Install ntpd

Installation instructions for Ubuntu 18.04.2 LTS

apt update && apt -y upgrade && apt -y install ntp ntpstat
apt-get purge ntpdate
vi /etc/default/ntp

The -g option enables ntpd to ignore the offset limit of 1000s and attempt to synchronize the time even if the offset is larger than 1000s, but only on system start.

configure local timeserver

vi /etc/ntp.conf
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntp/ntp.drift

# Leap seconds definition provided by tzdata
leapfile /usr/share/zoneinfo/leap-seconds.list

# Enable this if you want statistics to be logged.
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

interface ignore wildcard
interface listen

# Specify one or more NTP servers.

# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See for
# more information.
#pool iburst
#pool iburst
#pool iburst
#pool iburst
server iburst
server iburst

# Use Ubuntu's ntp server as a fallback.

# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details.  The web page <>
# might also be helpful.
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
restrict mask nomodify notrap nopeer

# Unrestriced access from specific host

# Local users may interrogate the ntp server more closely.
restrict -6 ::1

# Needed for adding pool entries
restrict source notrap nomodify noquery

# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict mask notrust

# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
#disable auth

#Changes recquired to use pps synchonisation as explained in documentation:

#server mode 135 prefer    # Meinberg GPS167 with PPS
#fudge time1 0.0042        # relative to PPS for my hardware

#server                   # ATOM(PPS)
#fudge flag3 1            # enable PPS API

restart ntpd

service ntp restart
tail -f /var/log/syslog | grep ntpd
netstat -tulpa | grep ntp

Open Port 123 UDP

ufw allow 123/udp

Forward port 123/UDP to timeserver!

adjust time

sntp -s

If the file /var/db/ntp-kod does not exist it need to be created:

mkdir -p /var/db && touch /var/db/ntp-kod && chown ntp:ntp /var/db/ntp-kod

otherwise you’ll get the error message

kod_init_kod_db(): Cannot open KoD db file /var/db/ntp-kod: No such file or directory

KoD means Kiss of Death.

Enable network time synchronization

timedatectl set-ntp true
Local time: Wed 2018-08-22 01:04:48 CEST
Universal time: Tue 2018-08-21 23:04:48 UTC
RTC time: n/a
Time zone: Europe/Vienna (CEST, +0200)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: yes
Last DST change: DST began at
Sun 2018-03-25 01:59:59 CET
Sun 2018-03-25 03:00:00 CEST
Next DST change: DST ends (the clock jumps one hour backwards) at
Sun 2018-10-28 02:59:59 CEST
Sun 2018-10-28 02:00:00 CET

ntp Status

ntpq -p