Running an NTP Time Server on your Mac

[UPDATE 30 JUNE 2021: This functionality is now built into SecuritySpy – see NTP Time Server Installation. We are leaving this post in place in case it is useful to anyone, but we can no longer provide any assistance or updates to the below instructions or scripts.]

When implementing a CCTV system (e.g. one based around our macOS CCTV software SecuritySpy) it is important for all cameras to maintain the correct time for the purposes of drawing accurate timestamps onto their video streams. Not only will this help you review recorded footage, but if there is an incident that needs to be reported to the police, it will help them with their investigation. You may even be asked to verify or demonstrate to the police that your cameras are set to the correct time.

For this purpose, you should always give your cameras a valid NTP server address (NTP stands for Network Time Protocol). The cameras will contact the NTP server at regular intervals to set their clocks (you should also set your cameras with accurate daylight savings time settings, so that any such adjustments are applied automatically during the summer months).

For this purpose, we recommend using one of the time servers that Apple provides for free, which are time.apple.com, time.euro.apple.com and time.asia.apple.com.

However, you may want to set up your cameras without access to the Internet for various reasons. Perhaps you want to put your cameras on a separate LAN to segregate their traffic, or perhaps you want to implement a firewall to block outgoing connections for security purposes.

In this case, you cannot use Internet-based time servers, so the solution is to install one on your Mac.

Older versions of macOS had a built-in time server function, but has been removed as of macOS 10.14. Therefore, if you are running macOS 10.14 or later, you will need to install your own time server. We have put together the following instructions and installation script to make this process as easy as possible. Our script will download the OpenNTPD source code, compile it on your machine, install the resulting NTP Daemon, and set it to launch automatically upon Mac startup (“daemon” is just a term for a piece of software that runs invisibly in the background).

The following instruction require you to use the Terminal, which you will find in your /Application/Utilities folder. Terminal allows you to interact with your Mac via a text-based command line. To run the commands below, copy each one in turn, paste it into Terminal, and press the Return key on your keyboard.

Step 1: Install the Apple Developer Tools

If you have Xcode installed on your Mac, these should already be installed, but if not, you can install them via the following Terminal command:

xcode-select --install

You should see the following window – press the “Install” button and go through the installation process:

Step 2: Download and run our NTPD installation script

Click here to download our NTP installation script for macOS.

This will put a file called “ntpd-install.sh” into your Download folder. Execute the following Terminal commands one at a time:

chmod +x ~/Downloads/ntpd-install.sh
sudo ~/Downloads/ntpd-install.sh

After you enter your Mac’s administrator password, the script will go through the process of downloading and installing the software.

Step 3: Test your NTP server

After installation, wait for 10 minutes or so before testing. This allows the NTP server to synchronise and obtain the correct time. Then, execute this Terminal command on the same machine that is running the NTP server:

sntp 127.0.0.1

This should return an accurate timestamp, for example:

2020-05-11 14:19:44.703859 (-0100) +0.00003 +/- 0.002156 127.0.0.1 s2 no-leap

Instead, if you get the message “not in sync”, this just means that your NTP server hasn’t yet been able to obtain the correct time, so you should wait longer before trying again (it may take up to 20 minutes for the NTP to synchronise). If you get the message “no response”, then something went wrong with the installation and your NTP server is not running. Check the output of the installation script for errors.

Step 4: Provide your NTP server address to your cameras

You will first need to set your Mac to a static (manual) IP address on your local network, or give it a reserved address in your router’s DHCP reservation table. Instructions for this are beyond the scope of this document, but can easily be found elsewhere. Once you have set a static IP address for your Mac, provide this IP address to your cameras as their NTP server address.

Uninstalling

This NTPD uninstall script removes all the files created by the install script. Use the same Terminal commands as above (chmod and then sudo) to run this script, and then restart your Mac.

48 thoughts on “Running an NTP Time Server on your Mac

  1. paul2020

    If anyone has Docker running on their network, I found the following container works well as an NTP server too:

    https://hub.docker.com/r/cturra/ntp/

    Docker-compose config:
    ntp:
    build: .
    image: cturra/ntp:latest
    container_name: ntp
    restart: always
    ports:
    – 123:123/udp
    cap_add:
    – SYS_NICE
    – SYS_RESOURCE
    – SYS_TIME
    environment:
    – NTP_SERVERS=time.cloudflare.com

    Reply
    1. paul2020

      To add to my comment above, I forgot to remove the “build: .” line as this isn’t needed. Please also add correct indents as this comment system stripped them from my code.

      You can test if the NTP server is working by running the following commands:

      Test from windows:
      w32tm /stripchart /computer: /dataonly /samples:5

      Test from Linux:
      ntpdate -q

      Reply
    1. Ben Software Post author

      Sorry you had problems with this. We did test this successfully on High Sierra, so I’m not immediately sure what could be going wrong for you. Can you tell us exactly what didn’t work and with what error message, so that we can fix any problems with our script? Thanks.

      Reply
  2. Cliff

    I installed your NTP solution on a Mac Mini running a Filemaker server. I seems to be running and “sntp 127.0.0.1” returns a time.

    FMDEV:~ admin$ sntp 127.0.0.1
    sntp 4.2.8p10@1.3728-o Tue Mar 21 14:36:42 UTC 2017 (136.200.1~4588)
    2020-09-14 14:48:01.171279 (-0200) +0.00003 +/- 0.038213 127.0.0.1 s2 no-leap

    But, my Raspberry Pi terminals on the same network wont sync with it. They can see it and ntpq shows it knows that the new ntp port on the server is what it should query:

    pi@fmrelay:~ $ ntpq -pn
    remote refid st t when poll reach delay offset jitter
    ==============================================================================
    192.168.6.3 .INIT. 16 u – 1024 0 0.000 0.000 0.000

    Do you have any suggestions about what I should look at on the server or the client?

    Thanks

    Reply
      1. Ben Software Post author

        Hi Cliff, it looks like you have the NTPD server running OK, since you get the correct response from the link-local address 127.0.0.1. Do you have a firewall enabled on this Mac perhaps? This would explain why there is no response from another device on the network.

        Reply
    1. Mike

      I too am experiencing this issue.
      Symptoms:
      1). On fresh boot I get a good reply from “sntp 127.0.0.1” command on the Time Server Computer.
      2). Network devices will not get a reply. – The port is open, ntpd shows its running in Activity Monitor, Just no reply (was previously working so I know there is no network device setting that is wrong).
      Testing:
      It appears that all I need to do to get it working is to shut it down and start it again (ntpd), quitting ntpd then restarting it. I use “sudo launchctl start ntpd”, once I do that the Time Server is back to running normally. I am as of yet not sure why loading it at boot doesn’t allow external access to the time server.
      I would love to know a solution, its not really practical to have to restart the daemon after every boot.

      Reply
      1. Mike

        After tinkering around with the setup I was finally able to get my local NTP Server to work properly after initial boot. I am unsure of what exactly I should be checking for to insure the service will work properly (Outside requested timestamps don’t get ignored), and I know the system I am using to run Security Spy is loaded down probably overloaded actually as it Also runs my Openhab Smart house/node-red/mysql database etc… that I’ve customized heavily. Now I know this isn’t the “Correct” Method and would appreciate it if a “Correct” fix for this issue was devised by someone with a little bit more knowledge of that part of the system then myself. But I simply Delayed the startup of the ntpd daemon by adding the line “sleep 60” to the top of the file located at /Library/StartupItems/ntpd.sh .
        So now the entire ntpd.sh file consists of :
        —Start of File–
        sleep 60
        sudo /usr/local/sbin/ntpd
        –End of File–
        Essentially telling the script to wait for a 60 seconds before starting the ntpdaemon. This appears to allow for enough time (at-least on my system) for whatever needs to complete before ntpd starts to allow external requests to work properly.

        Reply
  3. BO

    Does this require that a user be logged in at all times, or is there a way to make the ntpd service run when logged out as long as the computer is on?

