Domain: openntpd.org
Stories and comments across the archive that link to openntpd.org.
Comments · 16
-
Re:NTPd is a mess that needs to be replaced
yeah openbsd project noticed that a decade ago: http://www.openntpd.org/
-
Re:Donate
Development of portable versions of other OpenBSD projects doesn't appear to have suffered.[1] What makes you think LibreSSL will be any different?
-
Re:News?
Uhm... I really don't wanna break it to you this way, but
... My servers (in different time-zones) are centralized. -
Re:OpenBSD is very cool
And another little gem - OpenNTPD. Used on several embedded systems. Works like a charm, unlike the whimsical ntpd, which often simply refuses to do its job.
-
OpenBSD
It is never a happy occasion to realize that a not-for-profit group, no matter how destitute or successful, is undeserving of charitable donations. And just last week I had such an unhappy realization. I wanted to donate a sizable sum of money to the OpenBSD Foundation for development of the OpeBSD operating system and other related projects.
My uncle, an old Unix graybeard from the Seventies, devoted his retirement and considerable savings to teaching inner-city youth about computers and programming. He recently passed away and left instructions in his will that I donate money, in the amount of US $100,000, to the most meritorious Free, Unix-like operating system as according to my own research into the matter.
I immediately looked at OpenBSD and began to review its technical merits, of which there are many. Despite lacking serious symmetric multi-processing support and drivers for recent graphics hardware, OpenBSD security and code-auditing are second to none. One only has to take a look at the bevy of routers that ship with OpenBSD to know how many people successfully depend on it everyday.
The OpenBSD Foundation is also behind several software packages widely adopted in other operating systems, such as OpenBGPD, OpenCVS, OpenNTPD, and OpenSSH. OpenSSH, for instance, is what allows clueless Mac users to remotely log into their systems safely, blissfully unaware of hackers.
After looking at the technical merits of OpenBSD and related projects, I owed it to the memory of my uncle to check out the history of the people behind it all. But that's when I ran into some interesting decisions regarding OpenBSD advocacy and funding made my OpenBSD's lead developer, Theo de Raadt.
In 2003, Mr. de Raadt trash-talked the United States military and its various aid projects for the Iraqi people. But at the time, OpenBSD was receiving a multi-million dollar grant from the United States Department of Defense. After the interview was published the DOD cancelled funding, which left several OpenBSD projects in limbo for quite some time thereafter.
This is just one of the more public instances of Mr. de Raadt sharing unpopular personal opinions while acting as OpenBSD's public advocate and costing the project considerable time and money. And, unfortunately, there are others.
Another time, Mr. de Raadt visited his native South Africa to receive a donation from a wealthy politician but unexpectedly refused it at the podium, instead making a speech in which he equated the use of non-Free graphics drivers with Apartheid. Mr. de Raadt left without the check but later claimed to have won an important moral victory.
Mr. de Raadt himself is at the root of the problem, but here I can't really separate the man from the project; Theo de Raadt is OpenBSD. So donating toward OpenBSD's goals means handing over money to this crackpot activist, if he would even accept it. That's too bad because OpenBSD would be further ahead without these sorts of megalomaniacal antics.
Digging even further back in time, it's clear that this pattern of behavior is nothing new. Theo de Raadt was one of the incipient developers of NetBSD, but harass[ed] and abuse[d] both users and developers of NetBSD. His colleagues subsequently locked him out of the project, de Raadt forked OpenBSD, and the rest is history.
After reviewing these facts, it is clear that I will fail to honor my uncle's memory and all of the hard work he did in life by donating to OpenBSD. If I wanted to dishonor him, maybe. And I find it highly likely that Theo de Raadt
-
Re:Subjective summary is subjective
OpenNTPD does not account for hardware drift, which is what I attempted to describe in my second post. Multiple hits on google for "openntpd hardware drift" support this. Unfortunately the OpenNTPD docs do not say what they don't do with regards to NTPD or chrony, so you don't know what you are missing. Without clock disciplining, all it's really doing is setting the time.
From http://www.advogato.org/person/dtucker/diary.html?start=52
The comment about clock disciplining (compensation for systematic skew or drift) is a fair point, within limits.
