I have, at least I think so, been able to install chrony on Kubuntu 7.10. However I cannot log into chronyc. Several questions:
1) Should it be a /etc/chrony.conf file (which is a file .conf in the chrony directory) or a /etc/chrony/chrony.conf (which is a file chorny.conf in the chrony directory)?
2) Same for the keys file, should it be /etc/chrony.keys or /etc/chrony/chrony.keys
My conf and keys file are
conf:
#######################################################################
# $Header: /cvs/src/chrony/examples/chrony.conf.example,v 1.2 2002/02/03 21:46:29 richard Exp $
#
# This is an example chrony configuration file. You should copy it to
# /etc/chrony.conf after uncommenting and editing the options that you
# want to enable. I have not included the more obscure options. Refer
# to the documentation for these.
#
# Copyright 2002 Richard P. Curnow
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of version 2 of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
#
# invoke-rc.d chrony restart to restart chrony i think
#
#######################################################################
### COMMENTS
# Any of the following lines are comments (you have a choice of
# comment start character):
# a comment
% a comment
! a comment
; a comment
#
# Below, the '!' form is used for lines that you might want to
# uncomment and edit to make your own chrony.conf file.
#
#######################################################################
#######################################################################
### SPECIFY YOUR NTP SERVERS
# Most computers using chrony will send measurement requests to one or
# more 'NTP servers'. You will probably find that your Internet Service
# Provider or company have one or more NTP servers that you can specify.
# Failing that, there are a lot of public NTP servers. There is a list
# you can access at
#
http://www.eecis.udel.edu/~mills/ntp/servers.htm.
