Dear all,
does one of you have experience with “ntpd-rs” https://software.opensuse.org/package/ntpd-rs yet?
I consider switching to that…
I really would like to use NTS instead of NTP…
Do not install it from s.o.o….
It is available in the standard repo.
Yes, OK! I just provided that link to provide any URL at all…
Or, maybe, one can take this https://github.com/pendulum-project/ntpd-rs/blob/main/README.md 
But:
Any advice? TIA!
I need some advice here… I am in fear that I will get a system WITHOUT proper time support…
@C7NhtpnK what is wrong with the default chrony?
I run my own gps/pps time server for the local network on a RPi3…
On a Leap 16.0 (i would assume 15.6 is similar) you could install package ntpd-rs and ntpd-rs-common (this will remove chrony if installed) and then do a
systemctl enable ntpd-rs.service
systemctl start ntpd-rs.service
The configuration toml is in /etc/ntpd-rs and is using the ntpd-rs.pool.ntp.org pool as default. To check the sync state you can do:
rolf@leaptest:~> ntp-ctl status
Synchronization status:
Dispersion: 0.000098s, Delay: 0.013702s
Stratum: 3
Sources:
ntpd-rs.pool.ntp.org:123/5.1.73.50:123 (1): -0.000766±0.000108(±0.013320)s
poll interval: 32s, missing polls: 0
root dispersion: 0.024948s, root delay:0.000381s
ntpd-rs.pool.ntp.org:123/141.84.43.75:123 (2): +0.001928±0.000245(±0.034841)s
poll interval: 32s, missing polls: 0
root dispersion: 0.005829s, root delay:0.013626s
ntpd-rs.pool.ntp.org:123/176.9.42.91:123 (3): -0.001175±0.000107(±0.015146)s
poll interval: 32s, missing polls: 0
root dispersion: 0.019913s, root delay:0.010971s
ntpd-rs.pool.ntp.org:123/134.60.111.110:123 (4): +0.000051±0.000039(±0.017835)s
poll interval: 32s, missing polls: 0
root dispersion: 0.000092s, root delay:0.001770s
Servers:
I use this on a test Leap 16.0 VM at the moment just for fun. For production i still use chrony.
On a Leap 16.0 (i would assume 15.6 is similar) you could install package ntpd-rs and ntpd-rs-common (this will remove chrony if installed) and then do a
systemctl enable ntpd-rs.service
systemctl start ntpd-rs.service
The configuration toml is in /etc/ntpd-rs and is using the ntpd-rs.pool.ntp.org pool as default. To check the sync state you can do:
rolf@leaptest:~> ntp-ctl status
Synchronization status:
Dispersion: 0.000098s, Delay: 0.013702s
Stratum: 3
Sources:
ntpd-rs.pool.ntp.org:123/5.1.73.50:123 (1): -0.000766±0.000108(±0.013320)s
poll interval: 32s, missing polls: 0
root dispersion: 0.024948s, root delay:0.000381s
ntpd-rs.pool.ntp.org:123/141.84.43.75:123 (2): +0.001928±0.000245(±0.034841)s
poll interval: 32s, missing polls: 0
root dispersion: 0.005829s, root delay:0.013626s
ntpd-rs.pool.ntp.org:123/176.9.42.91:123 (3): -0.001175±0.000107(±0.015146)s
poll interval: 32s, missing polls: 0
root dispersion: 0.019913s, root delay:0.010971s
ntpd-rs.pool.ntp.org:123/134.60.111.110:123 (4): +0.000051±0.000039(±0.017835)s
poll interval: 32s, missing polls: 0
root dispersion: 0.000092s, root delay:0.001770s
Servers:
I use this on a test Leap 16.0 VM at the moment just for fun. For production i still use chrony.
Please note that the default config does not enable a NTS source.
@rawar Thank you! Appreciated!
@malcolmlewis No, there is nothing “wrong” with chrony — but I was guessing when making the switch NTP → NTS (also possible with chrony) I could also change the backend:
It is written in Rust, with a focus on security and stability.
If you tell me to better stay with chrony (and there is at least “some” argument) I would consider just to adapt my config file… I am open for your opinion. Appreciated.
Run a local time server? I’d suggest just switch to a nts server and keep running chrony…
Another “noob” question: when I set a NTS server in the config, do I have to do something like importing certs or similar initially to get it running properly. Or can I just change my NTP servers (actually it is pool address…) against NTS (dedicated servers only, no pool… as far as I get it) (and reloading the service).?
@C7NhtpnK Some config on the client to enable nts support Section 5 in the following PDF;
https://documentation.suse.com/smart/network/pdf/ntp-time-synchronization_en.pdf
Seems you asked the same question in October last year?
https://forums.opensuse.org/t/how-to-get-network-time-security-nts-to-work/188988/1
Thank you!
Sorry! No bothering! Sorry for any inconvenience! This topic popped up again today… I didn’t remember the old thread at that moment. Oh gosh, I am getting an “old man” (as my nephews say…).
No inconvenience, sometimes the Forum search is a good starting point?
I need GPS for my ADS-B setup, so just decided to add a local time server since it was pumping out PPS, I could configure for NTS, but it’s all local so not a concern…
Now, in the meanwhile, I even wonder if NTS is really “needed”. I mean, I have several devices in my household and surroundings… Some of them where time config is hard-coded. Some of them where I can setup time config. Most of them which only support “normal” NTP — not NTS.
So, NTS is somehow “better” (because it is secured and verified cryptographically…) — but it is really “needed”? Does an ordinary user needs it (I don’t operate the IT for a bank institute with a database with time-stamps…)?
Maybe, I just leave it. When I heard about ntpd-rs I thought NTS is a nice idea. But maybe not a “must”.
@C7NhtpnK I guess whatever your comfort zone is, perhaps if a laptop that is out and about using random public wifi connections etc.
I don’t know. But I switched to NTS (with chrony) a few months ago.
Here a few links I read before I decided to give it a try:
Physikalisch-Technische Bundesanstalt (German)
Working Collaboratively to Improve Emerging Network Time Security Implementations
NTS RFC Published: New Standard to Ensure Secure Time on the Internet
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.