On Mon, Feb 24, 2014 at 11:13:23AM +0000, Joe Holden wrote: > On 24/02/2014 11:08, Baptiste Daroussin wrote: > > On Mon, Feb 24, 2014 at 11:04:48AM +0000, Joe Holden wrote: > >> On 24/02/2014 10:56, Poul-Henning Kamp wrote: > >>> In message <530b2500.5030...@rewt.org.uk>, Joe Holden writes: > >>> > >>>> Can I also suggest that ntp.org shouldn't be in the base either? :P > >>> > >>> I absolutely agree, but the replacement is less clear in that case. > >>> > >>> > >> I'd suggest openntpd as a candidate as it would require less work than > >> dntpd since that has some kernel changes. > >> > >> At ~400K it is pretty lightweight and doesn't listen at all by default, > >> suitable as a default ntpd that just maintains time - one can always > >> install ntp.org from ports should they need more features (such as > >> access control and monlist, etc) > > > > openntpd not able to authenticate the sources it is using and thus lack a > > big > > ntp feature as a client. > > > > regards, > > Bapt > > > hm, I can't say I have noticed this as being a problem where I've used > it, are there any scenarios where this is a showstopper?
Yes when you really need to trust what ntp sources you are using, which means there are lots of scenarios. regards, Bapt
Description: PGP signature