[ntp:questions] ntp.conf: ownership and permissions

Steve Kostecke kostecke at ntp.isc.org
Tue Dec 19 21:18:08 UTC 2006


On 2006-12-19, Richard B. Gilbert <rgilbert88 at comcast.net> wrote:
> woger151 at jqpx37.cotse.net wrote:
>
>> What is the minimal access rights that can be placed on ntp.conf in
>> order for ntpd to work properly?
>
> Whatever account is running nptd needs read access.

ntpd does not write to its configuration file.

> Since there is normally nothing particularly secret about an ntpd
> configuration you need not worry about who can read it.

If you are using NTP Authentication (e.g. Autokey or symmetric keys)
your ntp.conf will contain password information that should only be
visible to the ntpd user. In that case ntp.conf should _not_ be world
readable.

It could, therefore, be considered a good practice to make your ntp.conf
writeable only by root and readable only by root and the ntp user.

chmod 640
chown root:ntp (or chown root:root)

-- 
Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project - http://ntp.isc.org/




More information about the questions mailing list