ObjectiveThe objective is to configure private NTP server on Debian 9 Stretch Linux
Operating System and Software Versions
- Operating System: - Debian 9 Stretch
- Software: - ntpd 4.2.8
RequirementsPrivileged access to your Debian server installation will be required.
- # - requires given linux commands to be executed with root privileges either directly as a root user or by use of
- $ - requires given linux commands to be executed as a regular non-privileged user
InstructionsIf you are running a single system or small local area network with few hosts, setting up a dedicated NTP server could be considered as an overkill. However, for a large network, setting up a private NTP server, privately serving LAN clients only is recommended.
NTP Server InstallationThe installation of NTP server is easy as one command execution:
# apt install ntpAfter installation, confirm that your NTP server is up and running:
# systemctl status ntp ● ntp.service - LSB: Start NTP daemon Loaded: loaded (/etc/init.d/ntp; generated; vendor preset: enabled) Active: active (running) since Fri 2017-06-16 10:19:45 AEST; 3s ago Docs: man:systemd-sysv-generator(8) Process: 1259 ExecStop=/etc/init.d/ntp stop (code=exited, status=0/SUCCESS) Process: 1308 ExecStart=/etc/init.d/ntp start (code=exited, status=0/SUCCESS) Tasks: 2 (limit: 4915) CGroup: /system.slice/ntp.service └─1318 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 108:112
NTP Server ConfigurationThe NTP sever comes pre-configured out of the box. The configuration of your NTP server can be managed via
/etc/ntp.confconfiguration file. The default NTP server configuration relies on
pool 0.debian.pool.ntp.org iburst pool 1.debian.pool.ntp.org iburst pool 2.debian.pool.ntp.org iburst pool 3.debian.pool.ntp.org iburstDepending on your location you may edit the above NTP server group to any know NTP server closer to your location. Alternatively, use country specific
pool.ntp.orgsub-groups. For example to limit NTP server sub-group to United States edit your
pool 0.us.pool.ntp.org iburst pool 1.us.pool.ntp.org iburst pool 2.us.pool.ntp.org iburst pool 3.us.pool.ntp.org iburstThis works for most countries. For example if you are within Australia the
0.au.pool.ntp.org, for India
0.in.pool.ntp.organd so on.
Additionally, you may want to restrict access to your NTP server only to a specific LAN clients. For example by adding the bellow line within your
/etc/ntp.confNTP config file the server will restrict NTP use only to
10.0.0.0network with mask
restrict 10.0.0.0 mask 255.0.0.0 nomodify notrapAfter you have made changes to
/etc/ntp.confNTP configuration file issue server restart:
# systemctl restart ntpTo enable your server to start after reboot run:
# systemctl enable ntp ntp.service is not a native service, redirecting to systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable ntp
Client ConfigurationTo configure client to use NTP server, first you need to install
# apt install ntpdateOnce installed, attempt to query your new NTP server. Given that the NTP server can be resolved via host name
# ntpdate linuxconfig.ntp 6 Jun 10:59:05 ntpdate: adjust time server 10.1.1.125 offset -0.005883 secWhat remains, is to edit
/etc/default/ntpdatefile to force your client to use your new NTP server permanently.