Linux : krb5 and pam
Jeffrey Hutzelman
jhutz at cmu.edu
Wed Apr 12 12:52:24 EDT 2006
On Tuesday, April 11, 2006 08:40:10 PM +0200 Sensei <senseiwa at mac.com>
wrote:
> Good. One thing I noticed on many clients here is that an ntpdate at
> boot solution is not good, since it can produce large time drifts if
> you don't reboot the clients often. A cron job was my solution.
Note that neither ntpdate-at-boot nor a cron job that runs ntpdate once in
a while really count as "running NTP". A real NTP client needs to be
running continuously, not just for a few seconds once in a while. Over
time it will establish an ideal clock which closely tracks the upstream NTP
servers. It will then correct the system clock by slowly adjusting its
rate, ultimately leaving it running at something resembling the correct
rate. Just running ntpdate cannot do this -- it's not running long enough
to get an idea of how far off-frequency the system clock is.
-- Jeffrey T. Hutzelman (N3NHS) <jhutz+ at cmu.edu>
Sr. Research Systems Programmer
School of Computer Science - Research Computing Facility
Carnegie Mellon University - Pittsburgh, PA
More information about the Kerberos
mailing list