    Reply
    1. Ben Software Post author

      Using the above script, the NTPD server is installed as a LaunchDaemon, which runs as a root process whether a user is logged in or not.

      Reply
  4. Terry

    Thanks so much for this post. I’ve never had any luck getting external NTP time servers to work with my cameras, but this option works perfectly.
    What a beautiful thing to see four cameras in perfect sync … for over ten days and still going stong!

    Reply
    1. Ben Software Post author

      The instructions here are for running an NTP server daemon on your Mac. To check if it’s working, see step 3 above.

      Reply
  5. Rahul

    Do we need to stop Apple’s time service before installing and running Open NTPD? Can we have two separate time services with single NIC?

    Reply
    1. Ben Software Post author

      macOS hasn’t had a built-in time server since 10.14. If you are running 10.13 or earlier, then you should use the one built into macOS; if you are running 10.14 or later then you will need to install one.

      It’s possible for two NTP servers to run on the same machine, but they would have to run on different ports, and there would be no advantage of running two side by side.

      Reply
  6. Rrahul

    Hi _Ben,
    Thanks for answers to previous queries.

    My apple machine is already connected to time.euro.apple time server and supposedly getting time from it. I installed NTPD based on your instructions (Mojave 10.14.6). Please see the output below:
    C:~ r1$ /usr/local/sbin/ntpctl -s all
    4/4 peers valid, clock synced, stratum 3

    peer
    wt tl st next poll offset delay jitter
    91.209.0.19 0.se.pool.ntp.org
    1 10 2 25s 32s 2.786ms 20.369ms 15.430ms
    81.170.175.117 1.se.pool.ntp.org
    1 10 2 8s 34s 10.249ms 35.251ms 33.962ms
    147.78.229.141 2.se.pool.ntp.org
    * 1 10 2 30s 32s 2.357ms 10.612ms 2.956ms
    193.182.111.14 3.se.pool.ntp.org
    1 10 2 15s 31s 0.419ms 11.334ms 8.164ms

    C:~ r1$ sntp 127.0.0.1
    sntp 4.2.8p10@1.3728-o Tue Mar 21 14:36:42 UTC 2017 (136.200.1~4588)
    2020-11-16 10:07:22.435507 (-0100) +0.00002 +/- 0.001026 127.0.0.1 s2 no-leap

    Looking at sntp output, it seems, it is not taking time from servers that I mentioned in net.conf file but seems to be getting time from some other server (may be Apple time).

    Reply
    1. Ben Software Post author

      I’m not sure why it’s listing those servers as peers, although there could be a reason for this that I’m not aware of. It does seem though that your installation was successful, and your NTP daemon is actually working.

      Reply
  7. JF

    On the server side from “sntp 127.0.0.1” it return :

    `sntp 4.2.8p10@1.3728-o Tue Mar 21 14:36:42 UTC 2017 (136.200.1~4588)
    2021-01-19 19:59:14.471350 (-0300) +0.00002 +/- 0.000789 127.0.0.1 s2 no-leap`

    when I try with the static ip from the server “sntp staticIP ” it return :

    `sntp 4.2.8p10@1.3728-o Tue Mar 21 14:36:42 UTC 2017 (136.200.1~4588)
    2021-01-19 19:59:14.471350 (-0300) +0.00002 +/- 0.000789 127.0.0.1 s2 no-leap`

    When I try on the client computer ” sntl staticIP” it returm :

    `sntp 4.2.8p10@1.3728-o Tue Mar 21 14:36:42 UTC 2017 (136.200.1~4588)
    kod_init_kod_db(): Cannot open KoD db file /var/db/ntp-kod: No such file or directory
    2021-01-19 20:14:15.875684 (-0300) -794.42441 +/- 529.617054 10.10.10.205 s2 no-leap`

    Don’t know what I did wrong, I’m trying to use this script to serve time from one computer who got access to internet to 30 computer that doesn’t get access to internet.

    Reply
    1. Ben Software Post author

      It looks like it’s all working. The message about “No such file or directory” in the last command is simply a warning; it’s still getting a time stamp from the NTP daemon. If you set the static IP of the Mac running NTPD in your cameras, do they then update to the correct time?

      Reply
      1. JF

        Actually i’m not trying to sync camera, i’m trying to sync 30 Mac mini that needs to be off the internet and all managed by one Mac who gots access to internet. So i’m trying to sync those 30 mac mini via the “Controller” mac where i installed the NTP server.
        And no The mac mini didn’t get the sync from the server.

        Reply
  8. Matt Ross

    Hi. I tried the install on a Mac running Big Sur. The installation log showed a number of warnings and the comment “Nothing to be done for” the files ‘install-exec-am’ and ‘install-data-am’. Below these comments the logs asks for a “dedicated group” to be created for ntpd, followed by “For OS X, see INSTALL for instructions”
    When I run the ‘sntp 127.0.0.1’ command it returns the following with no date/time group: “-0.000019 +/- 0.009705 127.0.0.1 127.0.0.1”.
    Any thoughts?

    Reply
    1. Ben Software Post author

      Hi Matt, it sounds like the installation succeeded and the daemon is running, however it is not providing time for some unknown reason. We’ll look into this and post back if we find out why this could be happening.

      Reply
      1. Ted Y

        I am having the same issue as Matt. I installed on Catalina and get the same comments:
        =====
        Please create a dedicated group for ntpd.
        For OS X, see INSTALL for instructions.
        On Linux / BSD systems, this will probably work:

        groupadd root
        =====
        and after 30 minutes, snip still returns:
        =====
        $ sudo sntp 127.0.0.1
        sntp 4.2.8p10@1.3728-o Tue Mar 21 14:36:42 UTC 2017 (139~6597)
        sock_cb: 127.0.0.1 not in sync, skipping this server

        Reply
        1. Ted Y

          Update:
          The issue for me was the default time.apple.com. For some reason, it was not syncing. I switched the time server to my agency server (time.nasa.gov) and after 20 more minutes, it was able to sync based on this server.

          Reply
          1. Ben Software Post author

            Hi Ted, very interesting, thanks for sharing this. I can’t imagine whey it wouldn’t work with time.apple.com, which is a standard time server, but let’s hope this is also a solution for others having the same problem.

        1. Ben Software Post author

          Hi Matt, could you please try Ted’s solution (above) and let me know whether this works for you?

          Reply
  9. Tom Quackenbush

    Hi,
    Need some help with the 2 commands:
    chmod +x ~/Downloads/ntpd-install.sh
    sudo ~/Downloads/ntpd-install.sh

    When I replace ~ with /mydrivename/Users/myusername/Downloads/ntpd-install.shh
    Terminal says “No such file or directory”
    I am sure I spelled my drive and usernames correctly, so I must be making a mistake somehow.
    Help please.
    Thanks, Tom

    Reply
    1. Tom Quackenbush

      Oh. I did successfully install the ntpd-install.shh into my downloads folder.
      Thanks, Tom

      Reply
    2. Ben Software Post author

      Hi Tom, you can simply use the path “~/Downloads/ntpd-install.sh” as-is without substituting your drive name or username.

      Your path incorrectly ends with “shh” rather than “sh” – this could be the problem.

      Reply
  10. Tim David

    I’m having issues getting this running on Mac OS Big Sur. I had it working at one point, I thought, but after cameras synced, they slowly drifted out of sync. It’s possible I’m having the same issue as above, but I haven’t tried changing time server yet. I went through the process of installing Chrony with the git command, it seems to be working but was definitely a more manual process. If this starts drifting, I’ll reinstall this shell and try changing the time server.
    is anyone else running this on Big Sur?

