“配置 NTP”的版本间的差异
跳到导航
跳到搜索
Jihongchang(讨论 | 贡献) |
Jihongchang(讨论 | 贡献) |
||
| 第1行: | 第1行: | ||
| − | CentOS 7<syntaxhighlight lang="shell-session"> | + | CentOS 7 |
| + | |||
| + | === 安装需要的软件包 === | ||
| + | <syntaxhighlight lang="shell-session"> | ||
[root@your-vps ~]# yum -y install ntp ntpdate | [root@your-vps ~]# yum -y install ntp ntpdate | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| + | |||
| + | === 确认 NTP 服务器配置 === | ||
| + | <syntaxhighlight lang="shell-session"> | ||
| + | [root@your-vps ~]# cat /etc/ntp.conf | ||
| + | # For more information about this file, see the man pages | ||
| + | # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). | ||
| + | |||
| + | driftfile /var/lib/ntp/drift | ||
| + | |||
| + | # Permit time synchronization with our time source, but do not | ||
| + | # permit the source to query or modify the service on this system. | ||
| + | restrict default nomodify notrap nopeer noquery | ||
| + | |||
| + | # Permit all access over the loopback interface. This could | ||
| + | # be tightened as well, but to do so would effect some of | ||
| + | # the administrative functions. | ||
| + | restrict 127.0.0.1 | ||
| + | restrict ::1 | ||
| + | |||
| + | # Hosts on local network are less restricted. | ||
| + | #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap | ||
| + | |||
| + | # Use public servers from the pool.ntp.org project. | ||
| + | # Please consider joining the pool (http://www.pool.ntp.org/join.html). | ||
| + | server 0.centos.pool.ntp.org iburst | ||
| + | server 1.centos.pool.ntp.org iburst | ||
| + | server 2.centos.pool.ntp.org iburst | ||
| + | server 3.centos.pool.ntp.org iburst | ||
| + | |||
| + | #broadcast 192.168.1.255 autokey # broadcast server | ||
| + | #broadcastclient # broadcast client | ||
| + | #broadcast 224.0.1.1 autokey # multicast server | ||
| + | #multicastclient 224.0.1.1 # multicast client | ||
| + | #manycastserver 239.255.254.254 # manycast server | ||
| + | #manycastclient 239.255.254.254 autokey # manycast client | ||
| + | |||
| + | # Enable public key cryptography. | ||
| + | #crypto | ||
| + | |||
| + | includefile /etc/ntp/crypto/pw | ||
| + | |||
| + | # Key file containing the keys and key identifiers used when operating | ||
| + | # with symmetric key cryptography. | ||
| + | keys /etc/ntp/keys | ||
| + | |||
| + | # Specify the key identifiers which are trusted. | ||
| + | #trustedkey 4 8 42 | ||
| + | |||
| + | # Specify the key identifier to use with the ntpdc utility. | ||
| + | #requestkey 8 | ||
| + | |||
| + | # Specify the key identifier to use with the ntpq utility. | ||
| + | #controlkey 8 | ||
| + | |||
| + | # Enable writing of statistics records. | ||
| + | #statistics clockstats cryptostats loopstats peerstats | ||
| + | |||
| + | # Disable the monitoring facility to prevent amplification attacks using ntpdc | ||
| + | # monlist command when default restrict does not include the noquery flag. See | ||
| + | # CVE-2013-5211 for more details. | ||
| + | # Note: Monitoring will not be disabled with the limited restriction flag. | ||
| + | disable monitor | ||
| + | [root@your-vps ~]# | ||
| + | |||
| + | </syntaxhighlight>国内可以变更 Server 节点为:<blockquote>server ntp.aliyun.com</blockquote> | ||
2022年8月23日 (二) 17:24的最新版本
CentOS 7
安装需要的软件包
[root@your-vps ~]# yum -y install ntp ntpdate
确认 NTP 服务器配置
[root@your-vps ~]# cat /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
[root@your-vps ~]#
国内可以变更 Server 节点为:
server ntp.aliyun.com