NetworkManager time sync
Bernie Innocenti
bernie at codewiz.org
Sun Jul 11 18:59:41 EDT 2010
El Wed, 07-07-2010 a las 12:20 -0400, Martin Langhoff escribió:
> Apparently the ntp protocol supports some server-signing of the
> messages -- we could use an OATS key for that. But it looks rickety.
Authenticated NTP sounds like a good solution. NTP4 supports public key
cryptography based on SSL certificates.
We don't have to reuse the OATS keys for authentication and we also
don't have to use the same server for OATS and NTP. Any trusted public
ntp server should be fine. Maybe also the school servers.
So, how about setting up a public ntp server and publishing the keys?
I've already been running two public servers for one year or so:
time1.sugarlabs.org
time2.sugarlabs.org
These are registered with ntp.org. I could generate keys and use them
with py builds. Anyone else would be welcome to use our servers, of
course.
Alternatively, we could simply distribute ntp keys to our xs with
puppet. However, this would stop working once the kids leave the school
system.
In case we opt for using public ntp servers with no authentication, I've
also registered olpc.ntp.org (as recommended by someone in this thread).
--
// Bernie Innocenti - http://codewiz.org/
\X/ Sugar Labs - http://sugarlabs.org/
More information about the Devel
mailing list