Ryan Malayter wrote: > On Apr 12, 7:23 pm, Steve Kostecke <[EMAIL PROTECTED]> wrote: >>> The answer is security. >> It also denies the users of a time server potentially valuable >> information about that server's time sources. >> >> You may find it acceptable to use a block box time source with >> un-auditable time sources. I do not. >> > > There is nothing about the ntpq output that couldn't be trivially > faked by a malicious server operator. Mode 6/7 capability adds no true > security or assurance to the users of an ntp server. Authentication > does not solve this problem either. >
That may be but mode 6/7 is used to also configure the server and for DNS when necessary. > In reality, all public ntp servers are "black boxes", because you > can't trust anything they tell you, including the time. This is why > you configure a diverse set of time servers. If you want to trust them you should use autokey. Danny _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
