The default Network Time Protocol server for the majority of Linux distros is the Chrony NTP server. Chrony is used to synchronize the system clock with remote internet servers i.e NTP servers. Accurate timekeeping on computer systems is very ideal for a number of reasons and mostly on log analysis. Chrony is a replacement for the old Ntpd used in old Linux systems.
In Linux systems, the NTP protocol is implemented via a user-space daemon which updates the system clock running in the kernel. System clock uses time stamp counter TSC which is a CPU register that counts the number of cycles since the last time reset on the system. NTP protocol is implemented with either NTP or Chrony
There are two user-space daemons to choose from i.e ntp and chrony. These two are available from the standard Fedora package repositories. You can install both and switch between them as you wish.
Why Chrony NTP Server?
Chrony is an implementation of the Network Time Protocol and is useful in a number of ways:
- Chrony is used to syncronise system clock with NTP servers.
- Chrony is used to syncronise the system clock with a reference clock e.g GPS receiver.
- Chrony is used to syncronise the system clock with a manual time input using wristwatch and keyboard.
- Chrony can also operate as an NTPv4 (RFC 5905) server and peer to provide a time service to other computers in the network.
- Chrony handles intermittent network connections and bandwidth saturation more effectively as compared to ntpd.
- Chrony is also able to adjust to network delays and latency.
- Chrony ensures stable and consistent time intervals for system services and applications since once started, it never stops.
- Chrony is able to work without a network connection. Hence the localhost or the server can be manually updated afterwards.
- Chrony is supported on Linux, FreeBSD, NetBSD, macOS, and Solaris.
The reasons above explain why Fedora, CentOS, and RHEL releases have moved from NTP to Chrony as their default time-keeping implementation. Chrony is preferred by the majority of Sysadmins because it has a simplified interface, provides more information, and increases control.
In this article, I will explain how to Configure Chrony NTP Server on Rocky Linux 9 / AlmaLinux 9.
Software Requirements and Conventions used
- System running on Rocky Linux 9 / AlmaLinux 9
- Chrony version 3.3 and above.
- A sudo user
Configure Chrony NTP Server on Rocky Linux 9 / AlmaLinux 9
Carry out the following steps to configure Chrony NTP server on your system.
Step 1: Update your system
Refresh your Rocky Linux 9 / AlmaLinux 9 packages.
sudo dnf update -yStep 2: Set up a correct timezone in your server
To set the timezone for your server use the timedatectl command.
To change the timezone, first list all the available timezones then set your timezone depending on your preference as shown below:
timedatectl list-timezonesOutput example:
Africa/Lome
Africa/Luanda
Africa/Lubumbashi
Africa/Lusaka
Africa/Malabo
Africa/Maputo
Africa/Maseru
Africa/Mbabane
Africa/Mogadishu
Africa/Monrovia
Africa/Nairobi
Africa/Ndjamena
Africa/Niamey
Africa/Nouakchott
Africa/Ouagadougou
Africa/Porto-Novo
Africa/Sao_Tome
Africa/TripoliI’m in Africa/Nairobi timezone, this is what is used in the next configuration.
sudo timedatectl set-timezone Africa/NairobiTo view the current timezone.
$ timedatectl
Local time: Mon 2025-02-03 18:55:17 EAT
Universal time: Mon 2025-02-03 15:55:17 UTC
RTC time: Mon 2025-02-03 15:55:17
Time zone: Africa/Nairobi (EAT, +0300)
System clock synchronized: yes
NTP service: active
RTC in local TZ: noAnother way to check your current timezone :
$ ls -l /etc/localtime
lrwxrwxrwx. 1 root root 36 Nov 25 13:19 /etc/localtime -> ../usr/share/zoneinfo/Africa/NairobiYou can also list the zoneinfo.
$ ls -l /usr/share/zoneinfo
total 304
drwxr-xr-x 2 root root 4096 Feb 2 11:09 Africa
drwxr-xr-x 6 root root 20480 Feb 2 11:09 America
drwxr-xr-x 2 root root 4096 Feb 2 11:09 Antarctica
drwxr-xr-x 2 root root 4096 Feb 2 11:09 Arctic
drwxr-xr-x 2 root root 12288 Feb 2 11:09 Asia
drwxr-xr-x 2 root root 4096 Feb 2 11:09 Atlantic
drwxr-xr-x 2 root root 4096 Feb 2 11:09 Australia
-rw-r--r-- 1 root root 2094 Dec 4 00:59 CET
-rw-r--r-- 1 root root 2310 Dec 4 00:59 CST6CDT
-rw-r--r-- 1 root root 1908 Dec 4 00:59 EET
-rw-r--r-- 1 root root 114 Dec 4 00:59 EST
-rw-r--r-- 1 root root 2310 Dec 4 00:59 EST5EDT
drwxr-xr-x 2 root root 4096 Feb 2 11:09 Etc
drwxr-xr-x 2 root root 12288 Feb 2 11:09 EuropeStep 3: Install Chrony NTP Server on Rocky Linux 9 / Almalinux 9
Chrony server is available in your Rocky Linux 9 / Almalinux 9 as it is included in the CentOS 9 default repository.
To install Chrony Server:
sudo dnf install chrony -yOutput:
Last metadata expiration check: 1:03:59 ago on Mon 03 Feb 2025 08:41:49 AM EAT.
