| Re: [chrony-users] Run chrony without acting as a NTP server |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-users Archives
]
On Wed, Jan 08, 2014 at 12:26:06PM -0800, Bill Unruh wrote:
> Note that you CAN use the port directive to tell chrony to listen to
> a non-standard port, rather than 123. Thus noone else in the world would then
> know which port to attack. With the directive port 0 not even you would know,
> since chrony would ask the kernel for a random port.
Yes, you can get a "client only" mode by letting the kernel assign the
local NTP port randomly. I think that's what openntpd does. Also, the
cmdmon port (323) doesn't need to be open to outside. In the config
file that would be:
port 0
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
--
Miroslav Lichvar
--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx
with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.