From their design goals http://www.openntpd.org/goals.html they are not trying to be as accurate as NTP, which they give as a response to claims of not being as accurate as NTP in the OpenBSD manual (http://www.openbsd.org/faq/faq6.html#OpenNTPDaccurate)
Reach a reasonable accuracy. We are not after the last microseconds.
As someone else has pointed out, given the lack of features that OpenNTPD provides, calling it "NTP" is misleading; it's like calling "telnet" "ssh". It's a step backwards in terms of functionality and accuracy, especially since they don't document up-front what they don't support with regards to what is considered standard.
-
Re:Neat in theorey, imho.
Having had to implement those security features, and get millisecond synchronization for a major telco by using NTP, I say leave it alone!
If you want simpler and easier, check out OpenNTPD. -
Re:how to get ntpd to stop listening on all interfAnyone know how to get ntpd to stop listening on all interfaces?
Use OpenNTPd! No seriously, there's a bug on ntpd's bugzilla asking for this that has been opened in 2003 and it's still not fixed. ntpd is so badly written that no one dares to write a patch.
And people wonder why I hate every program written by ISC...
-
Not GNU and other ImplementationsThe NTP reference implementation, by Mills, et. al. is not GNU, nor is it GPL. It is a BSD like license. Further, it is not a product of the GNU project, but has been moved to the ISC. You can find the copyright/license here.
There is also an OpenNTPD implementation, from the OpenBSD project. While early versions were considered harmful by the NTP community, I believe it is now accepted.
For Windows clients, I use Tardis.
-
Re:NTP gurus wanted... ?Seriously... about how many people out there actually need to know NTP to this degree?
A small percentage of computers need to be controlled to the accuracy of NTP's capability, and to the level of knowledge represented in this august book.
For the rest of us there's OpenNTP which is a much simplified and more secure version of NTP. If you're happy with a clock that is accurate to two- or three-hundred milliseocnds, check it out.
-
Re:Recommended NTP clients
*nix of course also has OpenNTPD.
-
Re:I prefer clockspeed's taiclockI use SNTP to get Stratum-1 time from NIST
Don't be so needlessly antisocial. Pick a nice public stratum-2 server and leave the big guys alone. It reduces load (thus latency, thus inaccuracy) at the top and probably gives you better accuracy, assuming you're not in the same building as tycho.
I'd much rather sync against my ISP's GPS-based NTP server than a better source far away. It's better in every way, and it won't make the stratum-1 guys want to punch you.
By the way, clockspeed hasn't been updated since October 1998. OpenNTPD is a light, modern client that you might wish to consider.
-
How about giving it to these guys....They write some pretty decent software: OpenBSD, OpenSSH, OpenBGPD, OpenNTPD, OpenCVS. And they need your hardware as well: "AMD64 and i386 hardware, especially with multiple processors"
If I were you then I would contact Theo to see how you can get the box to a developer. By the way, no matter who you end up donating it to, it's an awesome gesture on your part. Good on ya.
-
Re:Time sync all your computers
There is no (good) exuse for not at least NTP'ing all your servers.
There used to be a good excuse -- recurring root holes in all common NTP implementations.With OpenNTPD, this is no longer a valid excuse.
-
OpenBSD projects
the openbsd team has branched off quite a few projects where they saw the security and/or license was insufficient and needed to be redone.
OpenSSH, who's box doesn't have this?
OpenNTPD, a network time protocol daemon and server, recently released.
OpenBGPD, the border gateway protocol daemon.
They were pioneers in the use of stack protection software on the i386 platform (kernel and compiler), as well as privilage seperated daemons (it's in your sshd now), and randomized library linking locations.
(i think i'm missing a few, anyone care to fill them in?)
they have implemented (a far better implementation over the old one that they didn't write) their i.p. filter, PF (which has now made it into netbsd, freebsd, and hopefully linux soon enough). this includes INSANE amounts of configurability options, with integrated routing and traffic shaping.
many people grumble about how the project is run and its priorities. but we all benefit from their efforts. i think i'm going to buy a cd even though i am not an openbsd user. these sales help keep these projects going. -
Re:OK, so when do I get one in my PC...
So why don't you just use NTPd or OpenNTPd? And why aren't you using pool.ntp.org instead of picking on the poor, overloaded NIST servers?