NTP servers
Hi, I'm interested in setting up an NTP server on a debian machine with security in mind, but from my lookings at the official NTP server (www.ntp.org), the daemon which serves time also updates the local clock, and hence has to have permission to do so. I'm looking for a software package that provides: - An NTP server (to serve time to NTP clients) that I can run as a non-priveleged user, chrooted. - An NTP client, that will keep the clock of the computer doing the NTP serving up to date. Has anyone seen something along these lines? I've searched around with google, but the only things I've come up with are the -u switch in ntpd (which doesn't do what I want, it makes the non-priveleged user still update the clock), and djb's clockspeed package, which doesn't do NTP. Any suggestions would be much appreciated. If I have directed this to the wrong forum, I apologize --- please point me in the direction of the right one. -- adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: NTP servers
On Thu, Aug 12, 2004 at 10:40:14AM -0700, Adam Morley wrote: Hi, I'm interested in setting up an NTP server on a debian machine with security in mind, but from my lookings at the official NTP server (www.ntp.org), the daemon which serves time also updates the local clock, and hence has to have permission to do so. [...] http://www.openntpd.org/ /Thomas -- == Encrypted e-mails preferred | GPG KeyID: 114AA85C -- signature.asc Description: Digital signature
Re: NTP servers
On Thu, Aug 12, 2004 at 10:40:14AM -0700, Adam Morley wrote: I'm interested in setting up an NTP server on a debian machine with security in mind, but from my lookings at the official NTP server (www.ntp.org), the daemon which serves time also updates the local clock, and hence has to have permission to do so. It pretty much has to. If it doesn't control the local clock it can't calculate the local drift and can't serve accurate time. Mike Stone -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: NTP servers
Adam Morley wrote: I'm looking for a software package that provides: - An NTP server (to serve time to NTP clients) that I can run as a non-priveleged user, chrooted. Not sure if it fits your needs but the OpenBSD-guys recently released OpenNTPD: http://www.openntpd.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: NTP servers
On Thu, Aug 12, 2004 at 10:40:14AM -0700, Adam Morley wrote: I'm looking for a software package that provides: - An NTP server (to serve time to NTP clients) that I can run as a non-priveleged user, chrooted. - An NTP client, that will keep the clock of the computer doing the NTP serving up to date. Stock ntpd will suit your needs. From version 4.2 it drops its privileges early and only retains CAP_SYS_TIME to be able to adjust the clock. Drop me a line if you need backported packages from testing. bit, adam -- Am I a cleric? | 1024D/37B8D989 Or maybe a sinner? | 954B 998A E5F5 BA2A 3622 Unbeliever?| 82DD 54C2 843D 37B8 D989 Renegade? | http://sks.dnsalias.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]