Securing NTP Servers

Rarely am I using ntpd to serve ntp information. It is more useful for clock-correction than a strict ntp/sntp client. Thus I don’t want the service listening on a wildcard address, even when there is certainly a firewall in place. I prefer the service to not be listening at all, or listening only to the loopback interface. Here is how to configure that in ntpd and chrony.


interface ignore wildcard


port 0
cmdport 0

How can I make chronyd more secure?

Leave a Reply

Your email address will not be published. Required fields are marked *