Hi,
I only recently switched from openntpd to chrony because it failed to set the clock correctly on my system and isn't maintained anymore for linux. I want to run chrony just as an "client" to sync the clock on the computer it's running on.
My problem is, that in my default configuration, chronyd starts listening on the wildcard addresse *:123/:::123 (NTP) and *:323/:::323 (chronyc). I think that it's unnecessary to have these ports open, since I don't have any ntp-client that may connect to chrony.
Is it possible to stop chrony from listening on any network interface?
I coulnd't find a direct answer to the above question and than thought, that I can at least stop chrony from listening on public interfaces and added the following line to the configuration file:
bindaddress 127.0.0.1
bindaddress ::1
That way I had chrony listening only on localhost. But since that change weird messages appeared in the logs:
...
Could not send to
62.113.250.37:123 : Invalid argument
Could not send to
83.170.1.42:123 : Invalid argument
Could not send to
198.199.111.124:123 : Invalid argument
...
After some investigation I found out that these messages stopped after I removed the "bindaddress"-clauses from the configuration file. I think that these IP-addresses are NTP-servers that chrony tries to connect to and probably fails. The reason for that seems to be, that it is running on localhost. I'm not 100% sure that that is the cases, since I couldn't find anyone having a similar problem. Besides that, if it's true, I think that "Invalid argument" is a bit misleading.
If I can't have chrony to stop listening on an interface, can I at least have it to listen on localhost and just connect to public NTP servers on a public network interface to sync the time?
Sincerely, Wilhelm Schuster.