Unable to check NTP status using ntpq -p command on RSA Authentication Manager 8.x
Originally Published: 2015-06-12
Article Number
Applies To
RSA Product/ Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
am81p:/home/rsaadmin # ntpq -p
localhost: timed out, nothing received
***Request timed outCause
The example below is part of the default /etc/ntp.conf file on an Authentication Manager 8.1 server. The lines restrict <IP> control which IPs are allowed to query NTP information. There is a restrict line for the IPv4 localhost address (127.0.0.1), but not for the IPv6 localhost (::1).
am81p:/home/rsaadmin # cat /etc/ntp.conf ################################################################################ ## /etc/ntp.conf ## ## Sample NTP configuration file. ## See package 'ntp-doc' for documentation, Mini-HOWTO and FAQ. ## Copyright (c) 1998 S.u.S.E. GmbH Fuerth, Germany. ## ## Author: Michael Andres, <ma@suse.de> ## Michael Skibbe, <mskibbe@suse.de> ## ################################################################################ ## ## Radio and modem clocks by convention have addresses in the ## form 127.127.t.u, where t is the clock type and u is a unit ## number in the range 0-3. ## ## Most of these clocks require support in the form of a ## serial port or special bus peripheral. The particular ## device is normally specified by adding a soft link ## /dev/device-u to the particular hardware device involved, ## where u correspond to the unit number above. ## ## Generic DCF77 clock on serial port (Conrad DCF77) ## Address: 127.127.8.u ## Serial Port: /dev/refclock-u ## ## (create soft link /dev/refclock-0 to the particular ttyS?) ## # server 127.127.8.0 mode 5 prefer tinker panic 0 restrict default kod nomodify notrap nopeer noquery restrict -6 default ignore restrict 127.0.0.1
Resolution
- Follow the instructions in 000038244 - How to SSH to an RSA Authentication Manager server
- Launch an SSH client, such as PuTTY.
- Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.
Note that during Quick Setup another user name may have been selected. Use that user name to login.
login as: rsaadmin Enter password: <enter operating system password> Last login: Fri Jun 12 14:54:20 2015 from jumphost.vcloud.local RSA Authentication Manager Installation Directory: /opt/rsa/am rsaadmin@am81p:~> sudo su - rsaadmin's password: <enter operating system password> am81p:/home/rsaadmin #
- Edit /etc/ntp.conf :
am81p:/home/rsaadmin # vi /etc/ntp.conf
- Type i to enter Insert mode.
- At the bottom of the file, add restrict -6 ::1 to the existing file:
# server 127.127.8.0 mode 5 prefer tinker panic 0 restrict default kod nomodify notrap nopeer noquery restrict -6 default ignore restrict 127.0.0.1 restrict -6 ::1
- Type :wq! to save and exit.
- Restart the NTP service:
am81p:/home/rsaadmin # service ntp restart Shutting down network time protocol daemon (NTPD) done Starting network time protocol daemon (NTPD) done am81p:/home/rsaadmin #
- Note that RSA Authentication Manager 8.4 requires different command to restart the ntp service, as shown:
rsaadmin@am84p:~> sudo systemctl restart ntpd.service
- You may query the ntpd status as shown below:
rsaadmin@am84p:~> systemctl status ntpd.service ● ntpd.service - NTP Server Daemon Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled) Drop-In: /run/systemd/generator/ntpd.service.d └─50-insserv.conf-$time.conf Active: active (running) since Wed 2019-04-17 16:01:57 AEST; 5s ago Docs: man:ntpd(1) Process: 7765 ExecStart=/usr/sbin/start-ntpd start (code=exited, status=0/SUCCESS) Main PID: 7792 (ntpd) Tasks: 2 (limit: 16384) CGroup: /system.slice/ntpd.service ├─7792 /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf └─7793 ntpd: asynchronous dns resolve rsaadmin@am84p:~>
- Run ntpq -p again:
am81p:/home/rsaadmin # ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
jumphost.vcloud 10.254.140.21 3 u 5 64 77 0.496 1889.43 6.039Notes
- This will not affect NTP synchronizing, fix or break any NTP configuration you have.
- This will only allow using the Linux commands used to check NTP status from the localhost.
Related Articles
How to recover the AveksaAdmin account password in RSA Identity Governance & Lifecycle 7.0.2 P02 and above Number of Views GUI shows initialization error "ORA-04063: package body "AVUSER.UTILITIES_PKG" has errors" after patching to 7.5.2 P07 in … Number of Views Indirect Relationship Processing fails with ORA-30926 and 'ORA-06512: at "AVUSER.CE_USERS" ' errors after Migration to 7.0… Number of Views 8.5P4 linux webtier shows online-reinstall required Number of Views Unable to open a workflow after upgrade to RSA Identity Governance & Lifecycle 7.1.0 P01 with error "The features paramete… Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU RSA SecurID Software Token 5.0.2 for Windows Desktop displays message after reboot due to roaming profile: No token stor…
Don't see what you're looking for?
