Configuring NTP on Enterprise Linux

In this post we’ll configure Network Time Protocol services in our local network. NTP provides time synchronisation which is important for authentication services and single-signon which we’ll set up in a later post.

This post assumes you’ve already got an Enterprise Linux server setup. I’ll be using AlmaLinux that I installed in this post, although any RHEL variant should be similar. You’ll also need a second client machine that can communicate remotely with the NTP server. I’ve configured my primary EL machine with the hostname on a host-only network, and created a clone vm called Both virtual machines should be able to communicate with each other.<

I’m going to use the chronyd package for network time, which should be installed and running already, but let’s check first.

$ sudo dnf install chrony
$ sudo systemctl status chronyd.service

Configure chronyd on rhauth to accept NTP requests from the local network. First, confirm your rhauth server IP address and then change the allow line in /etc/chrony.conf to our network range. My IP address for rhauth is so the network address is

# Allow NTP client access from the local network

Open the firewall to allow NTP traffic.

$ sudo firewall-cmd --permanent --add-service=ntp
$ sudo firewall-cmd --reload
$ sudo systemctl restart chronyd

Next we can configure the rhclient server to use our time server.

On rhclient open the /etc/chrony.conf file and comment the existing pool servers at the top of the file and then add a line with the rhauth server IP.

# pool iburst
server iburst

Restart chronyd.

$ sudo systemctl restart chronyd.service

Make sure rhclient is using NTP and synchronising with rhauth.

$ sudo timedatectl set-ntp true
$ sudo chronyc sources -v

You should see the following output with your time server hostname at the bottom:

Now NTP should be configured using chronyd on rhauth and synchronised to rhclient. This is an essential step in setting up authentication services which will be covered next.

See also