[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ntpdate from cron -- DON'T DO THAT!

Nate writes:
> If ntpd can be configured not to listen for connections on any port then
> maybe I would use it...

Well, chrony certainly can: the default is to allow no access.  You can
configure it to allow or deny access from just about any combination of
hosts, IPs, and subnets.  It is simple to set up a chrony server that is a
client of a stratum 2 server out on the Net and a server for the machines
on your LAN.  The machines on the LAN can run client-only chronyds,
ntpdate, or whatever.

And chrony has never had a security "issue".
John Hasler
Dancing Horse Hill
Elmwood, Wisconsin

Reply to: