[ntp:questions] Newbie question on the MD5 key of a public/remote NTP server.

Harry simonsharry at gmail.com
Fri Nov 12 16:46:04 UTC 2010


Hello,

I'm quite new to the NTP world. I haven't had a chance to study and
understand the NTP trust model fully.
But I /have/ understood so far is...
  1. that MD5 symmetric keys can be used to authenticate a public/
remote NTP Server
  2. that this public/remote, MD5 talking NTP server can reach out to
NTP clients behind a NAT/Firewall (which Autokey protocol cannot)
  3. that the MD5 symmetric keys must be distributed securely somehow
to the NTP client.

What I haven't been able to figure out is...
  1. How/Where to locate a public/remote NTP server that supports MD5
authentication?
  2. How would the administrator of this NTP server (a human)
distribute the keys to me: Via email? Via Phone/Fax?
  3. Having received the keys even by secure means such as email/phone/
fax, what is stopping me from going rogue later... say, by using the
key values of the authentic server and distributing wrong time? (I
won't of course actually go rogue, just trying to understand.)

Can somebody please explain this in plain English?

Regards,
/HS




More information about the questions mailing list