Data Centers

Use OpenNTPD for time synchronization

Traditionally, the time synchronization application used on Linux systems has been ntpd (network time protocol daemon). However, for quite some time now, the developers behind OpenSSH have created a secure, lean, and easy to configure NTP daemon called OpenNTPD. Many Linux distributions provide OpenNTPD, but few use it as the default ntpd service.

The traditional NTP service provided with Linux distributions comes in a client/server flavor. The client, ntpdate, connects to an NTP service and sets the system clock accordingly, to keep the system clock as accurate as possible. Ntpd does the same thing, but keeps checking the time servers to keep the system clock accurate, as well as acts as an ntpd server to other clients.

However, if you look at the NTP package with most distributions, you will see a handful of applications: ntpdate, ntpd, ntpq, ntp-keygen, ntpstat, and more. Contrast that to what comes with OpenNTPD: ntpd — one single application that acts as both client and server. With the use of its very straightforward configuration file, you can determine whether or not ntpd acts as just a client, or as both server and client. By default, ntpd acts as a client only.

Starting ntpd is extremely simple and has a small number of options. Most distributions that provide OpenNTPD will also provide an initscript to start it. If such an initscript is not available, simply add the following to /etc/rc.d/rc.local or a similar one-time startup script:


This will start the ntpd service, and it will immediately begin checking the clock time against the configured remote NTP servers and adjust the clock as necessary.

To have ntpd act as a server, edit /etc/ntpd.conf and uncomment one of the "listen" lines, such as:


This will make ntpd listen for incoming requests on the IP address, port 123.

If you have multiple machines and wish to have one act as the primary NTP server for your local network, use a configuration similar to the following for the NTP server:


On the client systems, simply use:


This will cause all the client systems to contact the defined NTP server on the local network, which will reduce extraneous traffic to the world-wide NTP servers. The primary NTP server still sets the clock according to the world-wide NTP servers, and that time information is then easily propagated to the clients.

Delivered each Tuesday, TechRepublic's free Linux and Open Source newsletter provides tips, articles, and other resources to help you hone your Linux skills. Automatically sign up today!


Vincent Danen works on the Red Hat Security Response Team and lives in Canada. He has been writing about and developing on Linux for over 10 years and is a veteran Mac user.

Editor's Picks

Free Newsletters, In your Inbox