Configuring an NTP server on Linux (AlmaLinux)
An NTP or Network Time Protocol server is a crucial component in networked environments that synchronizes computer and device clocks, ensuring accurate and consistent time for various operations. It obtains precise time information from reliable sources and distributes it to client devices, providing synchronized clocks across the network. This synchronization is vital for log accuracy, security protocols, coordination in distributed systems, and regulatory compliance.
Chrony is a modern NTP client and server on Linux (AlmaLinux) designed to synchronize computer system clocks. It offers enhancements and flexibility that make chronyd an excellent alternative to ntpd, a traditional NTP daemon. Chrony (also known as the chronyd daemon) ensures accurate timekeeping even in skewed system clocks or intermittent network connections, making it a versatile and efficient choice for NTP implementation.
In this article, you can learn more about installing and configuring a Chrony NTP server on Linux (AlmaLinux) with simple steps, but first let's review the key points contained within this post:
Key points
This help article will inform the reader with regard to:
- Running an NTP server on Linux (AlmaLinux).
- Logging into your Liquid Web sever.
- Installing and configuring the NTP server on AlmaLinux.
- Starting and enabling the NTP service.
- Managing the firewall.
- Configuring access controls in the chrony.conf file.
- Adjust the system clock.
About running an NTP server on Linux (AlmaLinux)
Installing a Chrony NTP server on Linux (AlmaLinux) is crucial for maintaining system stability, security, and compliance. NTP ensures seamless operation of tasks, logs, and security mechanisms. Accurate timekeeping in log files helps maintain system stability, while synchronized clocks enable security protocols. Consistent timekeeping enhances coordination within distributed systems and meets regulatory compliance requirements for precise timestamping. Thus, installing a Chrony NTP server on AlmaLinux is essential for a reliable and secure computing environment.
How to configure the NTP server on Linux (AlmaLinux)
You can install and configure the Chrony NTP server on Linux (AlmaLinux) using the following steps.
Prerequisites
- AlmaLinux OS 8 is the operating system and version this article is intended for.
- Ensure you have root or sudo access to install and configure the Chrony NTP server.
- A minimum of 1 GB of RAM and 10 GB of disk space are recommended.
Step #1. Log into your Liquid Web server
Access your Liquid Web server over SSHor another remote access method.
Step #2. Update your system
Keeping your system up to date is crucial. The following command will help you to update the package repositories and install any available updates:
sudo dnf updateThen, install the Extra Packages for Enterprise Linux (EPEL) repository using the following command:
sudo dnf install epel-releaseHere is the output:
]# sudo dnf install epel-release
Last metadata expiration check: 0:00:25 ago on Sun 03 Dec 2023 05:53:24 PM UTC.
Dependencies resolved.
==============================================================================================================================================================================================================================================
Package Architecture Version Repository Size
==============================================================================================================================================================================================================================================
Installing:
epel-release noarch 8-19.el8 extras 24 k
Transaction Summary
==============================================================================================================================================================================================================================================
Install 1 Package
Total download size: 24 k
Installed size: 35 k
Is this ok [y/N]: y
Downloading Packages:
epel-release-8-19.el8.noarch.rpm 4.9 MB/s | 24 kB 00:00
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 281 kB/s | 24 kB 00:00
AlmaLinux 8 - Extras 4.9 MB/s | 5.0 kB 00:00
Importing GPG key 0xC21AD6EA:
Userid : "AlmaLinux <packager@almalinux.org>"
Fingerprint: E53C F5EF 91CE B0AD 1812 ECB8 51D6 647E C21A D6EA
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
Is this ok [y/N]: y
Key imported successfully
Importing GPG key 0xCED7258B:
Userid : "AlmaLinux OS 8 <packager@almalinux.org>"
Fingerprint: BC5E DDCA DF50 2C07 7F15 8288 2AE8 1E8A CED7 258B
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
Is this ok [y/N]: y
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : epel-release-8-19.el8.noarch 1/1
Running scriptlet: epel-release-8-19.el8.noarch 1/1
Many EPEL packages require the CodeReady Builder (CRB) repository.
It is recommended that you run /usr/bin/crb enable to enable the CRB repository.
Verifying : epel-release-8-19.el8.noarch 1/1
Installed:
epel-release-8-19.el8.noarch
Complete!Step #3. Install the Chrony NTP server
Use the following command to install the Chrony NTP server on Linux (AlmaLinux):
sudo dnf install chronyThis command installs the Chrony NTP daemon on the Linux (AlmaLinux) system.
Here is the output:
]# sudo dnf install chrony
Last metadata expiration check: 0:07:52 ago on Sun 03 Dec 2023 03:32:25 PM UTC.
Dependencies resolved.
==============================================================================================================================================================================================================================================
Package Architecture Version Repository Size
==============================================================================================================================================================================================================================================
Installing:
chrony x86_64 4.2-1.el8 baseos 332 k
Transaction Summary
==============================================================================================================================================================================================================================================
Install 1 Package
Total download size: 332 k
Installed size: 671 k
Is this ok [y/N]: y
Downloading Packages:
chrony-4.2-1.el8.x86_64.rpm 22 MB/s | 332 kB 00:00
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 3.3 MB/s | 332 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: chrony-4.2-1.el8.x86_64 1/1
Installing : chrony-4.2-1.el8.x86_64 1/1
Running scriptlet: chrony-4.2-1.el8.x86_64 1/1
Verifying : chrony-4.2-1.el8.x86_64 1/1
Installed:
chrony-4.2-1.el8.x86_64
Complete!Step #4. Configure the Chrony NTP server
Edit the Chrony NTP configuration file located at /etc/chrony.conf to configure the NTP server on Linux (AlmaLinux) using any of the text editors (for example, nano):
sudo nano /etc/chrony.confBy default, Chrony will use the NTP pool servers. So, comment out the default pool and add or modify the server lines if you want to define custom servers. Within the /etc/chrony.conf file, you'll find a section specifying NTP servers. Here's an example:
server test.server1.com iburstReplace test.server1.com with your NTP server. Save the file, then exit from the text editor. The iburst option helps with faster synchronization.
