答复: [chrony-users] about nts

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]

To: "chrony-users@xxxxxxxxxxxxxxxxxxxx" <chrony-users@xxxxxxxxxxxxxxxxxxxx>
Subject: 答复: [chrony-users] about nts
From: chengyechun <chengyechun1@xxxxxxxxxx>
Date: Fri, 4 Nov 2022 02:34:49 +0000
Accept-language: zh-CN, en-US
Thread-index: AdjobWzgRljAXhOGTcWNpUmSk+XmWv//fIgA//BsW4A=
Thread-topic: [chrony-users] about nts

Are there plans for more secure processing of key files for NTS functions? The permission of the key file is 600. There seems to be no more secure solution for processing the key file.
-----邮件原件-----
发件人: Miroslav Lichvar [mailto:mlichvar@xxxxxxxxxx] 
发送时间: 2022年10月25日 20:39
收件人: chrony-users@xxxxxxxxxxxxxxxxxxxx
主题: Re: [chrony-users] about nts

On Tue, Oct 25, 2022 at 12:34:01PM +0000, chengyechun wrote:
> Hi all:
> I am considering using the NTS feature. chronyd can only read unencrypted keys, and the configuration file does not contain the password option. Is there a solution to this problem?

What exactly is the problem you are trying to solve?

If the server key was encrypted with a password saved in chrony.conf, what would be the difference to using an unencrypted key?

--
Miroslav Lichvar


-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Messages sorted by: [ date | thread ]
Prev by Date: Re: Re: [chrony-users] Info logging
Next by Date: [chrony-users] about nts
Previous by thread: Re: Re: [chrony-users] Info logging
Next by thread: [chrony-users] about nts

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/