Test environment:
Ntpserver 192.168.1.252
Ntpclient 192.168.1.133
Preparations:
Disable SELinux:
VI/etc/SELinux/config
SELinux = disabled
Disable iptables:
Service iptables stop
Chkconfig iptables off
1. Install the NTP software package:
Yum-y install NTP/* Yum install NTP service */
Chkconfig -- add ntpd/* Add NTP */
Chkconfig ntpd on/* Start NTP at startup */
2. Modify the NTP configuration file:
VI/etc/NTP. conf
**************************************** ***********************
# For more information about this file, see the man pages
# NTP. conf (5), ntp_acc (5), ntp_auth (5), ntp_clock (5), ntp_misc (5), ntp_mon (5 ).
Driftfile/var/lib/NTP/drift
Restrict default ignore sets the Default policy to reject all access requests
# Permit time synchronization with our time source, but do not
# Permit the source to query or modify the service on this system.
Restrict default Kod nomodify notrap nopeer noquery
Restrict-6 default Kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This cocould
# Be tightened as well, but to do so wocould effect some
# The administrative functions.
Restrict 127.0.0.1
Restrict-6: 1
# Hosts on local network are less restricted.
Restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap allows machine synchronization time in the LAN
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html ).
Server 0.centos.pool.ntp.org
Server 1.centos.pool.ntp.org
Server 2.centos.pool.ntp.org
# Broadcast 192.168.1.255 autokey # Broadcast Server
# Broadcastclient # broadcast Client
# Broadcast 224.0.1.1 autokey # Multicast Server
# Multicastclient 224.0.1.1 # multicast Client
# Manycastserver 239.415254.254 # manycast Server
# Manycastclient 239.415254.254 autokey # manycast Client
Restrict 0.centos.pool.ntp.org nomodify notrap noquery
Restrict 1.centos.pool.ntp.org nomodify notrap noquery
Restrict 2.centos.pool.ntp.org nomodify notrap noquery
# Undisciplined local clock. This is a fake driver intended for backup
# And when no outside source of synchronized time is available.
Server 127.127.1.0 # local clock
When the external synchronization source of fudge 127.127.1.0 stratum 10 cannot be contacted, use the local time as the synchronization service.
# Enable public key cryptography.
# Crypto
Includefile/etc/NTP/crypto/PW
# Key file containing the keys and key identifiers used when operating
# With encryption Ric key cryptography.
Keys/etc/NTP/keys
# Specify the key identifiers which are trusted.
# Trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
# Requestkey 8
# Specify the key identifier to use with the ntpq utility.
# Controlkey 8
# Enable Writing of Statistics records.
# Statistics clockstats cryptostats Loops
**************************************** ***********************
Install and configure the NTP service in centos 6.3