Configure a Linux Ntp Server

NTP server systems fall into two categories: primary reference servers and secondary reference servers. Primary reference servers use an external timing reference to provide time, such as GPS or radio clocks. Secondary reference servers synchronise with primary reference NTP servers and offer slightly reduced accuracy. Primary reference servers are designated stratum 1 servers, while secondary servers have a stratum greater than 1.

The NTP Distribution

The NTP source code is freely available from the Network Time Protocol web site. The current version available for download is 4.2.4. NTP is available for the Linux operating systems with ports available for Windows NT. Once the source code is downloaded, it should be configured, compiled and installed on the host machine. Many Linux operating systems, such as RedHat, offer NTP RPM packages.

Configuring NTP

The ‘ntp.conf’ file is main source of configuration information for a NTP server installation. Amongst other things, it contains a list of reference clocks that the installation is to synchronise. A list of NTP server references is specified with the ‘server’ configuration command thus:

server time-a.nist.gov # NIST, Gaithersburg, Maryland NTP server

server time-c.timefreq.bldrdoc.gov # NIST, Boulder, Colorado NTP server

Controlling the NTP Server Daemon

Once configured, the NTP daemon can be started, stopped and restarted using the commands: ‘ntpd start’; ‘ntpd stop’ and ‘ntpd restart’. The NTP server daemon can be queried using the ‘ntpq -p’ command. The ntpq command queries the NTP server for synchronisation status and provides a list of servers with synchronisation information for each server.

NTP Access Control

Access to the NTP server can be restricted using the ‘restrict’ directive in the ntp.conf file. You can restrict all access to the NTP server with:

restrict default ignore

To only allow machines on your own network to synchronize with the server use:

restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

Multiple restrict directives can be specified in the ntp.conf file to restrict access to a specified range of computers.

Authentication Options

Authentication allows a matching passwords to be specified by the NTP server and associated clients. NTP keys are stored in the ntp.keys file in the following format: Key-number M Key (The M stands for MD5 encryption), e.g.:

1 M secret

5 M RaBBit

7 M TiMeLy

10 M MYKEY

In the NTP configuration file ntp.conf, specify which of the keys specified above are trusted, i.e. are secure and you want to use. Any keys specified in the keys file but not trusted will not be used for authentication, e.g.:

trustedkey 1 7 10

The NTP server is now configured for authentication.

Client Configuration for Authentication

The client needs to be configured with similar information as the server, however, you may use a subset of the keys specified on the server. A different subset of keys can be used on different clients, e.g.:

Client A)

1 M secret

7 M TiMeLy

trustedkey 1 7

Client B)

1 M secret

5 M RaBBit

7 M TiMeLy

10 M MYKEY

trustedkey 7 10

Essentially authentication is used by the client to authenticate that the time server is who he says he is, and that no rogue server intervenes. The key is encrypted and sent to the client by the server where it is unencrypted and checked against the client keys to ensure a match.

Advertisements
  1. first!

  2. Finally a smart blogger…I adore how you might be thinking and writing!

  3. Good day, A really occupying document. Continue it up.

  4. Instruction in youth is like engraving in stones. Berber North Africa

  5. Simply want to say your article is as astonishing. The clarity in your post is simply excellent and i can assume you’re an expert on this subject. Fine with your permission let me to grab your feed to keep updated with forthcoming post. Thanks a million and please keep up the rewarding work.

  6. This is very interesting, You’re a very skilled blogger. I have joined your rss feed and look forward to seeking more of your excellent post. Also, I have shared your site in my social networks!

  7. Hands down, Apple’s app store wins by a mile. It’s a huge selection of all sorts of apps vs a rather sad selection of a handful for Zune. Microsoft has plans, especially in the realm of games, but I’m not sure I’d want to bet on the future if this aspect is important to you. The iPod is a much better choice in that case.

  8. some really interesting points you have written.

  9. Well, the post is definitely the freshest on this laudable topic. I concur inside your conclusions and will thirstily look forward for ones future updates.

  10. Have you thought about adding some relevant links to the article? I think it might enhance my understanding.

  11. Hey I found this website to be actually fascinating! Bookmarked! http://snoopnews.info/celebritynews678.html

  12. Nice post. The information presented here was the greatest I could find all day lengthy, and I have been searching tough on the Web. I think you should put this up on a big social bookmarking website, you will find that it spreads like wildfire – Cheers – dave

  13. Excellent work buddy, keep writing.

  14. I dugg some of you post as I cogitated they were very helpful invaluable

  15. Thanks for providingsuch great information. I really likeyour professional approach.

  16. Man I like your comment and it was so informational and I am gonna bookmark it. I Have to say the Superb analysis this article has is trully remarkable.No one goes that extra mile these days? Well Done. Just another tip you canget a Translator Application for your Worldwide Audience …

  17. There usually are not many web sites with information like this man! Bookmarked!

  18. The author talked about some engaging things here. I found this by searching Yahoo and I must admit that I already subscribed to your website, it is very great 😀

  19. Thanks a bunch for taking the effort and time to write something which is invoking

  20. I couldn’t have asked for a much better blog. You are there to provide excellent assistance, going straight to the point for straightforward understanding of your subscribers. You’re really a terrific expert in this arena. Many thanks for being there guys like me.

  21. Blog is very good quality, would maintain the level and comes to the top of google.

  22. Nice Blog! Please let your readers know that I found an awesome site they would enjoy too – http://aboutandroid.com – Everything about android! Android just started outselling the iphone too!

  23. Thanks a lot for this well written post

  24. I have been exploring for a little bit for any high quality articles or blog posts on this kind of area . Exploring in Yahoo I at last stumbled upon this website. A href=”http://www.ifundacja.pl”>1 procent Reading this info So i am happy to convey that I have a very good uncanny feeling I discovered just what I needed. I most certainly will make certain to don’t forget this website and give it a glance regularly.<

  25. do you have an rss feed?

  26. Thanks , I’ve just been searching for info about this topic for a long time and yours is the greatest I have discovered till now. But, what concerning the conclusion? Are you positive concerning the source?

  27. What’s Happening i am new to this, I stumbled upon this I’ve discovered It absolutely useful and it has helped me out loads. I hope to contribute & help different customers like its aided me. Good job.

  28. I’ve been browsing online more than 3 hours today, yet I never found any interesting article like yours. It’s pretty worth enough for me. In my view, if all webmasters and bloggers made good content as you did, the net will be a lot more useful than ever before.

  29. Thanks for sharing excellent information. Your site is so cool. I’m impressed by the info that you’ve on this blog. It reveals how nicely you understand this subject. Bookmarked this web page, will come back for more articles.

  30. Hey!….I’ve been away for some time- I have been knuckled down building a classic car insurance website but now I remember why I used to love this site. Thanks, I will try my best to take some time out from classic car insurance and visit back more frequently. How frequently do you update this blog?

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: