ntp by default on servers in Vivid

[Chuck Peters]

Robie Basak said:
> 
> I'm seeking just to make default what people already use. My goal is to
> make the time correct on Ubuntu server systems by default. Currently I'm
> of the opinion that the daemon used doesn't really matter; all options
> are by far good enough in standard use cases, and users of obscure use
> cases have the option of switching to another.
> 
> I'm prepared to have my opinion swayed by evidence, but in the absense
> of any evidence to the contrary, I'm not prepared to put effort into
> picking some other solution and making it the default for no good
> reason.

ntp has a lot of institutional momentum and it's great at keeping the 
clocks right, but in terms of security it has serious problems.  I for 
one have to break the habit of just apt-get install ntp, edit ntp.conf 
and I’ done...

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687166
ntp in the default configuration usually means no encryption or
authentication and is vulnerable to man in the middle attacks.

And if one does setup encryption and/or authentication, it isn’t very secure.
http://zero-entropy.de/autokey_analysis.pdf
Summery: “using a TLS IP tunnel is recommended as a transitional
solution.”

A couple of other possible solutions I haven’t seen mentioned in this thread:

tlsdate is packaged in Debian and developed by Jacob Appelbaum of the 
Tor project.  https://github.com/ioerror/tlsdate

htpdate used by Tails.  https://tails.boum.org/contribute/design/Time_syncing/ 
Note it is a rewrite/fork of the unmaintained htpdate package that is 
currently in Debian.


Chuck