Re: [chrony-users] NTP bogus timestamps - Chrony on openSUSE 15.1

[ Thread Index | Date Index | More Archives ]

On Wed, 21 Aug 2019, James Knott wrote:

On 2019-08-21 04:33 AM, Miroslav Lichvar wrote:
That's a privacy and security feature. Please see this draft

Yeah, I guess there's a real security threat in the 2' between my
desktop computer and my firewall.  ;-)

Not at all sure what this sarcastic comment is supposed to mean. The
contention is that there are situations in which that first transmit timestamp
can be used to identify the source, and that randomising this time makes NO
DIFFERENCE to the operation of the NTP protocol. It does NOT mean that you
local clock is set to that random time. It is ONLY a packet identifier which
has no effect whatsoever on anyone's times.

Is there any way to disable this "feature"?  While it might not make
much of a difference on a desktop system, there are plenty of situations
where an accurate clock is needed.

The randomization makes no difference to any clock. The client keeps a record
of when a packet with tranmit timestamp with time TT was sent. It is that time
which is used in all of the ntp calculations, not the time in the timestamp.
Ie, it has no implications whatsoever on the accuracy of the clock.

To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Mail converted by MHonArc 2.6.19+