ProHoster > Блог > labaran intanet > Sakin sabar NTP NTPsec 1.2.0 da Chrony 4.0 tare da goyan bayan ƙaƙƙarfan ƙa'idar NTS

Sakin sabar NTP NTPsec 1.2.0 da Chrony 4.0 tare da goyan bayan ƙaƙƙarfan ƙa'idar NTS

Kwamitin IETF (Internet Engineering Task Force), wanda ke haɓaka ka'idoji da gine-ginen Intanet, kammala samuwar RFC don ka'idar NTS ( Tsaron Lokaci na Yanar Gizo) kuma an buga ƙayyadaddun ƙayyadaddun bayanai a ƙarƙashin mai ganowa. RFC 8915. RFC ta sami matsayi na "Proposed Standard", bayan haka za a fara aiki akan ba RFC matsayin daftarin ma'auni (Draft Standard), wanda a zahiri yana nufin cikakken daidaita tsarin da kuma la'akari da duk maganganun da aka yi.

Daidaita NTS muhimmin mataki ne don inganta tsaro na ayyukan aiki tare na lokaci da kuma kare masu amfani daga hare-haren da ke kwaikwayon uwar garken NTP wanda abokin ciniki ke haɗa shi. Ana iya amfani da magudin maharan na saita lokacin da ba daidai ba don lalata tsaro na wasu ka'idojin sanin lokaci, kamar TLS. Misali, canza lokacin zai iya haifar da kuskuren fassarar bayanai game da ingancin takaddun shaida na TLS. Har ya zuwa yanzu, NTP da ɓoye bayanan tashoshi na sadarwa ba su ba da damar tabbatar da cewa abokin ciniki yana hulɗa da abin da ake nufi ba kuma ba sabar NTP ɗin ba, kuma tabbatar da maɓalli bai zama tartsatsi ba saboda yana da wahala sosai don daidaitawa.

NTS yana amfani da abubuwa na kayan aikin maɓalli na jama'a (PKI) kuma yana ba da damar yin amfani da TLS da AEAD (Ingantacciyar Encryption tare da Haɗin Bayanan) don kare hulɗar abokin ciniki da uwar garken ta hanyar amfani da NTP (Protocol Time Protocol). NTS ya haɗa da ka'idoji guda biyu: NTS-KE (Tsarin Maɓalli na NTS don sarrafa ingantaccen tabbaci na farko da maɓalli na tattaunawa akan TLS) da NTS-EF (Filayen Tsawowar NTS, alhakin ɓoyewa da tabbatar da zaman daidaitawar lokaci). NTS yana ƙara filaye da yawa zuwa fakitin NTP kuma yana adana duk bayanan jihar a gefen abokin ciniki kawai ta amfani da injin kuki. An ware tashar tashar sadarwa ta 4460 don sarrafa haɗin kai ta hanyar ka'idar NTS.

Sakin sabar NTP NTPsec 1.2.0 da Chrony 4.0 tare da goyan bayan ƙaƙƙarfan ƙa'idar NTS

Ana gabatar da aiwatar da aiwatarwa na farko na daidaitattun NTS a cikin sakin da aka buga kwanan nan NTPsec 1.2.0 и Tarihi 4.0. Na zamani yana ba da abokin ciniki na NTP mai zaman kansa da aiwatar da uwar garken da ake amfani da shi don daidaita lokaci a cikin nau'ikan rarrabawar Linux, gami da Fedora, Ubuntu, SUSE/openSUSE, da RHEL/CentOS. NTPsec yana tasowa karkashin jagorancin Eric S. Raymond kuma yana da cokali mai yatsa na aiwatar da tsarin aiwatar da yarjejeniyar NTPv4 (NTP Classic 4.3.34), wanda aka mayar da hankali kan sake yin amfani da lambar tushe don inganta tsaro (an tsabtace lambar da ba ta dace ba, hanyoyin rigakafin harin da ayyuka masu kariya don aiki tare da ƙwaƙwalwar ajiya da kirtani).

source: budenet.ru

Add a comment