Jacob Appelbaum | 3bb69c8 | 2012-07-09 22:22:27 +0200 | [diff] [blame] | 1 | tlsdate: secure parasitic rdate replacement |
| 2 | |
| 3 | tlsdate sets the local clock by securely connecting with TLS to remote |
| 4 | servers and extracting the remote time out of the secure handshake. Unlike |
| 5 | ntpdate, tlsdate uses TCP, for instance connecting to a remote HTTPS or TLS |
| 6 | enabled service, and provides some protection against adversaries that try to |
| 7 | feed you malicious time information. |
| 8 | |
Jacob Appelbaum | b1e5e8b | 2012-11-05 17:35:08 -0500 | [diff] [blame] | 9 | On Debian GNU/Linux and related systems, we provide an init.d script that |
| 10 | controls the tlsdated daemon. It will notice network changes and regularly |
| 11 | invoke tlsdate to keep the clock in sync. Start it like so: |
| 12 | |
| 13 | /etc/init.d/tlsdate start |
| 14 | |
Jacob Appelbaum | cc1ccee | 2013-11-02 00:37:38 +0100 | [diff] [blame] | 15 | |
Jacob Appelbaum | e205d62 | 2012-07-13 18:37:21 +0200 | [diff] [blame] | 16 | Here is an example an unprivileged user fetching the remote time: |
| 17 | |
Jacob Appelbaum | 7a33632 | 2013-04-19 18:08:49 -0700 | [diff] [blame] | 18 | % tlsdate -V -n -H encrypted.google.com |
| 19 | Fri Apr 19 17:56:46 PDT 2013 |
Jacob Appelbaum | e205d62 | 2012-07-13 18:37:21 +0200 | [diff] [blame] | 20 | |
| 21 | |
Jacob Appelbaum | 7a33632 | 2013-04-19 18:08:49 -0700 | [diff] [blame] | 22 | This is an example run - starting as root and dropping to nobody, setting the |
| 23 | clock and printing it: |
Jacob Appelbaum | af07cb5 | 2012-01-18 16:09:19 +1100 | [diff] [blame] | 24 | |
Jacob Appelbaum | 7a33632 | 2013-04-19 18:08:49 -0700 | [diff] [blame] | 25 | % sudo tlsdate -V |
| 26 | Fri Apr 19 17:57:49 PDT 2013 |
| 27 | |
Jacob Appelbaum | b6bfa08 | 2012-01-30 03:46:22 -0800 | [diff] [blame] | 28 | |
Jacob Appelbaum | e205d62 | 2012-07-13 18:37:21 +0200 | [diff] [blame] | 29 | Here is an example with a custom host and custom port without verification: |
Jacob Appelbaum | b6bfa08 | 2012-01-30 03:46:22 -0800 | [diff] [blame] | 30 | |
Jacob Appelbaum | cc1ccee | 2013-11-02 00:37:38 +0100 | [diff] [blame] | 31 | % sudo tlsdate --skip-verification -p 80 -H rgnx.net |
Jacob Appelbaum | af07cb5 | 2012-01-18 16:09:19 +1100 | [diff] [blame] | 32 | |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 33 | Here is an example where a system may not have any kind of RTC at boot. Do the |
Jacob Appelbaum | 920ea03 | 2012-07-15 22:06:02 -0400 | [diff] [blame] | 34 | time warp to restore sanity and do so with a leap of faith: |
Jacob Appelbaum | 894d527 | 2012-07-15 14:32:39 -0400 | [diff] [blame] | 35 | |
Jacob Appelbaum | 7a33632 | 2013-04-19 18:08:49 -0700 | [diff] [blame] | 36 | % sudo tlsdate -V -l -t |
| 37 | Fri Apr 19 18:08:03 PDT 2013 |
Jacob Appelbaum | 3eecb1a | 2012-07-15 21:39:20 -0400 | [diff] [blame] | 38 | |
Jacob Appelbaum | 8ae0ac5 | 2013-10-30 18:12:16 +0100 | [diff] [blame] | 39 | |
| 40 | Some SSL/TLS services do not provide accurate time in their handshake process; |
| 41 | tlsdate may also be used to fetch time by processing the HTTP Date headers of |
| 42 | HTTP services: |
| 43 | |
| 44 | % sudo tlsdate -V -l -t -w |
| 45 | Wed Oct 30 18:08:46 CET 2013 |
| 46 | |
Jacob Appelbaum | cc1ccee | 2013-11-02 00:37:38 +0100 | [diff] [blame] | 47 | |