答复: [chrony-users] about nts

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]


Are there plans for more secure processing of key files for NTS functions? The permission of the key file is 600. There seems to be no more secure solution for processing the key file.
-----邮件原件-----
发件人: Miroslav Lichvar [mailto:mlichvar@xxxxxxxxxx] 
发送时间: 2022年10月25日 20:39
收件人: chrony-users@xxxxxxxxxxxxxxxxxxxx
主题: Re: [chrony-users] about nts

On Tue, Oct 25, 2022 at 12:34:01PM +0000, chengyechun wrote:
> Hi all:
> I am considering using the NTS feature. chronyd can only read unencrypted keys, and the configuration file does not contain the password option. Is there a solution to this problem?

What exactly is the problem you are trying to solve?

If the server key was encrypted with a password saved in chrony.conf, what would be the difference to using an unencrypted key?

--
Miroslav Lichvar


-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.




Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/