Package chrony-4.6-1.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!Then, Start the Chrony service and enable the service on boot.
sudo systemctl start chronyd
sudo systemctl enable chronydTo verify Chronyd status.
sudo systemctl status chronydThe output:
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor pre>
Active: active (running) since Mon 2025-02-03 09:58:47 EAT; 1min 52s ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Main PID: 217561 (chronyd)
Tasks: 1 (limit: 48737)
Memory: 1.2M
CGroup: /system.slice/chronyd.service
└─217561 /usr/sbin/chronyd
Feb 03 09:58:47 rocky-linux systemd[1]: Starting NTP client/server...
Feb 03 09:58:47 rocky-linux chronyd[217561]: chronyd version 4.6 starting (+CMD>
Feb 03 09:58:47 rocky-linux chronyd[217561]: Using right/UTC timezone to obtain>
Feb 03 09:58:47 rocky-linux systemd[1]: Started NTP client/server.Step 4: Configuring NTP server with Chrony
The default configuration file for the NTP server is /etc/chrony.conf. Open this file with the text editor of your choice and comment out the default pool and add a list of NTP servers closest to your location.
sudo vim /etc/chrony.confI will add a list of NTP servers close to my location in Kenya as per this link.
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
# pool 2.pool.ntp.org iburst //Comment out this line
server 0.ke.pool.ntp.org
server 1.africa.pool.ntp.org
server 3.africa.pool.ntp.orgAfter the necessary changes, save and close your file. The next thing is to set NTP synchronization.
sudo timedatectl set-ntp trueThen restart the chronyd service to effect the changes.
sudo systemctl restart chronyd ; watch chronyc trackingThe command above will restart the chronyd service and track how the service is working for a few minutes.
From the output, we are able to acquire much more statistics. The watch command runs with chronyc tracking command every two seconds so we can watch changes occur over time. To break the watch loop, use CTRL+C to jump out of the loop.
To Allow NTP client access from the local network edit the line below.
# Allow NTP client access from local network.
allow 192.168.201.0/24 The configuration shows that the server can listen for requests on any local network it’s attached to.
After editing, save and exit your editor and restart the chronyd service to effect the changes.
sudo systemctl restart chronydThen check whether your NTP server is working or not with this command:
sudo chronyc sourcesThe output is as shown:
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? time.cloudflare.com 3 6 1 6 -28us[ -28us] +/- 11ms
^? repository.habari.co.tz 2 6 1 6 -1153us[-1153us] +/- 250ms
^? ntp2.inx.net.za 2 6 1 6 -3904us[-3904us] +/- 131msIt is highly recommended to have a static IP address for your server. A dynamic IP address will have mixed statistics.
Or better still, use this command:
chronyc sources -vThe output:
chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.201.2 4 10 377 825 -8612ns[ -14us]Step 5: Configure your Firewall to allow NTP service
To configure the firewall to allow ntp service, issue the command:
sudo firewall-cmd --permanent --add-service=ntp --permanentThen reload the firewall to effect the changes.
sudo firewall-cmd --reloadStep 6: NTP Client Configuration
The next step is to install the NTP client on the client machine and configure it to use the Chrony Server. I will use my Fedora machine (192.168.201.3) client.
1 . On the client machine set the correct timezone.
sudo timedatectl set-timezone Africa/Nairobi2 . Install Chrony Server
sudo dnf install chrony -y3 . Edit the configuration file /etc/chrony.conf and point to your NTP server. My server is Rocky Linux 192.168.201.2
sudo vim /etc/chrony.confMake the changes as shown below, then save and exit your text editor.
#pool 2.fedora.pool.ntp.org iburst
server 192.168.201.2 #his is the IP address of my Rocky Linux 8 server4 . After the changes, restart the chronyd service for changes to take effect.
sudo systemctl restart chronyd5 . Then set NTP synchronization.
sudo timedatectl set-ntp true6 . Next thing is to start the chronyd service and enable it on the next boot.
sudo systemctl start chronyd
sudo systemctl enable chronyd7 . Lastly verify the time synchronization.
sudo chronyc sourcesYour output should look like this:
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.201.2 4 6 37 29 +14us[ +30us] +/- 11msTo check chrony tracking, run the following command.
chronyc trackingCommand output:
Reference ID : C0A8C902 (192.168.201.2)
Stratum : 5
Ref time (UTC) : Mon Feb 03 11:00:47 2023
System time : 0.000004511 seconds slow of NTP time
Last offset : -0.000005301 seconds
RMS offset : 0.000008228 seconds
Frequency : 0.999 ppm fast
Residual freq : -0.000 ppm
Skew : 0.016 ppm
Root delay : 0.020767458 seconds
Root dispersion : 0.000834123 seconds
Update interval : 519.9 seconds
Leap status : Normal8 . To check on NTP clients, log in to your server and issue this command as sudo user:
sudo chronyc clientsOutput is as shown :
Hostname NTP Drop Int IntL Last Cmd Drop Int Last
===============================================================================
localhost 0 0 - - - 5 0 10 13
192.168.201.3 19 0 6 - 67 0 0 - -Conclusion
Congratulations you have Configured Chrony NTP Server on Rocky Linux 9 / AlmaLinux 9. The outlined steps are very easy to follow through. Chronyd is the preferred choice for most networks than ntpd for keeping computers synchronized with the Network Time Protocol.
It is a powerful tool for synchronizing the times of client hosts whether on a local network or scattered across different countries. It is very easy to configure as outlined in the steps above.
I Thank you for your time. Read more about Chrony on Chrony Documentation. If you appreciate my work, I won’t mind that coffee, it’s what motivates us to keep going.
Recommended reading:
