Configuring NTP on a LINUX Server by aihaozhe2


									NTP (Network Time Protocol) is an application developed to provide the
synchronisation of computers and computer network devices. NTP defines algorithms
and a protocol structure to accurately synchronise computer time. This article
discusses how to install and configure the NTP Server application on a Linux machine
to synchronise time with an Internet based public NTP Server.

Internet based NTP time server systems fall into two categories: primary and
secondary reference servers. Primary reference servers utilise a highly accurate
external timing reference, such as GPS or radio clocks, to provide precise time.
Secondary reference time servers obtain time from primary reference servers and offer
reduced accuracy. Primary reference time servers are stratum one servers, while
secondary servers have a stratum greater than one.

The NTP source code is freely downloadable under the GNU public license from the
NTP web site at ''. NTP was originally developed for the LINUX operating
system, however, a port to Windows NT is also available. Once the source code has
been obtained, it should be installed, compiled and configured on the host computer.
This process is automated with the installation and configuration scripts supplied in
the distribution. Many Linux based operating systems have the NTP package
pre-installed. However, it may be prudent to download and install the latest version,
which is currently 4.2.4.

The NTP daemon is configured via a configuration file 'ntp.conf'. This configuration
file may contain a list of public NTP server references that can be used by the host to
synchronise time. Public NTP time servers are specified using the 'server' command,
any characters after the '#' symbol are comments:

server # Public NTP server: NIST, Gaithersburg, Maryland server # Public NTP Server: NIST, Boulder, Colorado

When the configuration file is complete the NTP daemon can be started using the
'ntpd start' script. Other scripts are available to stop and restart the daemon: 'ntpd stop',
'ntpd restart'. There is also a query script available that shows the current
synchronisation status of the daemon: 'ntpq -p'.

NTP provides access control permissions to the NTP server using the 'restrict'
configuration command. There are a number of permutations or the 'restrict' command;
a few examples are listed below.

restrict default ignore #Restrict all access to the time server restrict mask nomodify notrap # Only allow local computers access

Multiple commands can be specified to restrict or disallow access to a range of
NTP provides an additional level of security by utilising authentication codes. This is
a mechanism where matching key codes can be specified on a client and server which
are encrypted and passed between the server and client. This allows a client to
confirm the source of a time message. Authentication keys are configured in the
'ntp.keys' file. They are specified using a key reference, encryption code and
authentication key. Additionally, trusted authentication keys can be specified using the
'trusted key' command is the 'ntpd.conf' configuration file.

To top