Date: Fri, 20 Aug 1999 11:52:04 -0400 (EDT) From: Will Andrews <andrews@TECHNOLOGIST.COM> To: Brett Glass <brett@lariat.org> Cc: "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: Securelevel 3 ant setting time Message-ID: <XFMail.990820115204.andrews@TECHNOLOGIST.COM> In-Reply-To: <4.2.0.58.19990820035954.04757b80@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On 20-Aug-99 Brett Glass wrote: > I looked at the man page for xntpd once, and walked away (well, > VIRTUALLY walked away) scratching my head. It was totally opaque. > There was no simple information about how to synchronize with the NIST > every so often; also, it appeared that one needed to leave a large, > expensive daemon running all the time. So, I went with ntpdate, which > was simple and easy to understand (and which got out of the way after > it adjusted the clock). The system with the worst clock drifts no more > than 5 minutes every 12 hours -- and that, I suspect, is mainly due to > busy-waits with interrupts off in the ATAPI driver. Simple xntpd: # echo "server time.nist.gov" > /etc/ntp.conf # echo "driftfile /etc/ntp.drift" >> /etc/ntp.conf # echo "xntpd_enable=\"YES\"" >> /etc/rc.conf # echo "xntpd_flags=\"-c /etc/ntp.conf -p /var/run/xntpd.pid\"" >> /etc/rc.conf # xntpd -c /etc/ntp.conf -p /var/run/xntpd.pid This will suit most people. However, you should also have ntp in your syslog.conf and /var/log/ntp.log should exist. See the syslog.conf(5) manpage, read about "facilities". Xntpd is not that difficult. Unlike ntpdate, it can update your system clock while also acting as a time server for your local network, reducing bandwidth costs (yes, minimal, if you have a very small network, but still worth time and money.) It is also more reliable and far more featureful than ntpdate (hey, encryption compensation!). As for "large, expensive daemon", that is incorrect. xntpd barely takes 1MB of total RAM on my machine, and usually close to zero CPU. -- Will Andrews <andrews@technologist.com> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.990820115204.andrews>