In this tutorial, you will learn setup NTP client using Chrony on Rocky/Oracle Linux. Clock synchronization is one of the ISO 27001 requirements for logging and monitoring. The clocks of all relevant information processing systems within an organization or security domain shall be synchronized with an agreed accurate time source.
Setup NTP Client using Chrony on Rocky/Oracle Linux
If you want your servers to use a centralized time server, then you can setup your NTP server and install NTP clients such chrony to enable you to synchronize time between the time server and your server.
You can check the link below on how to install and setup NTP server on Linux;
Install and configure NTP server on Linux
In our demo environment, our NTP server using Chrony installed on Rocky/Oracle Linux.
If you have other systems on the network running on Rocky/Oracle Linux and want to setup NTP client on them, proceed as follows;
Install Chrony on Rocky/Oracle Linux
Check if Chrony is installed;
rpm -q chrony
Configure NTP Client to Query Time from NTP Server
Setting NTP client on Rocky/Oracle Linux is the same as setting the NTP server as described above except that the client doesn’t have access permissions set hence no server can query time information from it.
Open the configuration file and set the NTP server as shown below;
Set your NTP Server;
# Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #pool 2.centos.pool.ntp.org iburst server ntp.kifarunix-demo.com iburst
Ensure that the hostname of the NTP server is resolvable, otherwise use IP address.
Verify NTP Client Connection to NTP Server UDP Port 123
To verify that there is a connection from the NTP client to NTP server on UDP port 123, simply use netcat command as shown below;
dnf install nc -y
To verify connection to UDP port 123;
nc -uzv ntp.kifarunix-demo.com 123
Connection to ntp.kifarunix-demo.com (192.168.100.152) 123 port [udp/ntp] succeeded!
Great. You can now proceed to restart and enable chronyd to run on system boot.
systemctl restart chronyd
systemctl enable chronyd
Check NTP Client time synchronization
To verify that time synchronization is working, you can use the tracking or sources command with chronyc command as shown below;
Reference ID : C0A86498 (ntp.kifarunix-demo.com) Stratum : 4 Ref time (UTC) : Tue Nov 15 16:50:03 2022 System time : 0.000000045 seconds fast of NTP time Last offset : -0.000046803 seconds RMS offset : 0.000046803 seconds Frequency : 5.280 ppm slow Residual freq : -8.241 ppm Skew : 2.680 ppm Root delay : 0.178974032 seconds Root dispersion : 0.024439137 seconds Update interval : 2.0 seconds Leap status : Normal
Using the sources command;
MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* ntp.kifarunix-demo.com 3 6 17 52 -26us[ -73us] +/- 114ms
Check sources statistics
Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev ============================================================================== ntp.kifarunix-demo.com 5 4 71 +0.602 4.314 +2482ns 25us
The NTP client is now synchronized with our NTP server.
Confirm the date;
Local time: Tue 2022-11-15 20:59:20 +04 Universal time: Tue 2022-11-15 16:59:20 UTC RTC time: Tue 2022-11-15 16:59:20 Time zone: Asia/Dubai (+04, +0400) System clock synchronized: yes NTP service: active RTC in local TZ: no
That brings us to the end of our guide on how to setup NTP client using Chrony on Rocky/Oracle Linux.
Install and Configure NTP Client on Ubuntu/Debian systems