Web lists-archives.com

Re: https_port




On Thu, 08 Jun 2017, Darac Marjal wrote:
> On Thu, Jun 08, 2017 at 08:41:14AM -0700, Adiel Plasencia Herrera wrote:
> >How to generate the certificate and the key to make a very
> >basic  configuration of the https connection.
> 
> NTP doesn't use HTTPS. It uses its own port, it's own protocol and
> implements standard cryptography in a manner more suited to the
> protocol.
> 
> See https://www.eecis.udel.edu/~mills/ntp/html/autokey.html for more
> details.

Don't bother with autokey, it is not worth the pain.  If you can use ntp
symmetric key authentication, that one should take care of your servers
well enough.

There is no security for anything that is based on SNTP, though (that
"S" is for Simple, not Secure), you'd have to do it in a lower layer
(local firewall, IPSEC AH, whatever).

-- 
  Henrique Holschuh