On Friday 04 April 2003 02:01, Carlos C. Gonzalez wrote: > Hi Timo, > > On April 3, 2003 04:13 pm, Timo Boettcher wrote: > > [snipped] > > > > In my understanding ntpdate is now deprecated in favor of being rolled > > > into ntpd itself. So it should really not be used anymore. > > > > So ntpdate will cease to exist? Any hint on why? > > No idea.
I didn't hear of this. > > > > Also, in my understanding, rdate is a one time thing when you execute > > > it. > > > > As is ntpdate... > > I believe that ntpdate uses the ntp protocol which is more acurate (esp for high lantency links) then rdate. > > > And must be put into a cron job to constantly keep your clock > > > accurate. > > > Whereas ntpd is a daemon that can be started and kept running. > > > Doing the work of keeping your clock accurate automatically as it > > > interogates time servers for you. > > > > But rdate/ntpdate do this, too or is there a difference between them? > Running any time changing application from cron (or at any other time then at boot) is stupid. Running them could mean that the time on your computer is going backwards. There are many applications that can not really handle this (a notable one is make) as they assume (possibly correctly) that time in utc allways increases. It also makes logfiles harder to interpret. So for keeping time accurate one should use some kind of program that slows down or speeds up the lapse of time as ntpd does. > ntpdate is a one time thing too. And must be put into a cron job to > continously keep the clock accurate. It just goes out to the Internet and > gets the correct time. Just once. When it's executed. > DON'T put it in a cronjob, this is stupid. > > ntpd can make the clock go faster/slower for continuosly going right. > > Or did I get this wrong? > Yes, that's what it does. > ntpd will keep the clock accurate. As accurate as it can realistically > be. By going out to the Internet every so often and updating the clock. > You won't notice any slow down or speed up. It will be kept accurate to > the second if not microsecond. > > > Also I heard once that use of all r* programs should be carefully > > considered because of security reasons... does rdate count to this > > group? > Not really. Those programs use host based trust. They basically let you perform actions as a user on the server without any authentication except from your host saying that you are yourself, and the server trusting your hosts IP address. rdate doesn't involve logins at all. > Don't know about rdate but use of ntpd can, not neccessarily will, open up > some security concerns. Personally I am not too worried about it because I > run my computers behind a NAT firewall which sits between me and the > Internet. But if you want to know more there are some good threads on the > gentoo forum about security concerns with ntpd. Don't know which one's off > the bat but there there. > Just block any access to the ntp ports from any hosts than your ntp server(s). You can normally trust them to the extend necessary for ntp. Paul -- Paul de Vrieze Researcher Mail: [EMAIL PROTECTED] Homepage: http://www.cs.kun.nl/~pauldv
pgp00000.pgp
Description: signature
