On Apr 12, 7:23 pm, Steve Kostecke <[EMAIL PROTECTED]> wrote: > > The answer is security. > > It also denies the users of a time server potentially valuable > information about that server's time sources. > > You may find it acceptable to use a block box time source with > un-auditable time sources. I do not. >
There is nothing about the ntpq output that couldn't be trivially faked by a malicious server operator. Mode 6/7 capability adds no true security or assurance to the users of an ntp server. Authentication does not solve this problem either. In reality, all public ntp servers are "black boxes", because you can't trust anything they tell you, including the time. This is why you configure a diverse set of time servers. -- RPM _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
