openssh unix dev - Aug 2019 - sshd and ntpd

Let's say I have a machine that has both ntpd and openssh set to start
when the machine first boots. Further, suppose that I have an order of
operations like this

00:00:00 - sshd starts
00:00:01 - userA connects to sshd
00:00:02 - ntpd notices the clock is is 15 minutes slow and moves it forward

is it possible that the crypto routines in sshd accept would be
sensitive to the advancing system clock and kill the connection?

Cheers,
peter

On Wed, 14 Aug 2019 at 15:09, Peter Moody <mindrot at hda3.com> wrote:
[...]
> is it possible that the crypto routines in sshd accept would be
> sensitive to the advancing system clock and kill the connection?
For an established session I wouldn't think so.  Once it's up there
only symmetric ciphers unless it rekeys, in which case it'd use also
use the host keys.  For regular key based auth I don't think so
either.

For a connection authenticating via certificates the clock skew might
throw off the certificate validity, but I suspect it'd have to be
pretty far off for it to matter.

For most other timers (eg ClientAliveInterval, RekeyInterval) it uses
CLOCK_MONOTONIC when the platform supports it, and that is not
affected by clock steps.

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.