! server ntp0.your-isp.com
! server ntp1.your-isp.com
! server ntp.public-server.org
# However, for dial-up use you probably want these instead. The word
# 'offline' means that the server is not visible at boot time. Use
# chronyc's 'online' command to tell chronyd that these servers have
# become visible after you go on-line.
! server ntp0.your-isp.com offline
! server ntp1.your-isp.com offline
! server ntp.public-server.org offline
server 83.19.137.3 offline
server 193.79.237.14 offline
server 80.127.4.179 offline
server 193.79.237.30 offline
server 194.35.252.7 offline
server 192.43.244.18 offline
server 129.6.15.28 offline
# You may want to specify NTP 'peers' instead. If you run a network
# with a lot of computers and want several computers running chrony to
# have the 'front-line' interface to the public NTP servers, you can
# 'peer' these machines together to increase robustness.
! peer ntp0.my-company.com
# There are other options to the 'server' and 'peer' directives that you
# might want to use. For example, you can ignore measurements whose
# round-trip-time is too large (indicating that the measurement is
# probably useless, because you don't know which way the measurement
# message got held up.) Consult the full documentation for details.
#######################################################################
### AVOIDING POTENTIALLY BOGUS CHANGES TO YOUR CLOCK
#
# To avoid changes being made to your computer's gain/loss compensation
# when the measurement history is too erratic, you might want to enable
# one of the following lines. The first seems good for dial-up (or
# other high-latency connections like slow leased lines), the second
# seems OK for a LAN environment.
! maxupdateskew 100
maxupdateskew 5
#######################################################################
### FILENAMES ETC
# Chrony likes to keep information about your computer's clock in files.
# The 'driftfile' stores the computer's clock gain/loss rate in parts
# per million. When chronyd starts, the system clock can be tuned
# immediately so that it doesn't gain or lose any more time. You
# generally want this, so it is uncommented.
driftfile /etc/chrony.drift
# If you want to use the program called chronyc to configure aspects of
# chronyd's operation once it is running (e.g. tell it the Internet link
# has gone up or down), you need a password. This is stored in the
# following keys file. (You also need keys to support authenticated NTP
# exchanges between cooperating machines.) Again, this option is
# assumed by default.
keyfile /etc/chrony.keys
# Tell chronyd which numbered key in the file is used as the password
# for chronyc. (You can pick any integer up to 2**32-1. '1' is just a
# default. Using another value will _NOT_ increase security.)
commandkey 1
# chronyd can save the measurement history for the servers to files when
# it it exits. This is useful in 2 situations:
#
# 1. On Linux, if you stop chronyd and restart it with '-r' (e.g. after
# an upgrade), the old measurements will still be relevant when chronyd
# is restarted. This will reduce the time needed to get accurate
# gain/loss measurements, especially with a dial-up link.
#
# 2. Again on Linux, if you use the RTC support and start chronyd with
# '-r -s' on bootup, measurements from the last boot will still be
# useful (the real time clock is used to 'flywheel' chronyd between
# boots).
#
# Enable these two options to use this.
! dumponexit
! dumpdir /var/log/chrony
# chronyd writes its process ID to a file. If you try to start a second
# copy of chronyd, it will detect that the process named in the file is
# still running and bail out. If you want to change the path to the PID
# file, uncomment this line and edit it. The default path is shown.
! pidfile /var/run/chronyd.pid
#######################################################################
### INITIAL CLOCK CORRECTION
# This option is only useful if your NTP servers are visible at boot
# time. This probably means you are on a LAN. If so, the following
# option will choose the best-looking of the servers and correct the
# system time to that. The value '10' means that if the error is less
# than 10 seconds, it will be gradually removed by speeding up or
# slowing down your computer's clock until it is correct. If the error
# is above 10 seconds, an immediate time jump will be applied to correct
# it. Some software can get upset if the system clock jumps (especially
# backwards), so be careful!
! initstepslew 10 ntp0.your-company.com ntp1.your-company.com ntp2.your-company.com
#######################################################################
### LOGGING
# If you want to log information about the time measurements chronyd has
# gathered, you might want to enable the following lines. You probably
# only need this if you really enjoy looking at the logs, you want to
# produce some graphs of your system's timekeeping performance, or you
# need help in debugging a problem.
! logdir /var/log/chrony
! log measurements statistics tracking
If you have real time clock support enabled (see below), you might want
this line instead:
