This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
JackAlexander
Beginner
Beginner
‎2017-08-02 07:33 AM

Querying NTP in AM 8.1

Hi,

 

Looking to try and query NTP remotely using ntpq.

 

Doesn't seem to respond on it's actual IP, if I test locally it responds on 127.0.0.1 but not on its IP.

 

Anyone had this issue or got any instructions how to do this?

 

I have added my remote server into the ntp.conf file

restrict (IP address)

 

Thanks

Labels (1)
0 Likes
Reply
6 Replies
EdwardDavis
Employee
Employee
‎2017-08-02 08:17 AM

Yes.

As root on command line

unrestrict IPv4 and restrict IPv6...

 

-----------------

edit /etc/ntp.conf

 

put a # in front of restrict 127.0.0.1

put a new line 

restrict ::1

 

restart ntp

service ntp restart

 

Now ntpq will operate as expected.

Reply
JackAlexander
Beginner
Beginner
‎2017-08-02 08:58 AM

I have tried that and on the AM server tried to run ntpq -c rv then the IP of my AM server but it times out.

 

Any other ideas?

 

Thanks

0 Likes
Reply
EdwardDavis
Employee
Employee
In response to JackAlexander
‎2017-08-02 10:32 AM

run ntpq to get on ntpq command line

 

>as

 

should like associations

 

>rv

 

should show your local ntp clock

 

>rv assid

 

should show details about the server you are associated with

 

>pe

 

should see peers

Reply
JackAlexander
Beginner
Beginner
In response to EdwardDavis
‎2017-08-02 10:40 AM

Thanks.

 

I am able to query itself by its IP now which is good but still cannot remotely.  Errors shown below:

 

ntpq -c rv IP address 
ntpq: read: No error k

 

OR 

 

ntpq -c rv hostname
ntpq: read: No such file or directory

 

Similarly if I query from AM replica to another replica I get.

ntpq: read: Connection refused

 

0 Likes
Reply
EdwardDavis
Employee
Employee
In response to JackAlexander
‎2017-08-02 10:45 AM

Don't attempt to use ntp and ntpq like an ordinary Suse linux system. It is not designed to be used across systems. RSA servers are pre-hardened and a lot of things are blocked, or removed from the OS.

Just use ntpq to probe ntp sources for the machine you are on. If you need to use advanced ntp diags, use a different operating system than an RSA server itself.

Reply
JackAlexander
Beginner
Beginner
In response to EdwardDavis
‎2017-08-02 11:33 AM

Added in an IP table rule and now it works!

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.