Fedora Developers Discuss Retiring NTP, Deprecating SCP Protocol

Written by Michael Larabel in Fedora on 2 November 2020 at 02:00 PM EST. 35 Comments
FEDORA
Following the successful shipping of Fedora 33, Red Hat developers have begun proposing more changes for future Fedora releases.

Jakub Jelen of Red Hat's Crypto Team today proposed deprecating SCP. Yes, SCP as in Secure Copy, but the deprecation is actually about the SCP protocol and not the tool itself. Jakub has written a patch for the SCP tool to use SFTP internally and would allow using the scp tool as-is with existing behavior albeit is actually done via SFTP rather than the SCP protocol. There are some items missing but otherwise appears to be in good shape. The patch would still support falling back to the SCP protocol if desired/needed.

A Copr repository has been established with the patch against the current Fedora OpenSSH package. More details on this and the feedback being collected can be found from this mailing list thread. Feedback to this possible Fedora change seems positive as long as the SCP command behaves the same and there are no performance issues.

In a separate mailing list discussion, Red Hat's Miroslav Lichvar has proposed retiring NTP. The basis for that is the upstream NTP project isn't moving much with not many contributors while development is happening "behind closed doors" and there are multiple security vulnerabilities that are currently unresolved or only partially addressed. Red Hat Enterprise Linux already dropped the NTP package due to those security issues and now Fedora might follow a similar route. NTPSEC is proposed as the possible NTP replacement.

We'll see if either of these proposals materialize for Fedora 34 or what else comes about in the weeks/months ahead for F34 due out in the spring.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week