On Tue, Mar 31, 2020, 22:40 Reindl Harald wrote:
>
>
> Am 31.03.20 um 20:32 schrieb Jędrzej Dudkiewicz:
> > but I understand that
> > systemd-timesyncd always uses unprivileged source port?
> what else?
>
NTP has a "Symmetric Active" mode, where both peers use port 123 as source
*and*
Am 31.03.20 um 20:32 schrieb Jędrzej Dudkiewicz:
> but I understand that
> systemd-timesyncd always uses unprivileged source port?
what else?
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
Lennart,
I suppose that what you wrote concerns UDP port on the server
providing system that systemd-timesyncd uses to synchronize time? This
is not a problem, from the point of view of the system where
systemd-timesyncd is running privileged remote port is not a problem,
I have problems if
On Mi, 11.03.20 17:34, Jędrzej Dudkiewicz (jedrzej.dudkiew...@gmail.com) wrote:
> Hi,
>
> I have quite a few devices running Linux in client's network - so I
> have no control over it. It seems that all privileged UDP ports are
> blocked I have to use unprivileged port. I'd like to use
>
I don't understand your answer/information at all. I wanted to know
how to use unprivileged port with systemd-timesyncd - and I got
information that it has sane defaults. So how should I read your
answer? Is there something in systemd that still makes it insecure?
Should I add some other parameter
On Wed, Mar 11, 2020 at 4:17 PM Jędrzej Dudkiewicz
wrote:
> Sorry, of course source port -
No, you really want UDP source port randomization using whatever
algorithm the kernel chooses to, due to security reasons.
___
systemd-devel mailing list
On Thu, Mar 12, 2020 at 8:29 AM Michael Chapman wrote:
>
> On Thu, 12 Mar 2020, Jędrzej Dudkiewicz wrote:
> [...]
> > And one more question: what is systemd-timedated? It seems that is
> > exactly same thing, but I don't think this is true?
>
> It's the DBus service that most bits of timedatectl
On Thu, 12 Mar 2020, Jędrzej Dudkiewicz wrote:
[...]
> And one more question: what is systemd-timedated? It seems that is
> exactly same thing, but I don't think this is true?
It's the DBus service that most bits of timedatectl talk to. timedatectl
doesn't modify system configuration directly.
On Wed, Mar 11, 2020 at 5:52 PM Mantas Mikulėnas wrote:
>
> Well, are you asking about the *source* port or about the *destination* port?
> There are two on every UDP packet.
Sorry, of course source port - I spent so much time trying to
synchronize time using systemd-timesyncd and ntpdate that
Well, are you asking about the *source* port or about the *destination*
port? There are two on every UDP packet.
The source port is *not* from the privileged range -- systemd-timesyncd
always just lets the OS choose a random port from the ephemeral range. (I
have seen some other NTP clients such
10 matches
Mail list logo