Luc Pardon wrote: > > > Heiko Gerstung wrote: >> Luc Pardon schrieb: >>> [... very interesting but long security discussion ...] >>> >>> >>> It certainly would make _me_ happy. What I miss in OpenNTPD is >>> not so much the reduced precision as the lack of ntpq. >> >> Sorry for eating all the quoted text, but I only wanted to ask you why >> there is no such thing as ntpq for OpenNTPD? >> > No problem about eating the text, I only hope you won't get stomach > problems <g>. > >> Where do you think would the "server" part get all the information >> that ntpq shows to you? >> >> In order to provide this, the "client" part (ntpd in your scenario) >> would at least have to listen for ntpq queries. >> >> I would think that adding a configuration statement that specifies one >> or more interfaces ntpd should listen on would be the easiest >> solution, no? >> > > This would in fact be one reason to combine client and server > functionality in one daemon, so that the server part could easily look > at the info that the time client keeps around. If you make the client > listen to ntpq-queries, there is no real reason it can't answer the > regular time queries as well. > > But in any case, yes, the interface where ntpq queries are accepted > should be configurable. >
Now I wonder why you don't look at the restrict statement particularly the noquery option? Danny > >> Best regards, >> Heiko > > Luc > _______________________________________________ > questions mailing list > [email protected] > https://lists.ntp.isc.org/mailman/listinfo/questions > _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
