« previous 1 2 3 4

Access control

The current version 4 of the NTP protocol also defines a key mechanism for access control, but this is irrelevant when contacting public servers. However, to change the server settings using the ntpdc program you have to configure it anyway. Ntpd reads the keys from the file denoted by the keyword "key" in ntp.conf. In the file, there is one key per line:

1 M password

At the beginning of the line is a key number, then the type (in this case, M for MD5) and after that, the key in plain text. In order for ntpd to use this key as well, it has to be declared trustworthy in ntp.conf with the trustedkey 1 command. For queries using the ntpdc program, the valid key is configured as requestkey 1 in ntp.conf.

Using the interactive ntpdc program, you can remove timeservers from the list (command unconfig) or add new ones (command addserver) without having to restart ntpd. Entering help provides a brief overview of possible commands. Exact information about other ntpdc commands, the other programs included in the package and NTP in general can be found in the detailed HTML documentation included in the software package, which replaces the usual man pages.

External service

NTP clients exist for the most popular operating systems, but some of the more exotic ones can only be synchronised using the older daytime and time protocols. Under Linux, the inetd process serves both protocols. To activate the service, the file, /etc/services, has to include the following lines:

daytime 13/tcp
daytime 13/udp
time 37/tcp
time 37/udp

And the file, /etc/inetd.conf, has to include these lines:

daytime stream tcp nowait root internal
daytime dgram udp wait root internal
time stream tcp nowait root internal
time dgram udp wait root internal

Generally, these entries already exist and simply need to be activated by deleting the # at the beginning of the line. Finally, the command killall -HUP inetd prompts the daemon to re-read its configuration data. (je)

« previous 1 2 3 4