Setup NTP Client using Chrony on Rocky/Oracle Linux

In this tutorial, you will learn setup NTP client using Chrony on Rocky/Oracle Linux. Clock synchronization is one of the ISO 27001 requirements for logging and monitoring. The clocks of all relevant information processing systems within an organization or security domain shall be synchronized with an agreed accurate time source.

Configuring NTP Client using Chrony on Rocky/Oracle Linux

If you want your servers to use a centralized time server, then you can setup your NTP server and install NTP clients such chrony to enable you to synchronize time between the time server and your server.

You can check the link below on how to install and setup NTP server on Linux;

Install and configure NTP server on Linux

In our demo environment, our NTP server using Chrony installed on Rocky/Oracle Linux.

If you have other systems on the network running on Rocky/Oracle Linux and want to setup NTP client on them, proceed as follows;

Install Chrony on Rocky/Oracle Linux

Check if Chrony is installed;

rpm -q chrony

chrony-4.1-3.0.1.el9.x86_64

Configure NTP Client to Query Time from NTP Server

Setting NTP client on Rocky/Oracle Linux is the same as setting the NTP server as described above except that the client doesn’t have access permissions set hence no server can query time information from it.

Open the configuration file and set the NTP server as shown below;

vim /etc/chrony.conf

Set your NTP Server;

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#pool 2.centos.pool.ntp.org iburst
server ntp.kifarunix-demo.com iburst

Ensure that the hostname of the NTP server is resolvable, otherwise use IP address.

Verify NTP Client Connection to NTP Server UDP Port 123

To verify that there is a connection from the NTP client to NTP server on UDP port 123, simply use netcat command as shown below;

dnf install nc -y

To verify connection to UDP port 123;

nc -uzv ntp.kifarunix-demo.com 123

Connection to ntp.kifarunix-demo.com (192.168.100.152) 123 port [udp/ntp] succeeded!

Great. You can now proceed to restart and enable chronyd to run on system boot.

systemctl restart chronyd

systemctl enable chronyd

Check NTP Client time synchronization

To verify that time synchronization is working, you can use the tracking or sources command with chronyc command as shown below;

chronyc tracking

Reference ID    : C0A86498 (ntp.kifarunix-demo.com)
Stratum         : 4
Ref time (UTC)  : Tue Nov 15 16:50:03 2022
System time     : 0.000000045 seconds fast of NTP time
Last offset     : -0.000046803 seconds
RMS offset      : 0.000046803 seconds
Frequency       : 5.280 ppm slow
Residual freq   : -8.241 ppm
Skew            : 2.680 ppm
Root delay      : 0.178974032 seconds
Root dispersion : 0.024439137 seconds
Update interval : 2.0 seconds
Leap status     : Normal

Using the sources command;

chronyc sources

MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* ntp.kifarunix-demo.com        3   6    17    52    -26us[  -73us] +/-  114ms

Check sources statistics

chronyc sourcestats

Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
==============================================================================
ntp.kifarunix-demo.com      5   4    71     +0.602      4.314  +2482ns    25us

The NTP client is now synchronized with our NTP server.

Confirm the date;

timedatectl

               Local time: Tue 2022-11-15 20:59:20 +04
           Universal time: Tue 2022-11-15 16:59:20 UTC
                 RTC time: Tue 2022-11-15 16:59:20
                Time zone: Asia/Dubai (+04, +0400)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

Related Tutorials

Install and Configure NTP Client on Ubuntu/Debian systems

Install and Setup NTP Server on Ubuntu 22.04/Debian 11