Configuring an NTP server on Linux (AlmaLinux)

Posted on by Mohammed Noufal
Reading Time: 6 minutes


An NTP or Network Time Protocol server is a crucial component in networked environments that synchronizes computer and device clocks, ensuring accurate and consistent time for various operations. It obtains precise time information from reliable sources and distributes it to client devices, providing synchronized clocks across the network. This synchronization is vital for log accuracy, security protocols, coordination in distributed systems, and regulatory compliance.

Chrony is a modern NTP client and server on Linux (AlmaLinux) designed to synchronize computer system clocks. It offers enhancements and flexibility that make chronyd an excellent alternative to ntpd, a traditional NTP daemon. Chrony (also known as the chronyd daemon) ensures accurate timekeeping even in skewed system clocks or intermittent network connections, making it a versatile and efficient choice for NTP implementation.

In this article, you can learn more about installing and configuring a Chrony NTP server on Linux (AlmaLinux) with simple steps, but first let's review the key points contained within this post:

Key points

This help article will inform the reader with regard to:

  • Running an NTP server on Linux (AlmaLinux).
  • Logging into your Liquid Web sever.
  • Installing and configuring the NTP server on AlmaLinux.
  • Starting and enabling the NTP service.
  • Managing the firewall.
  • Configuring access controls in the chrony.conf file.
  • Adjust the system clock.

About running an NTP server on Linux (AlmaLinux)

Installing a Chrony NTP server on Linux (AlmaLinux) is crucial for maintaining system stability, security, and compliance. NTP ensures seamless operation of tasks, logs, and security mechanisms. Accurate timekeeping in log files helps maintain system stability, while synchronized clocks enable security protocols. Consistent timekeeping enhances coordination within distributed systems and meets regulatory compliance requirements for precise timestamping. Thus, installing a Chrony NTP server on AlmaLinux is essential for a reliable and secure computing environment.

How to configure the NTP server on Linux (AlmaLinux)

You can install and configure the Chrony NTP server on Linux (AlmaLinux) using the following steps.

Prerequisites

  • AlmaLinux OS 8 is the operating system and version this article is intended for.
  • Ensure you have root or sudo access to install and configure the Chrony NTP server.
  • A minimum of 1 GB of RAM and 10 GB of disk space are recommended.

Step #1. Log into your Liquid Web server

Access your Liquid Web server over SSHor another remote access method.

Step #2. Update your system

Keeping your system up to date is crucial. The following command will help you to update the package repositories and install any available updates:

sudo dnf update

Then, install the Extra Packages for Enterprise Linux (EPEL) repository using the following command:

sudo dnf install epel-release

Here is the output:

]# sudo dnf install epel-release
Last metadata expiration check: 0:00:25 ago on Sun 03 Dec 2023 05:53:24 PM UTC.
Dependencies resolved.
==============================================================================================================================================================================================================================================
 Package                                                      Architecture                                           Version                                                     Repository                                              Size
==============================================================================================================================================================================================================================================
Installing:
 epel-release                                                 noarch                                                 8-19.el8                                                    extras                                                  24 k

Transaction Summary
==============================================================================================================================================================================================================================================
Install  1 Package

Total download size: 24 k
Installed size: 35 k
Is this ok [y/N]: y
Downloading Packages:
epel-release-8-19.el8.noarch.rpm                                                                                                                                                                              4.9 MB/s |  24 kB     00:00    
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                                                                         281 kB/s |  24 kB     00:00     
AlmaLinux 8 - Extras                                                                                                                                                                                          4.9 MB/s | 5.0 kB     00:00    
Importing GPG key 0xC21AD6EA:
 Userid     : "AlmaLinux <packager@almalinux.org>"
 Fingerprint: E53C F5EF 91CE B0AD 1812 ECB8 51D6 647E C21A D6EA
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
Is this ok [y/N]: y
Key imported successfully
Importing GPG key 0xCED7258B:
 Userid     : "AlmaLinux OS 8 <packager@almalinux.org>"
 Fingerprint: BC5E DDCA DF50 2C07 7F15 8288 2AE8 1E8A CED7 258B
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux
Is this ok [y/N]: y
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                                                                      1/1 
  Installing       : epel-release-8-19.el8.noarch                                                                                                                                                                                         1/1 
  Running scriptlet: epel-release-8-19.el8.noarch                                                                                                                                                                                         1/1 
Many EPEL packages require the CodeReady Builder (CRB) repository.
It is recommended that you run /usr/bin/crb enable to enable the CRB repository.

