[ntp:questions] Weak Security algorithms used in NTP Autokey protocol

Harlan Stenn stenn at ntp.org
Tue Mar 22 05:03:03 UTC 2016


Brian Inglis writes:
> Hopefully the NTPSEC project https://www.ntpsec.org/ will be able to address 
> those issues.
> See https://gitlab.com/groups/NTPsec mirror at https://github.com/ntpsec/ntps
> ec

You're pretty funny, Brian.

Nobody should be using autokey anymore.  We're well into the
implementation of autokey's replacement.

H
--
> On 2016-03-21 10:11, Joe Smithian wrote:
> > H All,
> >
> > I am surprised that NTP still supports insecure algorithms such as MD2, MD5
> > and small key sizes  256,512,1024 in the Autokey authentication! Any plan
> > to deprecate weak algorithms and add more secure algorithms such as SHA-2
> > and SHA-3?
> >
> >
> > Below is a list of supported keys and algorithms in ntp-keygen version
> > 4.2.8p6
> >
> >
> > ntp-keygen(8) - Linux man pageName
> >
> > ntp-keygen - generate public and private keys
> >
> > Synopsis
> >
> > *ntp-keygen [ -deGgHIMPT ] [ -c [RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 |
> > RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ] ] [ -i name ] [
> > -m modulus ] [ -p password ] [ -q password ] [ -S [ RSA | DSA ] ] [
> > -s name ] [ -vnkeys ] [ -V params ]*
> >
> > Thanks,
> >
> > Joe
> > _______________________________________________
> > questions mailing list
> > questions at lists.ntp.org
> > http://lists.ntp.org/listinfo/questions
> >
> 
> 
> -- 
> Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
> _______________________________________________
> questions mailing list
> questions at lists.ntp.org
> http://lists.ntp.org/listinfo/questions
> 


More information about the questions mailing list