Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider using tlsdate #7

Open
ioerror opened this issue May 16, 2013 · 2 comments
Open

Consider using tlsdate #7

ioerror opened this issue May 16, 2013 · 2 comments
Labels
enhancement

Comments

@ioerror
Copy link

ioerror commented May 16, 2013

I wrote https://www.github.com/ioerror/tlsdate for systems where we wished to have relatively accurate (~1sec) clocks and as a simple trade off, we receive authenticated time. I suggest that rather than using ntp, you use tlsdate and use it over Tor. This should reduce the direct attack surface as it is written in a privilege separated manner. It will rarely touch the local network in an unprotected manner.
@dolanjs
Copy link
Member

dolanjs commented May 16, 2013

thanks for the input. NTP and keeping secure time were issues we were concerned about. Do you also have puppet module for tlsdate?

@ioerror
Copy link
Author

ioerror commented May 16, 2013

dolanjs:

thanks for the input. NTP and keeping secure time were issues we were concerned about. Do you also have puppet module for tlsdate?

I don't have a puppet module; I'd gladly integrate one into the tlsdate
git repo. Just apt-get install tlsdate and it will run tlsdated, which
in turn runs tlsdate to keep the time in sync.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ioerror @dolanjs