centos7: ntp 시계 서버 구축

2333 단어 ntp
ntp-server:
$ sudo yum install ntp
$ cat /etc/ntp.conf
	# For more information about this file, see the man pages
	# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
	
	driftfile /var/lib/ntp/drift
	
	# Permit time synchronization with our time source, but do not
	# permit the source to query or modify the service on this system.
	restrict default nomodify notrap nopeer noquery
	
	# Permit all access over the loopback interface.  This could
	# be tightened as well, but to do so would effect some of
	# the administrative functions.
	restrict 127.0.0.1 
	restrict ::1
	
	# Hosts on local network are less restricted.
	#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
	restrict 20.20.20.0 mask 255.255.255.0 nomodify notrap
	server 20.20.20.21
	
	# Use public servers from the pool.ntp.org project.
	# Please consider joining the pool (http://www.pool.ntp.org/join.html).
	
	server 0.cn.pool.ntp.org
	server 1.cn.pool.ntp.org
	server 2.cn.pool.ntp.org
	server 3.cn.pool.ntp.org
	
	#broadcast 192.168.1.255 autokey	# broadcast server
	#broadcastclient			# broadcast client
	#broadcast 224.0.1.1 autokey		# multicast server
	#multicastclient 224.0.1.1		# multicast client
	#manycastserver 239.255.254.254		# manycast server
	#manycastclient 239.255.254.254 autokey # manycast client
	
	# Enable public key cryptography.
	#crypto
	
	includefile /etc/ntp/crypto/pw
	
	# Key file containing the keys and key identifiers used when operating
	# with symmetric key cryptography. 
	keys /etc/ntp/keys
	
	# Specify the key identifiers which are trusted.
	#trustedkey 4 8 42
	
	# Specify the key identifier to use with the ntpdc utility.
	#requestkey 8
	
	# Specify the key identifier to use with the ntpq utility.
	#controlkey 8
	
	# Enable writing of statistics records.
	#statistics clockstats cryptostats loopstats peerstats
	
	# Disable the monitoring facility to prevent amplification attacks using ntpdc
	# monlist command when default restrict does not include the noquery flag. See
	# CVE-2013-5211 for more details.
	# Note: Monitoring will not be disabled with the limited restriction flag.
	disable monitor

$ sudo systemctl start ntpd
$ date

ntp-client:
$ sudo ntpdate ntp-server-ip
$ date

 
참조 문서:https://blog.csdn.net/qq_34889607/article/details/81503730

좋은 웹페이지 즐겨찾기