! log measurements statistics tracking rtc
#######################################################################
### ACTING AS AN NTP SERVER
# You might want the computer to be an NTP server for other computers.
# e.g. you might be running chronyd on a dial-up machine that has a LAN
# sitting behind it with several 'satellite' computers on it.
#
# By default, chronyd does not allow any clients to access it. You need
# to explicitly enable access using 'allow' and 'deny' directives.
#
# e.g. to enable client access from the 192.168.*.* class B subnet,
! allow 192.168/16
# .. but disallow the 192.168.100.* subnet of that,
! deny 192.168.100/24
# You can have as many allow and deny directives as you need. The order
# is unimportant.
# If you want chronyd to act as an NTP broadcast server, enable and edit
# (and maybe copy) the following line. This means that a broadcast
# packet is sent to the address 192.168.1.255 every 60 seconds. The
# address MUST correspond to the broadcast address of one of the network
# interfaces on your machine. If you have multiple network interfaces,
# add a broadcast line for each.
! broadcast 60 192.168.1.255
# If you want to present your computer's time for others to synchronise
# with, even if you don't seem to be synchronised to any NTP servers
# yourself, enable the following line. The value 10 may be varied
# between 1 and 15. You should avoid small values because you will look
# like a real NTP server. The value 10 means that you appear to be 10
# NTP 'hops' away from an authoritative source (atomic clock, GPS
# receiver, radio clock etc).
! local stratum 10
# Normally, chronyd will keep track of how many times each client
# machine accesses it. The information can be accessed by the 'clients'
# command of chronyc. You can disable this facility by uncommenting the
# following line. This will save a bit of memory if you have many
# clients.
! noclientlog
#######################################################################
### REPORTING BIG CLOCK CHANGES
# Perhaps you want to know if chronyd suddenly detects any large error
# in your computer's clock. This might indicate a fault or a problem
# with the server(s) you are using, for example.
#
# The next option causes a message to be written to syslog when chronyd
# has to correct an error above 0.5 seconds (you can use any amount you
# like).
logchange 0.5
# The next option will send email to the named person when chronyd has
# to correct an error above 0.5 seconds. (If you need to send mail to
# several people, you need to set up a mailing list or sendmail alias
# for them and use the address of that.)
! mailonchange
wibble@foobar.org 0.5
#######################################################################
### COMMAND ACCESS
# The program chronyc is used to show the current operation of chronyd
# and to change parts of its configuration whilst it is running.
# Normally, chronyd will only allow connections from chronyc on the same
# machine as itself. This is for security. If you have a subnet
# 192.168.*.* and you want to be able to use chronyc from any machine on
# it, you could uncomment the following line. (Edit this to your own
# situation.)
! cmdallow 192.168/16
# You can add as many 'cmdallow' and 'cmddeny' lines as you like. The
# syntax and meaning is the same as for 'allow' and 'deny', except that
# 'cmdallow' and 'cmddeny' control access to the chronyd's command port.
# NOTE, even if the host where you run chronyc is granted access, you
# still need a command key set up and you have to know the password to
# put into chronyc to allow you to modify chronyd's parameters. By
# default all you can do is view information about chronyd's operation.
# Some people have reported that the need the following line to allow
# chronyc to work even on the same machine. This should not be
# necessary, and the problem is being investigated. You can leave this
# line enabled, as it's benign otherwise.
cmdallow 127.0.0.1
#######################################################################
### REAL TIME CLOCK
# chronyd can characterise the system's real-time clock. This is the
# clock that keeps running when the power is turned off, so that the
# machine knows the approximate time when it boots again. The error at
# a particular epoch and gain/loss rate can be written to a file and
# used later by chronyd when it is started with the '-s' option.
#
# You need to have 'enhanced RTC support' compiled into your Linux
# kernel. (Note, these options apply only to Linux.)
! rtcfile /etc/chrony.rtc
rm -rf /home/john/Trash/*
# Your RTC can be set to keep Universal Coordinated Time (UTC) or local
# time. (Local time means UTC +/- the effect of your timezone.) If you
# use UTC, chronyd will function correctly even if the computer is off
# at the epoch when you enter or leave summer time (aka daylight saving
# time). However, if you dual boot your system with Microsoft Windows,
# that will work better if your RTC maintains local time. You take your
# pick!
rtconutc
# By default chronyd assumes that the enhanced RTC device is accessed as
# /dev/rtc. If it's accessed somewhere else on your system (e.g. you're
# using devfs), uncomment and edit the following line.
! rtcdevice /dev/misc/rtc
#######################################################################
and my keys file:
#######################################################################
# $Header: /cvs/src/chrony/examples/chrony.keys.example,v 1.1 2002/01/31 00:00:08 richard Exp $
#
# This is an example chrony keys file. You should copy it to /etc/chrony.keys
# after editing it to set up the key(s) you want to use. In most situations,
# you will require a single key (the 'commandkey') so that you can supply a
# password to chronyc to enable you to modify chronyd's operation whilst it is
# running.
#
# Copyright 2002 Richard P. Curnow
#
#######################################################################
# A valid key line looks like this
1 feynman
# It must consist of an integer, followed by whitespace, followed by a block of
# text with no spaces in it. (You cannot put a space in a key). If you wanted
# to use the above line as your commandkey (i.e. chronyc password), you would
# put the following line into chrony.conf (remove the # from the start):
# commandkey 1
# You might want to define more keys if you use the MD5 authentication facility
# in the network time protocol to authenticate request/response packets between
# trusted clients and servers.
To start everything I go into a shell and type the command sudo chronyd then the command chronyc and this happens
| klw1026 ~ > sudo chronyd
| klw1026 ~ > chronyc
chrony version 1.21, copyright (C) 1997-2002 Richard P. Curnow
chrony comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions.
See the GNU General Public License version 2 for details.
chronyc> password
Password:
501 Not authorised --- Reply not authenticated
chronyc>
chronyc> password
Password:
501 Not authorised --- Reply not authenticated
chronyc> password
Password:
501 Not authorised --- Reply not authenticated
chronyc>
Any help would be greatly appreciated. Thanks.
