Linux/unix: Basic Ntp Configuration

linux105 Linux/unix: Basic Ntp Configuration
Richard n Williams asked:


Network Time Protocol (NTP) is an Internet protocol used for the transfer of accurate time, providing time information so that a precise time can be obtained and maintained on a network

Most UNIX and Linux operating systems provide built-in time synchronisation functionality with its NTP (Network Time Protocol) daemon. If the NTP service is not available on your version of UNIXLinux, NTP version 4 is open source and can easily be downloaded and configured, compiled and installed from www.ntp.org.

Network Time Protocol is the standard service for time dissemination across TCP/IP networks. It provides accuracies of 1-50 milliseconds, depending on the characteristics of the synchronization source and network paths.

The configuration file fro the NTP daemon is named ntp.conf and contains a list of reference clocks that it can synchronise too. The command ‘server’ specifies the reference clock, any characters after the ‘#’ symbol are comments, example:

server time-a.nist.gov # Public NTP server: NIST

driftfile /var/lib/ntp/ntp.drift

The drift file command identifies the location where the drift is recorded (sometimes referred to as a ‘frequency error). This value can be offset by NTP to ensure of increased accuracy. When configured, NTP can be controlled using the commands ‘ntpd start’ ‘ntpd stop’ ‘ ntpq –p’ (displays status)

NTP can also authenticate timing resources Note: It is strongly recommends that you configure a time server with a hardware source rather than from the internet where there is no authentication. Authentication codes are specified in the ‘ntp.keys’ file.

Specialist NTP servers are available that can receive transmissions from either GPS or national time reference broadcasts. They are relatively cheap and the signal is authenticated providing a secure time reference.

Authentication allows passwords to be specified by the NTP server and its clients. NTP passwords or keys are stored in the ntp.keys file in the following format: number M (The M stands for MD5 encryption), password:
1 M mypassword

3 M my2ndpassword

5 M my3rdpassword

Authentication for NTP has been developed to prevent malicious tampering with system synchronisation just as firewalls have been developed to protect networks from attack but as with any system of security it only works if it is utilised.



Random Posts

bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark bookmark
tabs-top


No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment