[pkg-ntp-maintainers] Bug#687166: Bug#687166: ntp: NTP security vulnerability because not using authentication by default
Kurt Roeckx
kurt at roeckx.be
Tue Sep 11 19:23:45 UTC 2012
On Tue, Sep 11, 2012 at 12:49:09PM +0200, Nico Golde wrote:
> Hi,
> * Ask Bjørn Hansen <ask at ntppool.org> [2012-09-11 01:01]:
> > On Sep 10, 2012, at 15:07, Kurt Roeckx <kurt at roeckx.be> wrote:
> > [...]
> > > So my understanding of things is that even if we also had
> > > a way to distribute all the public keys, you still can't
> > > get it to work as you need to provide each client with
> > > a secret key.
> > >
> > > I think what first needs to be done is have an autokey
> > > implementation that either doesn't need a private key for
> > > each client but is secure or doesn't need state on the
> > > server side for each client.
> >
> > Indeed; I thought ntpd had a public key encryption scheme where we just need
> > the secret key on the server[1] and the public key can be general for all
> > Debian users. (I think that's the 'autokey' scheme -- the
> > "trustedkey/requestkey" stuff is where you share a secret between client and
> > server).
>
> That was my understanding as well. At least the documentation states:
> "key pairs are used where establishing shared secrets is difficult. The
> autokey mechanism uses key pairs.".
So after reading some more, I think the only option we have is
using the IFF identity scheme.
But I seem to be failing in getting it working.
Kurt
More information about the pkg-ntp-maintainers
mailing list