[ntp:questions] Use ntpd as a daemon so that it continuously disciplines clock, no listen port

David Woolley david at ex.djwhome.demon.invalid
Fri Jan 14 22:30:07 UTC 2011


RICCARDO wrote:
> I want to use ntpd as a daemon on client to synchronize to my NTP
> server of company lan.

That's how it is normally used (except for choice of server).

> Can I avoid ntpd service doesn't listen to port 123 on this client ?

ntpd needs to receive the replies from the server.  It cannot do so 
unless it listens on port 123.  The code is not structured in terms of 
using a socket for one server.  The same socket serves for both 
responses and requests, in both directions.

> I'd like using only this service for synchronizing to ntp server, but
> no listen port !

If you have problems with a security consultant with an open port 
checker, you will just have to educate them.  Otherwise the default 
configuration is reasonably secure but you can use restrict statements 
and (outside of ntpd) firewall rules to further restrict it.




More information about the questions mailing list