Wednesday, 24 December 2014

Re: ntp by default on servers in Vivid

Robie Basak said:
>
> I'm seeking just to make default what people already use. My goal is to
> make the time correct on Ubuntu server systems by default. Currently I'm
> of the opinion that the daemon used doesn't really matter; all options
> are by far good enough in standard use cases, and users of obscure use
> cases have the option of switching to another.
>
> I'm prepared to have my opinion swayed by evidence, but in the absense
> of any evidence to the contrary, I'm not prepared to put effort into
> picking some other solution and making it the default for no good
> reason.

ntp has a lot of institutional momentum and it's great at keeping the
clocks right, but in terms of security it has serious problems. I for
one have to break the habit of just apt-get install ntp, edit ntp.conf
and I' done...

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687166
ntp in the default configuration usually means no encryption or
authentication and is vulnerable to man in the middle attacks.

And if one does setup encryption and/or authentication, it isn't very secure.
http://zero-entropy.de/autokey_analysis.pdf
Summery: "using a TLS IP tunnel is recommended as a transitional
solution."

A couple of other possible solutions I haven't seen mentioned in this thread:

tlsdate is packaged in Debian and developed by Jacob Appelbaum of the
Tor project. https://github.com/ioerror/tlsdate

htpdate used by Tails. https://tails.boum.org/contribute/design/Time_syncing/
Note it is a rewrite/fork of the unmaintained htpdate package that is
currently in Debian.


Chuck

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel