ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Tso tawm NTP servers NTPsec 1.2.0 thiab Chrony 4.0 nrog kev txhawb nqa rau kev ruaj ntseg NTS raws tu qauv

Tso tawm NTP servers NTPsec 1.2.0 thiab Chrony 4.0 nrog kev txhawb nqa rau kev ruaj ntseg NTS raws tu qauv

IETF (Internet Engineering Task Force) pawg thawj coj, uas tsim Internet raws tu qauv thiab architecture, ua tiav tsim ntawm RFC rau NTS (Network Time Security) raws tu qauv thiab luam tawm cov kev qhia tshwj xeeb hauv qab tus cim RFC 8915. RFC tau txais cov xwm txheej ntawm "Txoj Cai Lij Choj", tom qab ntawd kev ua haujlwm yuav pib muab RFC cov xwm txheej ntawm tus qauv qauv (Draft Standard), uas txhais tau tias ua tiav kev ruaj ntseg ntawm cov txheej txheem thiab suav nrog tag nrho cov lus hais.

Standardizing NTS yog ib kauj ruam tseem ceeb los txhim kho kev ruaj ntseg ntawm lub sij hawm synchronization cov kev pab cuam thiab tiv thaiv cov neeg siv los ntawm kev tawm tsam uas xyaum NTP server rau cov neeg siv khoom txuas. Cov neeg tawm tsam kev tswj hwm ntawm kev teeb tsa lub sijhawm tsis raug tuaj yeem siv los cuam tshuam kev nyab xeeb ntawm lwm cov txheej txheem paub txog lub sijhawm, xws li TLS. Piv txwv li, hloov lub sijhawm tuaj yeem ua rau kev txhais lus tsis raug ntawm cov ntaub ntawv hais txog qhov siv tau ntawm TLS daim ntawv pov thawj. Txog tam sim no, NTP thiab symmetric encryption ntawm kev sib txuas lus tsis tau ua kom nws tuaj yeem lav tias tus neeg siv khoom cuam tshuam nrog lub hom phiaj thiab tsis yog NTP neeg rau zaub mov spoofed, thiab qhov tseem ceeb authentication tsis tau nthuav dav vim tias nws nyuaj heev rau kev teeb tsa.

NTS siv cov ntsiab lus ntawm public key infrastructure (PKI) thiab tso cai rau siv TLS thiab AEAD (Authenticated Encryption with Associated Data) encryption los cryptographically tiv thaiv tus neeg siv-server kev sib cuam tshuam siv NTP (Network Time Protocol). NTS suav nrog ob txoj cai sib cais: NTS-KE (NTS Key Tsim los tuav qhov kev lees paub thawj zaug thiab kev sib tham tseem ceeb ntawm TLS) thiab NTS-EF (NTS Extension Fields, lub luag haujlwm rau kev encryption thiab authentication ntawm lub sij hawm synchronization session). NTS ntxiv ntau qhov txuas ntxiv rau NTP pob ntawv thiab khaws tag nrho cov ntaub ntawv hauv lub xeev nkaus xwb ntawm tus neeg siv khoom siv lub ncuav qab zib mechanism. Network chaw nres nkoj 4460 yog faib rau kev sib txuas ntawm NTS raws tu qauv.

Tso tawm NTP servers NTPsec 1.2.0 thiab Chrony 4.0 nrog kev txhawb nqa rau kev ruaj ntseg NTS raws tu qauv

Thawj qhov kev siv ntawm cov txheej txheem NTS yog npaj rau hauv kev tshaj tawm tsis ntev los no NTPsec 1.2.0 ΠΈ Chrony 4.0. Chrony muab kev ywj pheej NTP tus neeg siv khoom thiab kev siv neeg rau zaub mov uas yog siv los synchronize lub sijhawm hla ntau yam Linux faib, suav nrog Fedora, Ubuntu, SUSE/openSUSE, thiab RHEL/CentOS. NTPsec txhim kho nyob rau hauv kev coj noj coj ua ntawm Eric S. Raymond thiab yog ib rab diav rawg ntawm kev siv ntawm NTPv4 raws tu qauv (NTP Classic 4.3.34), tsom rau kev rov ua dua cov cai hauv paus txhawm rau txhim kho kev ruaj ntseg (cov cai tsis siv tau raug ntxuav, kev tiv thaiv kev tawm tsam thiab tiv thaiv kev ua haujlwm nrog kev nco thiab cov hlua).

Tau qhov twg los: opennet.ru

Ntxiv ib saib