[ntp:questions] Use ntpd as a daemon so that it continuously disciplines clock, no listen port
David Woolley
david at ex.djwhome.demon.invalid
Fri Jan 14 22:30:07 UTC 2011
RICCARDO wrote:
> I want to use ntpd as a daemon on client to synchronize to my NTP
> server of company lan.
That's how it is normally used (except for choice of server).
> Can I avoid ntpd service doesn't listen to port 123 on this client ?
ntpd needs to receive the replies from the server. It cannot do so
unless it listens on port 123. The code is not structured in terms of
using a socket for one server. The same socket serves for both
responses and requests, in both directions.
> I'd like using only this service for synchronizing to ntp server, but
> no listen port !
If you have problems with a security consultant with an open port
checker, you will just have to educate them. Otherwise the default
configuration is reasonably secure but you can use restrict statements
and (outside of ntpd) firewall rules to further restrict it.
More information about the questions
mailing list