Paul Fertser <fercer...@gmail.com>:
> On Tue, May 24, 2016 at 02:38:23PM -0700, Gary E. Miller wrote:
> > The primary defense is simple, change passwords FIRST.
>
> Or even disable password logins altogether and use ssh keys only. But
> that's not for the HOWTO's target audience, unfortunately.
Actually ./clockbuilder --secure does exactly that. Gary's argument
is that the --secure step should be done first rather than last. It's
somewhat undermined by the fact that under his assumptions even that
isn't good enough.
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
