GithubHelp home page GithubHelp logo

rennefeld / tlsdate Goto Github PK

View Code? Open in Web Editor NEW

This project forked from ioerror/tlsdate

0.0 1.0 0.0 2.66 MB

secure parasitic rdate replacement

License: Other

Makefile 1.26% Shell 1.09% M4 12.36% C 85.08% Ruby 0.21%

tlsdate's Introduction

tlsdate: secure parasitic rdate replacement

 tlsdate sets the local clock by securely connecting with TLS to remote
 servers and extracting the remote time out of the secure handshake. Unlike
 ntpdate, tlsdate uses TCP, for instance connecting to a remote HTTPS or TLS
 enabled service, and provides some protection against adversaries that try to
 feed you malicious time information.

On Debian GNU/Linux and related systems, we provide an init.d script that
controls the tlsdated daemon. It will notice network changes and regularly
invoke tlsdate to keep the clock in sync. Start it like so:

  /etc/init.d/tlsdate start


Here is an example an unprivileged user fetching the remote time:

  % tlsdate -V -n -H encrypted.google.com
  Fri Apr 19 17:56:46 PDT 2013


This is an example run - starting as root and dropping to nobody, setting the
clock and printing it:

  % sudo tlsdate -V
  Fri Apr 19 17:57:49 PDT 2013


Here is an example with a custom host and custom port without verification:

  % sudo tlsdate --skip-verification -p 80 -H rgnx.net

Here is an example where a system may not have any kind of RTC at boot. Do the
time warp to restore sanity and do so with a leap of faith:

  % sudo tlsdate -V -l -t
  Fri Apr 19 18:08:03 PDT 2013


Some SSL/TLS services do not provide accurate time in their handshake process;
tlsdate may also be used to fetch time by processing the HTTP Date headers of
HTTP services:

  % sudo tlsdate -V -l -t -w
  Wed Oct 30 18:08:46 CET 2013

tlsdate's People

Contributors

ioerror avatar fabiankeil avatar redpig avatar nmathewson avatar brianaker avatar borkmann avatar vapier avatar radii avatar antagonismorg avatar stewartsmith avatar d1b avatar mikepb avatar jwerner-chromium avatar massar avatar h01ger avatar dgoulet avatar apenwarr avatar abeluck avatar bsimonnet avatar gauravsh-google avatar ingydotnet avatar javantea avatar jlucangelio avatar kartikm avatar ln5 avatar npe9 avatar xnyhps avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.