How to configure a Linux NTP server
Network Time Protocol (NTP) provides algorithms and defines messages for the synchronization of time customers for an accurate time reference. This article describes how to configure a Linux NTP time server to synchronize time with an Internet-based public NTP server.
NTP server systems fall into two categories: primary reference servers and secondary reference. Primary reference servers an external reference is used when sufficient time, such as GPS or radio clocks. Secondary reference servers synchronize with slightly reduced accuracy primary reference NTP servers and offer. Primary reference servers are designated stratum 1 servers, while secondary servers have a stratum greater than 1.
The Distribution NTP
NTP source code is freely available from the site of Network Time Protocol Internet. The current version is available for download 4.2.4. NTP is available for Linux operating systems with ports available for Windows NT. After downloading the source code, must be configured, built and installed on the host machine. Many Linux operating systems, such as RedHat, RPM provide NTP packets.
Configuring NTP
The 'ntp.conf' is the main source of configuration information from an NTP server installation. Among other things, contains a list of reference clocks that the installation is synchronization. A list of references NTP server is specified with the 'server' configuration command like this:
the server time-a.nist.gov # NIST, Gaithersburg, Maryland NTP server
the server time-c.timefreq.bldrdoc.gov # NIST, Boulder, Colorado NTP server
Controlling the NTP server daemon
Once configured, the NTP daemon to start, stop and restart with the commands: 'ntpd Start "," ntpd stop' and 'ntpd restart'. The NTP server daemon can be accessed through the "ntpq-p 'command. Ntpq command queries the NTP server for synchronization status and provides a list of servers with synchronization information for each server.
NTP Access Control
NTP server access can be restricted through the "restrict" directive in the ntp.conf file. You can restrict access to the NTP server:
restrict default ignore
To allow only the machinery of its own network to synchronize with the server use:
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
Multiple restriction directives can be specified in the ntp.conf file to restrict access to a particular set of equipment.
Authentication options
Authentication matching allows access to be specified by the NTP server and client partners. NTP keys are stored in the file ntp.keys in the following format: number M-number key (the M means for MD5 encryption), for example:
1 Secret M
5 M RaBBiT
7 M timely
10 M MyKey
In NTP configuration ntp.conf, specify which of the keys listed above are trusted, ie are safe to use. Every key is specified in the key file but not trusted will not be used for authentication, for example:
trustedkey 1 7 10
The NTP server is configured for authentication.
Client Configuration for Authentication
The client must be configured with similar information to the server, however, you can use a subset of the specified keys on the server. A subset of different keys can be used on different clients, including:
Client A)
1 Secret M
7 M timely
trustedkey 1 7
Client B)
1 Secreto M
5 M RaBBiT
7 M timely
10 M MyKey
trustedkey 7 10
Essentially, authentication is used by the client to authenticate the time server is who they claim to be and that no rogue server intervenes. The key is encrypted and sent to the client by the server that is unencrypted and checked that the client keys to ensure a match.
About the Author
Dave Evans develops Linux NTP Server synchronisation systems to ensure accurate time on PC’s and computer networks. Click here to find out more about Linux NTP Time Server systems.
Encrypting File System XP Pro’
|
|
Practical Unix & Internet Security, 3rd Edition $24.00 The world’s most business-critical transactions run on Unix machines, which means the machines running those transactions attract evildoers. Furthermore, a lot of those machines have Internet connections, which means it’s always possible that some nefarious remote user will find a way in. The third edition of Practical Unix & Internet Security contains–to an even greater extent than its favorably… |
|
|
PANIC! UNIX System Crash Dump Analysis Handbook (Bk/CD-ROM) $70.00 Designed as an introduction to UNIX system crash dump analysis, this is the first book to discuss in detail UNIX system panics, crashes and hangs, their causes, what to do when they occur, how to collect information about them, how to analyze that information, and how to get the problem resolved. KEY TOPICS: Part One covers theory and tools. Part Two looks inside UNIX, from the header file… |
|
|
Linux Server Security $26.58 Linux consistently appears high up in the list of popular Internet servers, whether it’s for the Web, anonymous FTP, or general services such as DNS and delivering mail. But security is the foremost concern of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. This highly regarded book, orig… |
|
|
Linux $30.42 A complete revision of the bestselling, in-depth Linux resourceFully revised and expanded, this comprehensive guide covers the latest features of Linux, the widely popular open-source operating system. You will learn to configure and manage all distributions of Linux, set up applications, networks, and servers, and optimize system performance.Written by Linux expert Richard Petersen, Linux: The Complete Reference, Sixth Edition explains, in easy-to-follow language, every aspect Linux. You will get full details on the new Linux kernel, Gnome and KDE, window managers, multimedia tools, Web, FTP, and Mail services, file systems, print servers, and backup procedures. The book also includes new coverage of security protocols, network automatic configuration, IPv6, Yum, Xen, and cutting-edge virtualization technology. |
|
|
Fedora 9 Linux Administration And Security $111.95 Fedora 9 Administration and Security examines topics in system administration, security, and file and device management, including the Fedora system-config administration tools. System administration covers software installation and update with PackageKit, User management, start up and service management using Upstart, virtualization, and system logs, and shell configuration. Security includes PolicyKit authorization, public and private key encryption (GPG and seahorse), SE Linux, firewalls using IPtables, the Secure SHell (SSH), and Kerberos. Device and file system management topics cover udev, the Hardware Abstraction Layer (HAL), Logical Volume Manager (LVM), Linux software RAID, and backups. |
|
|
Linux System Commands $31.12 This one-stop reference for serious Linux users, programmers, and system administrators provides instant access to Linux commands and functions, with coverage of file management, text processing, Internet and e-mail, programming, networking, system administration, m-tools, shells, and GUIs. |
|
|
Pro Linux System Administration $32.3 The authors, who are also systems infrastructure experts, take a layered, component-based approach to open source business systems, while training system administrators as the builders of business infrastructure. This book also provides a solid framework to move forward and expand business and associated IT capabilities.pWe can all be Linux experts, provided we invest the time in learning the craft of Linux administration. Pro Linux System Administration makes it easy for small to medium-sized businesses to enter the world of zero-cost software running on Linux and covers all the distros you might want to use, including Red Hat, Ubuntu, Debian, and CentOS. Authors, and systems infrastructure experts James Turnbull, Peter Lieverdink, and Dennis Matotek take a layered, component-based approach to open source business systems, while training system administrators as the builders of business infrastructure.pIf you want to implement a SOHO or SMB Linux infrastructure, Pro Linux System Administration clearly demonstrates everything you need. You’ll find this book also provides a solid framework to move forward and expand your business and associated IT capabilities, and you’ll benefit from the expertise and experienced guidance of the authors. Pro Linux System Administration covers An introduction to using Linux and free and open source software to cheaply and efficiently manage your business A layered model that allows your infrastructure to grow with your business Easy and simple-to-understand instructions including configurations, examples, and extensive real-world hints and tipsbrWhat you’ll learnpThis book will explain and demonstrate Linux architecture How to build, back up, and recover Linux servers Creating basic networks and network services with Linux Building and implementing Linux infrastructure and services including mail, web, databases, and file and print Implementing Linux security Understanding Linux performance and capacity planning issuesbrWho@@&fffffÿ¾Úx |