User Tools

Site Tools


requeriments

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
requeriments [2015/09/10 23:11]
cbustillo [Configure NTP]
requeriments [2015/09/10 23:15] (current)
cbustillo [Configure NTP]
Line 364: Line 364:
 # Default restriction:​ Only allow querying time (incl. ms-sntp) from this machine # Default restriction:​ Only allow querying time (incl. ms-sntp) from this machine
 restrict default kod nomodify notrap nopeer mssntp</​code>​ restrict default kod nomodify notrap nopeer mssntp</​code>​
 +
 +A suitable configuration for ntp.conf maybe:
 +
 +<​code>​
 +# Local clock (Note: This is not the localhost address!)
 +server 127.127.1.0
 +fudge  127.127.1.0 stratum 10
 +
 +# The source, where we are receiving the time from
 +server 0.pool.ntp.org ​    ​iburst prefer
 +
 +driftfile ​      /​var/​lib/​ntp/​ntp.drift
 +logfile ​        /​var/​log/​ntp
 +ntpsigndsocket ​ /​usr/​local/​samba/​var/​lib/​ntp_signd/​
 +
 +# Access control
 +# Default restriction:​ Only allow querying time (incl. ms-sntp) from this machine
 +restrict default kod nomodify notrap nopeer mssntp
 +
 +# Allow everything from localhost
 +restrict 127.0.0.1
 +
 +# Allow that our time source can only provide time and do nothing else
 +restrict 0.pool.ntp.org mask 255.255.255.255 nomodify notrap nopeer noquery
 +</​code>​
  
 Finally check that the socket permissions are set correct. It must be readable by the account your ntpd uses and should not be accessable by other: ​ Finally check that the socket permissions are set correct. It must be readable by the account your ntpd uses and should not be accessable by other: ​
requeriments.txt ยท Last modified: 2015/09/10 23:15 by cbustillo