DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-04 02:45:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

doc: warn about MD5 keys not protecting extension fields

Browse Source 
Add a warning to the chrony.conf man page that MD5 keys cannot protect
NTP extension fields due to the length extension attack.
This commit is contained in:
Miroslav Lichvar
2024-10-08 14:13:13 +02:00
parent b9f5278846
commit cd65e32cf0
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
doc/chrony.conf.adoc
View File

@@ -2821,7 +2821,11 @@ source is specified in the configuration file with a key shorter than 80 bits.
+ +
The recommended key types are AES ciphers and SHA3 hash functions. MD5 should The recommended key types are AES ciphers and SHA3 hash functions. MD5 should
be avoided unless no other type is supported on the server and client, or be avoided unless no other type is supported on the server and client, or
peers. peers. A major weakness of MD5 for the NTP MAC is a length extension attack,
where a man-in-the-middle attacker can add arbitrary extension fields to the
NTP message and update the MAC to pass the verification of the extended
message. The *extfield* option (enabling processing of the specified extension
field) should not be used for NTP sources authenticated with an MD5 key.
+ +
The <<chronyc.adoc#keygen,*keygen*>> command of *chronyc* can be used to The <<chronyc.adoc#keygen,*keygen*>> command of *chronyc* can be used to
generate random keys for the key file. By default, it generates 160-bit MD5 or generate random keys for the key file. By default, it generates 160-bit MD5 or