    Reply
  11. Marty Butherus

    I installed this on Mojave and it worked fine. When I upgraded to Big Sur, it stopped working. Tried to reinstall, but got errors. Also tried uninstall and reinstall and got same thing.

    checking whether the C compiler works… no
    configure: error: in `/tmp/openntpd-6.2p3′:
    configure: error: C compiler cannot create executables
    See `config.log’ for more details
    xcrun: error: invalid active developer path (/Library/Developer/CommandLineTools), missing xcrun at: /Library/Developer/CommandLineTools/usr/bin/xcrun
    xcrun: error: invalid active developer path (/Library/Developer/CommandLineTools), missing xcrun at: /Library/Developer/CommandLineTools/usr/bin/xcrun

    Reply
    1. Ben Software Post author

      It sounds like the Apple developer command line tools are not installed on your Mac – please follow the above instructions to install the tools, before proceeding with the compilation of the NTPD software. Does that do it?

      Reply
  12. Bob Fynbo

    If you have Xcode installed on your Mac, these should already be installed, but if not, you can install them via the following Terminal command:

    xcode-select –install

    This command does not work on Big Sur. Any suggestions?

    Reply
    1. Ben Software Post author

      Hi Bob, we are working on a solution, I will email you directly with some information.

      Reply
    2. Alex Shultz

      I think you need to use
      xcode-select –install

      use two “-” symbols in front of “install”

      Reply
  13. Carlos

    Hi folks,
    My macbook pro battery is gone and i’m looking for a script that sincronize time on startup. Can anyone help me please?

    P.S. I’m using Catalina 10.15.7 Mac OS X.

    Best Regards

    Reply
    1. Ben Software Post author

      Hi Carlos, your issue is unrelated to this blog post. What you need to do is make sure the “Set date and time automatically” option is turned on via the Date & Time system preference, then your Mac will automatically keep its close synchronised.

      Reply
  14. Steve M.

    OpenNTPD is pretty much useless if your NTP host does not have steady internet access to sync with your chosen public NTP server pool. This is because OpenNTPD does not support the TOS ORPHAN option in the NTPD configuration. Without internet to sync with the public NTP pool servers, in as little as a few minutes, your local NTP server will no longer service NTP clients.

    Reply
  15. Mark

    Today I upgraded the macOS to Monterey. Since then I have not been able to successfully install the NTP. It was running correctly before the upgrade. After trying to reinstall it using the instructions above I saw this message in the terminal:

    Please create a dedicated group for ntpd.
    For OS X, see INSTALL for instructions.
    On Linux / BSD systems, this will probably work:

    Is there a step I’m missing?

    Reply
  16. Mark

    Thank you for the reply. That is great to have the NTP server built into SecuritySpy. I installed it, and tested it using the terminal. Shows that it is working on my Mac Mini and I have a manually assigned IP address. The HikVision cameras are configured to run on NTP with the same server address. When testing the cameras I get a “Failed to connect to Test Server”. Would you know if there is a specific NT Port that needs to be assigned or something else going on?

    Reply
    1. Ben Software Post author

      If a time stamp is being correctly returned when you test it from the Terminal with the sntp tool, then it shows that the NTP server is working. This operates on the standard NTP port 123, so no special port should need to be specified. Just make sure you are entering the Mac mini’s static IP address into the camera as the NTP server address.

      Reply
  17. Jiri

    I just want to report NTP server installed and works fine with Ventura 13.4.1

    Thank you and god bless SecuritySpy 😀

    Reply
  18. Mike Johnson

    I just installed it on Ventura 13.6 and it’s working fine. Finally had to replace my 2010 Mac Pro running 10.14.6 that was my NTP. I’m really glad it still works. I’m providing time to H.264 encoders on a private network.

    Reply
  19. Nico

    Hi Ben,

    Thanks for sharing this. It worked for me on Sonoma. It fixed a long time issue for me. My LaCie 2 Big Network disk would not pick up time from any public NTP server.
    Two minor points of feedback:
    1) Please note that any shellscript should start with a shebang. Both your scripts ntpd-install.sh as well as ntpd.sh done start with a shebang, so officilally they don’t conform to standard.
    2) I would forget about /Library/StartupItems, which was appropriate in ‘the olden days’. I would recommend place ntpd.sh in /Library/Scripts.

    Reply
    1. Ben Software Post author

      I’m glad this has been useful for you. Thanks for the feedback, however as noted at the top of this post, this functionality is now built into SecuritySpy, so the information in this post is no longer current.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *