Re: [chrony-dev] Drop cmdmon authentication?

[Holger Hoffstätte <holger.hoffstaette@xxxxxxxxxxxxxx>]

Completely forgot this thread..

On Sat, Apr 25, 2015 at 3:46 PM, Ed W <lists@xxxxxxxxxxxxxx> wrote:

On 13/04/2015 11:25, Miroslav Lichvar wrote:

While I was dealing with the latest security bugs I wondered how
useful these days it really is to have support for remote
administration via authenticated cmdmon and if it's not just
increasing the chronyd attack surface unnecessarily.

Does anyone here use chronyc remotely with a password for
administration and how important this feature is for you?

Not me!

Me neither. I briefly experimented with it when I wanted to monitor remote machines, but chrony has worked so well that I stopped doing that completely in the first place, and when I do need to check stats I just use ssh, just as Miroslav wrote.

It's also probably better for site-local requirements to push those node-local values into a proper monitoring/aggregation solution instead of fiddling with chrony's remote access.

So +1 for removing it in the name of simplicity and security.

-h