# want to enable. The more obscure options are not included. Refer
# to the documentation for these.
#
-# Copyright 2002 Richard P. Curnow
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of version 2 of the GNU General Public License as
-# published by the Free Software Foundation.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-#
-#
#######################################################################
### COMMENTS
# Any of the following lines are comments (you have a choice of
! clientloglimit 4194304
+# By default, chronyd tries to respond to all valid NTP requests from
+# allowed addresses. If you want to limit the response rate for NTP
+# clients that are sending requests too frequently, uncomment and edit
+# the following line.
+
+! limitrate interval 3 burst 8
+
#######################################################################
### REPORTING BIG CLOCK CHANGES
# Perhaps you want to know if chronyd suddenly detects any large error
# By default chronyd binds to the loopback interface. Uncomment the
# following lines to allow receiving command packets from remote hosts.
+
! bindcmdaddress 0.0.0.0
! bindcmdaddress ::
# syntax and meaning is the same as for 'allow' and 'deny', except that
# 'cmdallow' and 'cmddeny' control access to the chronyd's command port.
+# Rate limiting can be enabled also for command packets. (Note,
+# commands from localhost are never limited.)
+
+! cmdratelimit interval 1 burst 16
+
#######################################################################
### REAL TIME CLOCK
# chronyd can characterise the system's real-time clock. This is the
# This is an example chrony keys file. It is used for NTP authentication with
# symmetric keys. It should be readable only by root or the user to which
-# chronyd is configured to switch to.
+# chronyd is configured to switch to after start.
#
-# Don't use the example keys! The keys need to be random for maximum security.
-# These shell commands can be used to generate random MD5 and SHA1 keys on
-# systems which have the /dev/urandom device:
-# echo "1 MD5 HEX:$(tr -d -c '[:xdigit:]' < /dev/urandom | head -c 32)"
-# echo "1 SHA1 HEX:$(tr -d -c '[:xdigit:]' < /dev/urandom | head -c 40)"
+# Don't use the example keys! It's recommended to generate random keys using
+# the chronyc keygen command.
# Examples of valid keys:
-#1 ALongAndRandomPassword
-#2 MD5 HEX:B028F91EA5C38D06C2E140B26C7F41EC
-#3 SHA1 HEX:1DC764E0791B11FA67EFC7ECBC4B0D73F68A070C
+#1 MD5 AVeryLongAndRandomPassword
+#2 MD5 HEX:12114855C7931009B4049EF3EFC48A139C3F989F
+#3 SHA1 HEX:B2159C05D6A219673A3B7E896B6DE07F6A440995
projects / thirdparty / chrony.git / commitdiff
