Ubuntu – How to be sure that I’m using NTP version 4.2.8p1 or equivalent

aptntpSecurity

I've recently read about the vulnerabilities within ntp, here which can be closed by installing ntp version 4.2.8p1.

However, I've used apt-get to install the latest version of ntp, on an Ubuntu 14.04.2 server, but this is only version 4.2.6p5. I can't find a newer version by browsing the repositories, although I'm fairly new to doing this, so may have missed it. Even Vivid Vervet is showing 4.2.6p5. I'm assuming there's a review process for version changes which is still pending.

Best Answer

From usn-2497-1 it is stated you need to upgrade to ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.2. To me that is the same as your 4.2.6p5 though yours is shortend.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 14.10: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.10.2

Ubuntu 14.04 LTS: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.2

Ubuntu 12.04 LTS: ntp 1:4.2.6.p3+dfsg-1ubuntu3.3

Ubuntu 10.04 LTS: ntp 1:4.2.4p8+dfsg-1ubuntu2.3

The security/updates states you can run update-manager from commandline to check if there are pending security updates. If that does nothing you are updated.

In Ubuntu, patches are typically backported, and the upstream version (4.2.6.p5) remains the same, and the debian revision (3ubuntu2.14.04.2) is updated. When in doubt, check the Ubuntu Security Notices and the package changelog.

Related Solutions

Ubuntu – How to customize the NTP poll rate

Some of these answers could win the obfuscated ntp configuration contest.

Use the ntp reference implementation and use iburst to set the time quickly upon booting. After that the you can use the minpoll directive to limit how often ntpd queries remote time servers. This will allow you to take advantage of ntpd's clock disciplining and keep the bandwidth down.

minpoll minpoll
maxpoll maxpoll
    These options specify the minimum and maximum poll intervals for NTP 
    messages, in seconds as a power of two. The maximum poll interval 
    defaults to 10 (1024 s), but can be increased by the maxpoll option to 
    an upper limit of 17 (36 h). The minimum poll interval defaults to 6 (64 s), 
    but can be decreased by the minpoll option to a lower limit of 3 (8 s).

Chrony is a good alternative to the ntp reference implementation. Openntpd is not.

Ubuntu – Unable to synchronize time using NTP

the NTP socket is in use, exiting

Indicates that you have an NTP daemon running, usually the one via the ntp package. You can't have two applications adjusting the clock at the same time.

First stop the current NTP daemon running:
```
sudo service ntp stop
```
Run your ntpdate command.
Start the NTP daemon again:
```
sudo service ntp start
```

Background

The NTP daemon will not take large steps forwards or backwards, but is useful for very smooth and small transitions. Before it will work correctly, sync the time using ntpdate first, for that reason. You can query the status of the daemon like this:

ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*chime1.surfnet. 194.171.167.130  2 u   59   64    7    3.159   -0.207   0.136
+chime2.surfnet. .GPS.            1 u   59   64    7    6.872   -0.592   0.091
[...]
 ns1.tudelft.nl  .INIT.          16 u    -   64    0    0.000    0.000   0.000
+ev001.tilaa.nl  193.67.79.202    2 u   55   64    7    4.038   -0.613   0.110

Best Answer

Related Solutions

Ubuntu – How to customize the NTP poll rate

Ubuntu – Unable to synchronize time using NTP

Background

Related Question