I want to sync some two dozen Linux servers which are spread all over the world. I was thinking about using NTPD, but I want to know the security implications of using it: Is there a possible vulnerability? Should I sync them to a local server and sync it manually?
Thanks,
Udi
any piece of network software is a potential vulnerability, especially if it runs as root as ntpd does. That said, ntpd has a very good security record, so I would have little problem running it, as long as my servers were not listening as ntp servers, merely connecting to them to update the time.
Another thing is that you can configure the NTP daemon process to only return time to designated IP numbers. Thus your NTP server would not respond to requests from others outside your knowledge or responsibility.
I believe that you can even go further and use special encryption and keys if you want to further protect the NTP daemon.
Hmmm....I was under the impression that you could have the NTP daemon run as a non-root user if you wanted to these days.