Bug 19316 - ntp installation ships with default password enabled
ntp installation ships with default password enabled
Status: CLOSED DEFERRED
Product: Red Hat Linux
Classification: Retired
Component: ntp (Show other bugs)
7.0
All Linux
high Severity medium
: ---
: ---
Assigned To: Preston Brown
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-10-18 09:16 EDT by David Woodhouse
Modified: 2008-05-01 11:37 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-10-18 10:28:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Woodhouse 2000-10-18 09:16:44 EDT
Even though /etc/ntp.conf has the line

#keys /etc/ntp/keys 

...commented out, and says:
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will.

... ntpd appears to use the default keys file anyway, allowing anyone to
connect to a default RH7 install using the default passwords for keys 1 and
65535. 

Also, bugzilla really ought to have 'ntp' listed, not 'xntp3'.
Comment 1 Jeff Johnson 2000-10-18 09:56:24 EDT
All these values are commented out, and there's already a GREAT BIG WARNING.
Comment 2 Alan Cox 2000-10-18 10:03:08 EDT
Guess again.
Comment 3 David Woodhouse 2000-10-18 10:19:28 EDT
If I didn't work for RHAT my next response would be to post to BugTraq.

The line is commented out in /etc/ntp.conf, yes - as I explicitly mentioned in
my original report. But ntpd uses the keys in /etc/ntp/keys _anyway_.

Did you actually bother to _try_ connecting to a default RH7 installation?

Comment 4 Jeff Johnson 2000-10-18 10:24:18 EDT
'Twasn't a guess:

From /etc/ntp.conf:
#
# Keys file.  If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will.
#
#keys           /etc/ntp/keys
#trustedkey     65535
#requestkey    65535
#controlkey     65535

bash$ rpm -q ntp
ntp-4.0.99j-j
bash$ rpm -V ntp
.......T c /etc/ntp.conf
..?..... c /etc/ntp/keys

The T is from editing out the one line change to add a ntp server.
Comment 5 Jeff Johnson 2000-10-18 10:26:26 EDT
Ah, I've misread the report. Off to figger what's up with ntp ...
Comment 6 Jeff Johnson 2000-10-18 10:26:55 EDT
Ah, I've misread the report. Off to figger what's up with ntp ...
Comment 7 David Woodhouse 2000-10-18 10:28:47 EDT
For fuck's sake.

passion /home/dwmw2 # tail /etc/ntp.conf 
# Keys file.  If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will.
#
#keys		/etc/ntp/keys
#trustedkey	65535
#requestkey	65535
#controlkey	65535
passion /home/dwmw2 # cat /etc/ntp/keys 
65535	M	akey
1	M	pass
passion /home/dwmw2 # rpm -V ntp
S.5....T c /etc/ntp.conf
passion /home/dwmw2 # ntpdc `hostname`
ntpdc> addpeer 1.2.3.4
Keyid: 65535
MD5 Password: 
done!
ntpdc> 
Comment 8 Jeff Johnson 2000-10-19 14:04:27 EDT
This is "fixed" in ntp-4.0.99k-2 by
1) commenting out everything in /etc/ntp/keys, no default keys are provided at
all.
2) removing the startup of ntpd with -A. This breaks anonymous multicast
delivery, but that can't be helped.
3) adding comments about -A in both ntp.conf and ntp/keys.

A real "fix" will involve adding some public key crypto based on (perhaps) host
certificates, and/or
enabling the new-fangled autokey functionality available in 4.0.99k, but it's
too soon to attempt
this effort.

Note You need to log in before you can comment on or make changes to this bug.