[pkg-ntp-maintainers] Bug#687166: ntp: NTP security vulnerability because not using authentication by default
Ask Bjørn Hansen
ask at ntppool.org
Mon Sep 10 16:01:44 UTC 2012
On Sep 10, 2012, at 8:13, Nico Golde <nion at debian.org> wrote:
Hi,
[Adding NTP authentication]
> I CC'ed Ask who is maintaining pool.ntp.org for this discussion.
> Ask, is there such a requirement and I missed it or is it not existent?
> If not, how realistic is it to change this?
Completely unrealistic with volunteer/public servers, sadly. If you give it a bit of thought you'll realize it can't work. :-)
If we were to add authentication to the pool.ntp.org system, everyone would have to know the key so it'd not serve any purpose at all.
We could setup a set of servers with authentication, but that'd be a much smaller list of servers (for better and worse). It wouldn't be like the current NTP Pool at all.
Next would be to add DNSSEC to the DNS (which is non-trivial with the current zone and the current resources; at peaks the DNS servers get 20-30k qps and each response is different so you have to sign in "real-time".).
If there's a need and resources, I could run a zone with DNSSEC and with autokey configured, but it'd not be possible in the "open source"/"everyone volunteers a resource or two" scheme.
Ask
More information about the pkg-ntp-maintainers
mailing list