Re: What package contains the time daemon?
On 2015-07-26 07:53:45 -0500, John Hasler wrote:
> Vincent Lefevre writes:
> > Unfortunately none of them is secure, I mean: some attacker won't tend
> > to make the date on your machine incorrect because of lack of
> > authentication.
>
> http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm
>
> See section 6.6.2, Authentication
No, this is completely ridiculous: "The keys residing in /etc/ntp.keys
typically are unencrypted and thus should be hidden from public."
I don't see how this can work with public NTP servers!
> Even without it, though, sucessfully spoofing all four of the servers
> you use would be challenging.
I don't see why this would be difficult for someone who controls the
local network (e.g. the wifi hotspot).
--
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Reply to: