NTP (Network Time Protocol) is a protocol that synchronizes clocks across a network to provide accurate time. Clocks can be found on personal computers, network routers, servers, and other devices. NTP-enabled programs can typically act as both a client and a server, as well as perform peer-to-peer communication. To disseminate time, NTP employs a hierarchical system. Servers at the top of the hierarchy are connected to reference clocks. This is essential in a communication system so that the computers may communicate seamlessly.

In this article, we show you how to Configure Chrony NTP Server on Debian Linux systems.

Benefits of NTP Time Synchronization

Here are the advantages of NTP:

• It synchronizes the devices’ internet connections.
• It increases the level of security within the building.
• It’s utilized in Kerberos and other authentication systems.
• It offers network acceleration, which aids in the diagnosis of issues.
• Used in file systems where network synchronization is challenging.

Get to Understand Chrony

The chrony daemon (chronyd) is a lot better than ntpd. It can keep accurate time on systems with busy networks or systems that are unavailable for extended periods of time, as well as virtualized systems. Furthermore, it synchronizes the system clock faster than ntpd and may be simply setup to work as a local time server. Most distributions recommend using the chrony service for software clock synchronization, with a few exceptions.

1 – Setting Correct Timezone

On system timedatectl command can be used to get information about the system clock and its settings, as well as enable and stop time synchronization services.

It has the following syntax:

timedatectl [OPTIONS…] {COMMAND}

When you use the timedatectl command by default, it displays the current date and time settings in the system:

$ timedatectl
               Local time: Mon 2025-01-27 16:43:33 EAT
           Universal time: Mon 2025-01-27 13:43:33 UTC
                 RTC time: Mon 2025-01-27 13:43:33
                Time zone: Africa/Nairobi (EAT, +0300)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

Set Time and Date with timedatectl

As per the syntax of timedatectl command, you can set time and date as follows:

sudo timedatectl set-time '2025-08-30 13:55:00'

List Available Timezones

timedatectl will display a list of available time zones:

$ timedatectl list-timezones
Africa/Abidjan
Africa/Accra
Africa/Algiers
Africa/Bissau
Africa/Cairo
Africa/Casablanca
Africa/Ceuta
Africa/El_Aaiun
Africa/Johannesburg
Africa/Juba
Africa/Khartoum
Africa/Lagos
Africa/Maputo
Africa/Monrovia
Africa/Nairobi
Africa/Ndjamena
Africa/Sao_Tome
Africa/Tripoli
Africa/Tunis
Africa/Windhoek
America/Adak
America/Anchorage
America/Araguaina
America/Argentina/Buenos_Aires
America/Argentina/Catamarca
America/Argentina/Cordoba
America/Argentina/Jujuy
America/Argentina/La_Rioja
America/Argentina/Mendoza
America/Argentina/Rio_Gallegos
America/Argentina/Salta
America/Argentina/San_Juan
America/Argentina/San_Luis
....

Set the Timezone

timedatectl can be used to set the correct timezone as follows, i.e my correct timezone is Africa/Nairobi.

sudo timedatectl set-timezone America/Detroit

We can confirm the changes as follows:

$ timedatectl
               Local time: Mon 2025-01-27 08:45:34 EST
           Universal time: Mon 2025-01-27 13:45:34 UTC
                 RTC time: Mon 2025-01-27 13:45:34
                Time zone: America/Detroit (EST, -0500)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

2 – Install Chrony NTP Server on Debian

Chrony NTP server can be installed on Debian as follows:

sudo apt update && sudo apt install chrony

Installation output:

Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Suggested packages:
  networkd-dispatcher
The following packages will be REMOVED:
  systemd-timesyncd
The following NEW packages will be installed:
  chrony
0 upgraded, 1 newly installed, 1 to remove and 0 not upgraded.
Need to get 286 kB of archives.
After this operation, 433 kB of additional disk space will be used.
Do you want to continue? [Y/n] y

After that, start the Chrony service and enable to start on boot:

sudo systemctl start chrony.service && sudo systemctl enable chrony.service

Check the chrony service status:

$ systemctl status chronyd
● chrony.service - chrony, an NTP client/server
     Loaded: loaded (/lib/systemd/system/chrony.service; enabled; preset: enabled)
     Active: active (running) since Mon 2025-01-27 16:46:48 EAT; 41s ago
       Docs: man:chronyd(8)
             man:chronyc(1)
             man:chrony.conf(5)
   Main PID: 11290 (chronyd)
      Tasks: 2 (limit: 7034)
     Memory: 1.3M
        CPU: 32ms
     CGroup: /system.slice/chrony.service
             ├─11290 /usr/sbin/chronyd -F 1
             └─11291 /usr/sbin/chronyd -F 1

3 – Configure NTP server with Chrony

The /etc/chrony/chrony.conf is the default configuration file for the NTP server. Open this file in your preferred text editor and comment out the default pool before adding a list of NTP servers that are closest to your location.

sudo vim /etc/chrony/chrony.conf

Setting NTP pool servers in configuration file:

# Welcome to the chrony configuration file. See chrony.conf(5) for more
# information about usable directives.

# Include configuration files found in /etc/chrony/conf.d.
confdir /etc/chrony/conf.d

# Use Debian vendor zone.
# pool 2.debian.pool.ntp.org iburst
server 0.ke.pool.ntp.org
server 0.africa.pool.ntp.org
server 3.africa.pool.ntp.org
# Use time sources from DHCP.
sourcedir /run/chrony-dhcp

# Use NTP sources found in /etc/chrony/sources.d.
sourcedir /etc/chrony/sources.d

# This directive specify the location of the file containing ID/key pairs for
# NTP authentication.
keyfile /etc/chrony/chrony.keys

Activate NTP Service using the commands belows:

sudo timedatectl set-ntp true

Then restart the chronyd service:

sudo systemctl restart chronyd

Managing the chrony Service

Using the chronyc sources -v tool to look at source time servers;

$ chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^? ke-nbo-rs02b.dpogroup.com     2   6     1    18    -18ms[  -18ms] +/-  108ms
^? ntp1.icolo.io                 2   6     1    18    -25ms[  -25ms] +/-   60ms
^? ntp2.cd.net.za                2   6     1    18    -18ms[  -18ms] +/-  249ms

Using the following command to view software clock information;

$ chronyc tracking
Reference ID    : 00000000 ()
Stratum         : 0
Ref time (UTC)  : Thu Jan 01 00:00:00 1970
System time     : 0.000000000 seconds slow of NTP time
Last offset     : +0.000000000 seconds
RMS offset      : 0.000000000 seconds
Frequency       : 9.036 ppm slow
Residual freq   : +0.000 ppm
Skew            : 0.000 ppm
Root delay      : 1.000000000 seconds
Root dispersion : 1.000000000 seconds
Update interval : 0.0 seconds
Leap status     : Not synchronised

As per the above output, we get the following:

• Reference ID: The reference ID and name to which the computer is currently synced.
• Stratum: Number of hops to a computer with an attached reference clock.
• Ref time: This is the UTC time at which the last measurement from the reference source was made.
• System time: Delay of system clock from synchronized server.
• Last offset: Estimated offset of the last clock update.
• RMS offset: Long term average of the offset value.
• Frequency: This is the rate by which the system’s clock would be wrong if chronyd is not correcting it. It is provided in ppm (parts per million).
• Residual freq: Residual frequency indicating the difference between the measurements from reference source and the frequency currently being used.
• Skew: Estimated error bound of the frequency.
• Root delay: Total of the network path delays to the stratum computer, from which the computer is being synced.
• Leap status: This is the leap status which can have one of the following values – normal, insert second, delete second or not synchronized.

Using the command below to view time server statistics;

$ chronyc sourcestats
Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
==============================================================================
ke-nbo-rs02b.dpogroup.com   2   0    64     +0.000   2000.000    -18ms  4000ms
ntp1.icolo.io               2   0    65     +0.000   2000.000  +1874us  4000ms
ntp2.cd.net.za              2   0    65     +0.000   2000.000    -12ms  4000ms

Conclusion

Finally, Chrony NTP Server was successfully Configured on Debian 12 | Debian 11. We hope you found this post helpful.

Recommended Linux Books  to read:

• Best Linux Books for Beginners & Experts
• Best Linux Kernel Programming Books
• Best Linux Bash Scripting Books
• Top RHCSA / RHCE Certification Study Books
• Best Top Rated CompTIA A+ Certification Books
• Best LPIC-1 and LPIC-2 certification study books