[ntp:questions] notrust alternative?

Dennis Hilberg Jr dhilberg at comcast.net
Mon Nov 6 18:13:43 UTC 2006


That was my problem all along.  My server is Mandriva 2007 Free, and I'm using the version of ntp that is included with the distro, 
4.2.0 at 1.1161-r.  In /etc/sysconfig/ntpd the -A option is enabled by default.  I removed that and took out 'enable auth' in my 
ntp.conf, restarted ntpd, and now everything works the way David Mills says it should.

Now the question...why would Mandriva disable authentication by default??  After what David Mills has said, and what I've been 
dealing with, that seems rather insecure.

Thanks a lot Ronan for pointing this out.  I feel embarrased for not noticing it was running with the -A option by default.  I just 
didn't pay attention.  But hopefully this will help someone else out.

Thank you everyone for the help,

Dennis

"Ronan Flood" <ronan at noc.ulcc.ac.uk> wrote in message news:einhmc$6tm$1 at canard.ulcc.ac.uk...
| On Sun, 05 Nov 2006 05:17:03 +0000, "David L. Mills" <mills at udel.edu> wrote:
|
| > All users: Don't put "disable auth" in your configuration file unless
| > you understand the resulting vulnerability and your network cannot be
| > connected to the public Internet under any circumstances. Also, make
| > sure the Linux and FreeBSD and others do not provide NTP software with
| > that switch disabled.
|
| Also check that ntpd is not started with the -A option, which is another
| way of disabling authentication.
|
| -- 
|                      Ronan Flood <R.Flood at noc.ulcc.ac.uk>
|                        working for but not speaking for
|             Network Services, University of London Computer Centre
|     (which means: don't bother ULCC if I've said something you don't like)
| 





More information about the questions mailing list