Here is the output:
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#pool 2.almalinux.pool.ntp.org iburst
server test.server1.com iburstStep #5. Start and enable NTP service
Use the following commands to start the Chrony NTP service and enable it to start upon boot:
sudo systemctl start chronyd
sudo systemctl enable chronydThen, check the status of the Chrony NTP service to ensure it's running without issues:
sudo systemctl status chronydHere is the output:
Step #6. Configure the firewall (firewalld)
If you're using firewalld, open User Datagram Protocol (UDP) port 123 for NTP traffic and reload so the change takes effect:
sudo firewall-cmd --zone=public --add-port=123/udp --permanent
sudo firewall-cmd --reloadHere is the output:
]# sudo firewall-cmd --zone=public --add-port=123/udp --permanent
success
]# sudo firewall-cmd --reload
successIf you want to check if NTP service is available, use the following command:
sudo firewall-cmd --list-portsHere is the output:
]# sudo firewall-cmd --list-ports
123/udpStep #7. Verify the NTP server installation
Check the Chrony NTP synchronization status with the following command. This command displays a list of configured sources and their synchronization status:
chronyc sourcesHere is the output:
]# chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? test.server1.com 0 8 0 - +0ns[ +0ns] +/- 0nsStep #8. NTP security (optional)
For added security, consider configuring access controls in the chrony.conf file. For example, you can restrict access to your local network;
allow 192.168.1.0/24Step #9. Adjust the system clock
To synchronize the system clock immediately, use the following command:
sudo chronyc -a makestepHere is the output:
]# sudo chronyc -a makestep
200 OKStep #10. Restart the NTP service
Restart the Chrony NTP service to reflect the configuration changes. Use the following command to restart the Chrony NTP service:
sudo systemctl restart chronydCongratulations! With the procedure documented above, you successfully learned how to configure a Chrony NTP server on Linux — AlmaLinux specifically — allowing for synchronized system clocks vital for logs, security, and coordinated processes.
How to uninstall or remove the NTP server
If you need to uninstall or remove the Chrony NTP server, use the following command:
sudo dnf remove chronyHere is the output:
]# sudo dnf remove chrony
Dependencies resolved.
==============================================================================================================================================================================================================================================
Package Architecture Version Repository Size
==============================================================================================================================================================================================================================================
Removing:
chrony x86_64 4.2-1.el8 @System 671 k
Transaction Summary
==============================================================================================================================================================================================================================================
Remove 1 Package
Freed space: 671 k
Is this ok [y/N]: y
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: chrony-4.2-1.el8.x86_64 1/1
Erasing : chrony-4.2-1.el8.x86_64 1/1
warning: /etc/chrony.conf saved as /etc/chrony.conf.rpmsave
Running scriptlet: chrony-4.2-1.el8.x86_64 1/1
Verifying : chrony-4.2-1.el8.x86_64 1/1
Removed:
chrony-4.2-1.el8.x86_64
Complete!Closing thoughts
It's easy to set up the Chrony NTP server on AlmaLinux. You can guarantee correct time synchronization for your networked systems by following the steps provided in this article. Chrony's advanced algorithms and features make it a reliable choice for maintaining precise timekeeping, even in scenarios where system clocks might experience significant clock drift or network connectivity is intermittent. Additionally, securing the NTP server through firewall configurations and implementing access controls in the Chrony configuration file can enhance overall system security.
For installing and configuring the Chrony NTP server on AlmaLinux, Liquid Web offers various hosting solutions tailored to diverse needs. The Managed Dedicated Servers provide robust hardware and expert support for enterprises seeking dedicated resources and comprehensive management. Virtual Private Servers (VPS) balance performance and scalability, making them suitable for smaller-scale deployments.
Liquid Web's Cloud Studio solutionsalso provide flexibility, enabling dynamic resource allocation for NTP servers with varying workloads. Whichever product you choose, Liquid Web's commitment to reliability, security, and customer support ensures a seamless experience in setting up and maintaining an accurate and dependable NTP server infrastructure on AlmaLinux.
Related Articles:
About the Author: Mohammed Noufal
Mohammed Noufal is a B.Tech graduate with a decade of experience in server administration and web hosting. He is a father to two daughters and finds fulfillment in their growth. In his free time, he enjoys blogging, sharing experiences, and listening to music. With a strong technical background, family commitment, and creative outlets, he represents a well-rounded life journey.
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.
Latest Articles
In-place CentOS 7 upgrades
Read ArticleHow to use kill commands in Linux
Read ArticleChange cPanel password from WebHost Manager (WHM)
Read ArticleChange cPanel password from WebHost Manager (WHM)
Read ArticleChange the root password in WebHost Manager (WHM)
Read Article