Re: NTP Md5 or AutoKey?

From: Joe Greco (no email)
Date: Sat Nov 15 2008 - 17:18:47 EST

  • Next message: Jon Lewis: "Re: Catalyst 6500 High Switch Proc"

    > On Nov 4, 2008, at 3:11 AM, Glen Kent wrote:
    > > My original question got drowned amidst all this vibrant discussions!
    > >
    > > Do folks already use or plan to use Autokey for NTP?
    >
    > In my experience most people have a hard enough time remembering to
    > run ntp at all (and with an even remotely sane configuration - this is
    > why a sane default using the ntp pool is helpful as a baseline). Add
    > authentication into the mix and many operations will almost certainly
    > just have even more mis-configuration. :-)

    One of the things to lament is that it is so hard to find any reasonable
    examples of how to set up various configurations in a secure manner.
    There is voluminous documentation. Some of it is dated. Some of it is
    contradictory. Most of it assumes at least general familiarity with the
    topic.

    Accurate time/NTP is, on one hand, fundamentally important to a variety
    of needs, but on the other hand, is usually implemented just "well
    enough."

    ... JG

    -- 
    Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
    "We call it the 'one bite at the apple' rule. Give me one chance [and] then I
    won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
    With 24 million small businesses in the US alone, that's way too many apples.
    

  • Next message: Jon Lewis: "Re: Catalyst 6500 High Switch Proc"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD