Chrony is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. More information on chrony can be found at https://chrony-project.org/. Chrony can be configured to be a client and/or a server. Add or edit server or pool lines to /etc/chrony.conf as appropriate:
server <remote-server>Multiple servers may be configured.
If chrony is in use on the system proper configuration is vital to ensuring time synchronization is working properly.
chrony is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. More information on chrony can be found at https://chrony-project.org/. Chrony can be configured to be a client and/or a server. To ensure that chronyd is running under chrony user account, remove any -u ... option from OPTIONS other than -u chrony, as chrony is run under its own user by default. This recommendation only applies if chrony is in use on the system.
If chrony is in use on the system proper configuration is vital to ensuring time synchronization is working properly.
Check that Chrony only has time sources configured with the server directive.
Depending on the infrastructure being used the pool directive may not be supported.
Chrony is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. More information on chrony can be found at https://chrony-project.org/. Chrony can be configured to be a client and/or a server. Add or edit server or pool lines to /etc/chrony.conf as appropriate:
server <remote-server>Multiple servers may be configured.
If chrony is in use on the system proper configuration is vital to ensuring time synchronization is working properly.
To properly set the group owner of /etc/chrony.keys
, run the command:
$ sudo chgrp root /etc/chrony.keys
The ownership of the /etc/chrony.keys file by the root group is important because this file hosts chrony cryptographic keys. Protection of this file is critical for system security. Assigning the ownership to root ensures exclusive control of the chrony cryptography keys.
To properly set the owner of /etc/chrony.keys
, run the command:
$ sudo chown root /etc/chrony.keys
The ownership of the /etc/chrony.keys file by the root user is important because this file hosts chrony cryptographic keys. Protection of this file is critical for system security. Assigning the ownership to root ensures exclusive control of the chrony cryptographic keys.
To properly set the permissions of /etc/chrony.keys
, run the command:
$ sudo chmod 0600 /etc/chrony.keys
Setting correct permissions on the /etc/chrony.keys file is important because this file hosts chrony cryptographic keys. Protection of this file is critical for system security. Assigning the correct mode ensures exclusive control of the chrony cryptographic keys.
System time should be synchronized between all systems in an environment. This is
typically done by establishing an authoritative time server or set of servers and having all
systems synchronize their clocks to them.
The chrony
package can be installed with the following command:
$ sudo dnf install chrony
Time synchronization is important to support time sensitive security mechanisms like Kerberos and also ensures log files have consistent time records across the enterprise, which aids in forensic investigations.
chrony is a daemon which implements the Network Time Protocol (NTP) is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. More information on chrony can be found at https://chrony-project.org/. Chrony can be configured to be a client and/or a server. To enable Chronyd service, you can run: # systemctl enable chronyd.service This recommendation only applies if chrony is in use on the system.
If chrony is in use on the system proper configuration is vital to ensuring time synchronization is working properly.