Re: ntpdate from cron -- DON'T DO THAT!
N. Thomas said:
> * Sonny Kupka <sonny@nothnbut.net> [2002-12-21 10:46:12 -0600]:
>> I have ntpdate installed on woody.. and it's not automagically keeping
>> my system in sync..
>
> Contrary to what you may have heard, ntpdate does not keep your system
> clock synced. Also ignore the foolish recommendations to run ntpdate from
> a cron job.
it can, and does I've been using it for ages. I do not like to run
ntpd on everything[1]. The less daemons listening on ports the better for me.
ntpd is more accurate then ntpdate, but doing a ntpdate <timeserver>;
hwclock --systohc works fine for me.
I could configure individual firewall rules on all my machines to block
ntp traffic, but it's easier to use ntpdate (I call it from cron on 1 system
which SSH's to the others and runs it). And the accuracy is acceptable for
me. I have it run hourly and it syncs against a local ntp on my LAN.
If ntpd can be configured not to listen for connections on any port then
maybe I would use it, I haven't looked into it a whole lot since ntpdate
works good enough for me, but I don't recall seeing such an option.
nate
[1] http://www.kb.cert.org/vuls/id/970472
yes I know it's patched now, but another issue could come up in the
future, and ntpd is not vital enough for me to run everywhere.
Reply to: