[ntp:questions] Secure NTP

jimp at specsol.spam.sux.com jimp at specsol.spam.sux.com
Thu Mar 24 21:26:40 UTC 2011


Yessica <yessimar15 at gmail.com> wrote:
> Hello!
> I am installing an NTP server, but requires authentication for that
> clients can be synchronized with the server, and also that
> authentication should be with public and private keys. Let me know if
> I can work with certificates issued by any authority or can only use
> the certificates generated by the ntp-keygen.
> 
> Thank you very much!
> I hope you can answer.
> 
> PS: I'm working with ntp v4

When I see questions like this my first response is "Why all the bother?".

There is nothing secret or proprietary about the time of day.

Since all NTP servers provide UTC, the service reveals nothing about the
machine other than the fact that the clock is correct.

If you don't want your resources utilized by outsiders, you just block
access to the NTP port for everyone but your own clients as a blocked
port uses less resources than denying an unsucessful authorization does.

Am I missing something??


-- 
Jim Pennino

Remove .spam.sux to reply.




More information about the questions mailing list