On Sat, Dec 25, 2021 at 11:09:32AM -0000, Stuart Henderson wrote: > On 2021-12-22, ue...@danwin1210.de <ue...@danwin1210.de> wrote: > > How can I reload date from ntpd after boot? > > rcctl stop ntpd > rdate $timeserver > rcctl start ntpd
Note that rdate doesn't support the concept of constraints as ntpd does, so it's entirely possible for someone who can observe the outgoing request, (to see the random timestamp that we send), and spoof a response from the ntp server, to deliberately cause your clock to be set incorrectly. Assuming that ntpd restarts correctly immediately afterwards, the window of opportunity is very small, but it does introduce a vulnerability that wouldn't exist using ntpd alone.