Accurate system time is crucial for many reasons: - Logs must be timestamped correctly for troubleshooting and event correlation. - Security certificates (SSL/TLS) have a validity period. - Authentication protocols such as Kerberos are very sensitive to time discrepancies. - Scheduled tasks (cron) must run at the right time. - Data consistency in distributed systems and databases.
Which NTP client should you use?
On modern Linux systems, you mainly have three choices:
systemd-timesyncd: Integrated into systemd. It is the default client on many modern distributions (such as Ubuntu 20.04+). It is very lightweight and simple, perfect for a client. It cannot act as an NTP server.chrony: The modern alternative tontpd. It performs better on systems that are not always online (laptops) or that have an unstable network connection. It can also act as an NTP server.ntpd: The historical reference implementation. Still very robust, but often considered heavier and more complex than its alternatives for a simple client.
Recommendation: Use systemd-timesyncd if available. If you need more features or want to serve time, use chrony.
Configuring systemd-timesyncd (the simplest option)
It is often already enabled by default.
Step 1: Check the status
timedatectl statusLook for the line `NTP service: active`. If that is the case, you have nothing to do!
Step 2: Enable it if necessary
sudo timedatectl set-ntp trueStep 3: (Optional) Change the NTP servers
The servers are configured in /etc/systemd/timesyncd.conf.
sudo nano /etc/systemd/timesyncd.confUncomment and edit the `NTP=` line to add your servers, separated by spaces.
[Time]
NTP=0.fr.pool.ntp.org 1.fr.pool.ntp.org
Restart the service to apply the changes:
sudo systemctl restart systemd-timesyncdConfiguring chrony
If you prefer chrony or if timesyncd is not available.
Step 1: Installation
# First, disable timesyncd if it is active
sudo timedatectl set-ntp false
# On Debian / Ubuntu
sudo apt-get install -y chrony
# On CentOS / RHEL
sudo yum install -y chrony
Step 2: Configuration
The configuration file is /etc/chrony/chrony.conf (or /etc/chrony.conf).
sudo nano /etc/chrony/chrony.confThe default configuration often uses server pools. You can replace them with servers closer to your location (e.g. `fr.pool.ntp.org` for France).
# Use servers from the French NTP pool.
pool 2.fr.pool.ntp.org iburst
# ... other options
Step 3: Start and enable the service
sudo systemctl start chronyd
sudo systemctl enable chronydStep 4: Verify the synchronization
The chronyc command is the tool to interact with the chronyd daemon.
chronyc sources -vThis command lists the time sources, their status and the offset.
chronyc trackingThis command gives a summary of the system clock synchronization.
The
iburst option, present in the default configurations, is very useful. It tells the client to send a burst of packets at startup to speed up the first synchronization.
NTP uses port 123 over UDP. If you have a restrictive firewall, make sure that outbound traffic on this port is allowed.
Conclusion
Maintaining accurate system time is a simple but fundamental background task for any system administrator. With modern tools such as systemd-timesyncd and chrony, configuring an NTP client has become extremely simple. There is no reason not to enable it on all your Linux servers.
Comments