[nSLUG] Security on dialup

Julien Savoie julien.savoie at usainteanne.ca
Fri Mar 7 08:30:27 AST 2014


On 26/02/14 10:03 AM, Vlado Keselj wrote:
> 1. My simple rule: Simply forget about rsh, rlogin, and similar.  Telnet 
> may be useful for debugging servers and similar, if you know what you are 
> doing.  Always use ssh. (And live relatively worry-free. :-)
>
> 2. For syncronizing time, I would try to use the standard NTP protocol.
> With internet connection, you can use a daily cron job with the following 
> commands:
>
> /usr/sbin/ntpdate time.nrc.ca
> /usr/sbin/hwclock --systohc
>
> (Assumes installed ntpdate package.)
>
> This gets nearly perfect time and sets the hardware clock accordingly.  
> BIOS clocks are quite inaccurate in my experience: some will drift even
> 11 seconds a day, so running this daily is a good idea.
If there's a concern for security, and you're abandoning non-encrypted
protocols, then one might want to look at the security of NTP itself. 
Might I suggest taking a look at tlsdate: 
https://github.com/ioerror/tlsdate or the unstable branch of Debian;
https://packages.debian.org/sid/tlsdate



More information about the nSLUG mailing list