Re: What package contains the time daemon?

To: debian-user@lists.debian.org
Subject: Re: What package contains the time daemon?
From: Vincent Lefevre <vincent@vinc17.net>
Date: Sun, 26 Jul 2015 15:07:33 +0200
Message-id: <[🔎] 20150726130733.GA21667@zira.vinc17.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 871tfvjd0m.fsf@thumper.dhh.gt.org>
References: <[🔎] 20150725185228.GA14831@debian.abilitiessoft.org> <[🔎] 55B3DC90.5070804@torfree.net> <[🔎] nycvar.QRO.7.75.3.1507251907200.6744@arjgebyy.ybpnyqbznva> <[🔎] 55B41A31.6020406@thargoid.co.uk> <[🔎] nycvar.QRO.7.75.3.1507251956040.1569@arjgebyy.ybpnyqbznva> <[🔎] 55B4286C.20207@fastmail.fm> <[🔎] 55B42A71.7080802@debian.org> <[🔎] 20150726120922.GA16716@zira.vinc17.org> <[🔎] 871tfvjd0m.fsf@thumper.dhh.gt.org>

On 2015-07-26 07:53:45 -0500, John Hasler wrote:
> Vincent Lefevre writes:
> > Unfortunately none of them is secure, I mean: some attacker won't tend
> > to make the date on your machine incorrect because of lack of
> > authentication.
> 
> http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm
> 
> See section 6.6.2, Authentication

No, this is completely ridiculous: "The keys residing in /etc/ntp.keys
typically are unencrypted and thus should be hidden from public."

I don't see how this can work with public NTP servers!

> Even without it, though, sucessfully spoofing all four of the servers
> you use would be challenging.

I don't see why this would be difficult for someone who controls the
local network (e.g. the wifi hotspot).

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to:

Follow-Ups:
- Re: What package contains the time daemon?
  - From: John Hasler <jhasler@newsguy.com>

References:
- What package contains the time daemon?
  - From: "John J. Boyer" <john.boyer@abilitiessoft.org>
- Re: What package contains the time daemon?
  - From: Gary Dale <garydale@torfree.net>
- Re: What package contains the time daemon?
  - From: Bob Bernstein <poobah@ruptured-duck.com>
- Re: What package contains the time daemon?
  - From: Iain M Conochie <iain@thargoid.co.uk>
- Re: What package contains the time daemon?
  - From: Bob Bernstein <poobah@ruptured-duck.com>
- Re: What package contains the time daemon?
  - From: The Wanderer <wanderer@fastmail.fm>
- Re: What package contains the time daemon?
  - From: Michael Biebl <biebl@debian.org>
- Re: What package contains the time daemon?
  - From: Vincent Lefevre <vincent@vinc17.net>
- Re: What package contains the time daemon?
  - From: John Hasler <jhasler@newsguy.com>

Prev by Date: Re: What package contains the time daemon?
Next by Date: Re: What package contains the time daemon?
Previous by thread: Re: What package contains the time daemon?
Next by thread: Re: What package contains the time daemon?
Index(es):
- Date
- Thread