  Verifying        : epel-release-8-19.el8.noarch                                                                                                                                                                                         1/1 

Installed:
  epel-release-8-19.el8.noarch                                                                                                                                                                                                                

Complete!

Step #3. Install the Chrony NTP server

Use the following command to install the Chrony NTP server on Linux (AlmaLinux):

sudo dnf install chrony

This command installs the Chrony NTP daemon on the Linux (AlmaLinux) system.

Here is the output:

]# sudo dnf install chrony
Last metadata expiration check: 0:07:52 ago on Sun 03 Dec 2023 03:32:25 PM UTC.
Dependencies resolved.
==============================================================================================================================================================================================================================================
 Package                                                  Architecture                                             Version                                                     Repository                                                Size
==============================================================================================================================================================================================================================================
Installing:
 chrony                                                   x86_64                                                   4.2-1.el8                                                   baseos                                                   332 k

Transaction Summary
==============================================================================================================================================================================================================================================
Install  1 Package

Total download size: 332 k
Installed size: 671 k
Is this ok [y/N]: y
Downloading Packages:
chrony-4.2-1.el8.x86_64.rpm                                                                                                                                                                                    22 MB/s | 332 kB     00:00    
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                                                                         3.3 MB/s | 332 kB     00:00     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                                                                      1/1 
  Running scriptlet: chrony-4.2-1.el8.x86_64                                                                                                                                                                                              1/1 
  Installing       : chrony-4.2-1.el8.x86_64                                                                                                                                                                                              1/1 
  Running scriptlet: chrony-4.2-1.el8.x86_64                                                                                                                                                                                              1/1 
  Verifying        : chrony-4.2-1.el8.x86_64                                                                                                                                                                                              1/1 

Installed:
  chrony-4.2-1.el8.x86_64                                                                                                                                                                                                                     

Complete!

Step #4. Configure the Chrony NTP server

Edit the Chrony NTP configuration file located at /etc/chrony.conf to configure the NTP server on Linux (AlmaLinux) using any of the text editors (for example, nano):

sudo nano /etc/chrony.conf

By default, Chrony will use the NTP pool servers. So, comment out the default pool and add or modify the server lines if you want to define custom servers. Within the /etc/chrony.conf file, you'll find a section specifying NTP servers. Here's an example:

server test.server1.com iburst

Replace test.server1.com with your NTP server. Save the file, then exit from the text editor. The iburst option helps with faster synchronization.

Here is the output:

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#pool 2.almalinux.pool.ntp.org iburst
server test.server1.com iburst

Step #5. Start and enable NTP service

Use the following commands to start the Chrony NTP service and enable it to start upon boot:

sudo systemctl start chronyd
sudo systemctl enable chronyd

Then, check the status of the Chrony NTP service to ensure it's running without issues:

sudo systemctl status chronyd

Here is the output:

Step #6. Configure the firewall (firewalld)

If you're using firewalld, open User Datagram Protocol (UDP) port 123 for NTP traffic and reload so the change takes effect:

sudo firewall-cmd --zone=public --add-port=123/udp --permanent
sudo firewall-cmd --reload

Here is the output:

]# sudo firewall-cmd --zone=public --add-port=123/udp --permanent
success
]# sudo firewall-cmd --reload
success

If you want to check if NTP service is available, use the following command:

sudo firewall-cmd --list-ports

Here is the output:

]# sudo firewall-cmd --list-ports
123/udp

Step #7. Verify the NTP server installation

Check the Chrony NTP synchronization status with the following command. This command displays a list of configured sources and their synchronization status:

chronyc sources

Here is the output:

]# chronyc sources
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^? test.server1.com    0   8     0     -     +0ns[   +0ns] +/-    0ns

Step #8. NTP security (optional)

For added security, consider configuring access controls in the chrony.conf file. For example, you can restrict access to your local network;

allow 192.168.1.0/24

Step #9. Adjust the system clock

To synchronize the system clock immediately, use the following command:

sudo chronyc -a makestep

Here is the output:

]# sudo chronyc -a makestep
200 OK

Step #10. Restart the NTP service

Restart the Chrony NTP service to reflect the configuration changes. Use the following command to restart the Chrony NTP service:

sudo systemctl restart chronyd

Congratulations! With the procedure documented above, you successfully learned how to configure a Chrony NTP server on Linux — AlmaLinux specifically — allowing for synchronized system clocks vital for logs, security, and coordinated processes.

How to uninstall or remove the NTP server

If you need to uninstall or remove the Chrony NTP server, use the following command:

sudo dnf remove chrony

Here is the output:

 ]# sudo dnf remove chrony
Dependencies resolved.
==============================================================================================================================================================================================================================================
 Package                                                 Architecture                                            Version                                                       Repository                                                Size
==============================================================================================================================================================================================================================================
Removing:
 chrony                                                  x86_64                                                  4.2-1.el8                                                     @System                                                  671 k

Transaction Summary
==============================================================================================================================================================================================================================================
Remove  1 Package

Freed space: 671 k
Is this ok [y/N]: y
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                                                                      1/1 
  Running scriptlet: chrony-4.2-1.el8.x86_64                                                                                                                                                                                              1/1 
  Erasing          : chrony-4.2-1.el8.x86_64                                                                                                                                                                                              1/1 
warning: /etc/chrony.conf saved as /etc/chrony.conf.rpmsave

  Running scriptlet: chrony-4.2-1.el8.x86_64                                                                                                                                                                                              1/1 
  Verifying        : chrony-4.2-1.el8.x86_64                                                                                                                                                                                              1/1 

Removed:
  chrony-4.2-1.el8.x86_64                                                                                                                                                                                                                     

Complete!

Closing thoughts

It's easy to set up the Chrony NTP server on AlmaLinux. You can guarantee correct time synchronization for your networked systems by following the steps provided in this article. Chrony's advanced algorithms and features make it a reliable choice for maintaining precise timekeeping, even in scenarios where system clocks might experience significant clock drift or network connectivity is intermittent. Additionally, securing the NTP server through firewall configurations and implementing access controls in the Chrony configuration file can enhance overall system security.

For installing and configuring the Chrony NTP server on AlmaLinux, Liquid Web offers various hosting solutions tailored to diverse needs. The Managed Dedicated Servers provide robust hardware and expert support for enterprises seeking dedicated resources and comprehensive management. Virtual Private Servers (VPS) balance performance and scalability, making them suitable for smaller-scale deployments.

Liquid Web's Cloud Studio solutionsalso provide flexibility, enabling dynamic resource allocation for NTP servers with varying workloads. Whichever product you choose, Liquid Web's commitment to reliability, security, and customer support ensures a seamless experience in setting up and maintaining an accurate and dependable NTP server infrastructure on AlmaLinux.

Avatar for Mohammed Noufal

About the Author: Mohammed Noufal

Mohammed Noufal is a B.Tech graduate with a decade of experience in server administration and web hosting. He is a father to two daughters and finds fulfillment in their growth. In his free time, he enjoys blogging, sharing experiences, and listening to music. With a strong technical background, family commitment, and creative outlets, he represents a well-rounded life journey.

Latest Articles

How to use kill commands in Linux

Read Article

Change cPanel password from WebHost Manager (WHM)

Read Article

Change cPanel password from WebHost Manager (WHM)

Read Article

Change cPanel password from WebHost Manager (WHM)

Read Article

Change the root password in WebHost Manager (WHM)

Read Article