems configuring an NTP subnet

Danny Mayer mayer at ntp.isc.org
Wed May 31 03:10:05 UTC 2006


Brian Utterback wrote:
> Danny Mayer wrote:
>> SimoTerradillos, Carlos Joaquin wrote:
>>> 2.-NTP clients
>>> In this case, /etc/ntp.conf is like this:
>>>
>>> driftfile /etc/ntp/drift
>>> broadcastclient
>>> authenticate no
>>
>> again: disable auth
>>
> 
> Disabling the authentication is a very bad idea, unless you trust
> all the systems that can possibly send packets to the systems on
> your network. There is a reason why it is the default. With auth
> disabled and no restrict rules, you are potentially handing your
> system clock over to anyone on the network.

True, but my comments where about the "authenticate no" lines which are
invalid. Those should have been logged as errors.

Danny



More information about the questions mailing list