ntp端口被阻塞,如何同步时间

ntp port was blocked, how to sync time

描述

我目前正在学习中学习相关知识。当我在Raspberry PI上使用Debian操作系统时,发现系统时间与实际时间不同步

错误

  1. 报错信息如下
 Certificate verification failed: The certificate is NOT trusted. The certificate chain uses not yet valid certificate.  Could not handshake: Error in the certificate verification. [IP: 101.6.15.130 443]
Reading package lists... Done
W: Failed to fetch https://mirrors.tuna.tsinghua.edu.cn/debian/dists/buster/InRelease  Certificate verification failed: The certificate is NOT trusted. The certificate chain uses not yet valid certificate.  Could not handshake: Error in the certificate verification. [IP: 101.6.15.130 443]

NTP已经配置好了(可能我没有?但是我已经按照文档仔细配置了,如果可以的话,你可以简单描述一下配置过程。) 试了很多次,还是想不通问题。

ntp.conf 个文件

  1. 我的ntp.conf如下:
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntp/ntp.drift

# Leap seconds definition provided by tzdata
leapfile /usr/share/zoneinfo/leap-seconds.list

# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable


# You do need to talk to an NTP server or two (or three).
#server ntp.your-provider.example
server ntp.aliyun.com iburst minpoll 4 maxpoll 10

# pool.ntp.org maps to about 1000 low-stratum NTP servers.  Your server will
# pick a different set every time it starts up.  Please consider joining the
# pool: <http://www.pool.ntp.org/join.html>
pool 0.debian.pool.ntp.org iburst
pool 1.debian.pool.ntp.org iburst
pool 2.debian.pool.ntp.org iburst
pool 3.debian.pool.ntp.org iburst


# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details.  The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.

# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

# Needed for adding pool entries
restrict source notrap nomodify noquery
restrict ntp.aliyun.com nomodify notrap nopeer noquery
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust


# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255

# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines.  Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
root@rpi4-20210823:~#
  1. 关于我的 ntp 的一些事情
root@rpi4-20210823:~# date
Wed Jul 14 03:05:09 CST 2021
root@rpi4-20210823:~# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 0.debian.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.000
 1.debian.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.000
 2.debian.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.000
 3.debian.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.000
 203.107.6.88    .INIT.          16 u    - 1024    0    0.000    0.000   0.000
  1. 我的OS如下
root@rpi4-20210823:~# cat /etc/issue
Debian GNU/Linux 11 \n \l

root@rpi4-20210823:~# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

root@rpi4-20210823:~# hostnamectl
   Static hostname: rpi4-20210823
         Icon name: computer
  Operating System: Debian GNU/Linux 11 (bullseye)
            Kernel: Linux 5.10.0-8-arm64
      Architecture: arm64

我很想知道如何解决这个问题,非常感谢:) 如果您有任何问题,请留言与我们沟通。

您发布的错误消息似乎与您的问题无关,因为它看起来像是 apt-get 错误。 你从哪里提取的?

话虽这么说,你能用 ntpdate 手动同步时间吗? 您可以尝试这样做:

# apt install ntpdate
# ntpdate -v ntp.on.br

如果您有某些网络 problem/restriction 阻止您访问 NTP 服务器,这将清楚地显示出来。