Maintaining accurate time on your server is crucial for many reasons, including proper logging, secure communication (e.g., SSL/TLS certificate validation), and consistent data synchronization across distributed systems. Ubuntu 24.04, like its predecessors, relies on NTP (Network Time Protocol) to keep your system’s clock precisely synchronized with global time servers. This Tutorial will guide you through the process of setting up NTP on your Ubuntu 24.04 machine.
First, it’s a good practice to update your package list to ensure you’re working with the latest information. Open your terminal and run:
“`bash
sudo apt update
“`
Ubuntu 24.04 typically uses `systemd-timesyncd` by default for time synchronization. While this service is generally sufficient for most users, `NTPsec` (or `Chrony` in some cases) offers more advanced features and precision, making it a preferred choice for servers where highly accurate time is critical. For this tutorial, we’ll focus on `NTPsec`, which is a hardened, secure implementation of NTP.
If `systemd-timesyncd` is running, you might want to stop and disable it before installing `NTPsec` to avoid conflicts:
“`bash
sudo timedatectl set-ntp no
sudo systemctl stop systemd-timesyncd
sudo systemctl disable systemd-timesyncd
“`
Now, let’s install the `ntpsec` package.
“`bash
sudo apt install ntpsec
“`
During the installation, `ntpsec` will automatically start and attempt to synchronize your system’s clock with default NTP servers.
To verify that `NTPsec` is running and synchronizing correctly, you can use the following commands:
Check the status of the `ntpsec` service:
“`bash
sudo systemctl status ntpsec
“`
You should see output indicating that the service is `active (running)`.
To check the synchronization status and see which NTP servers your system is currently using, use the `ntpq` command:
“`bash
ntpq -p
“`
This command will display a list of configured NTP servers, their reachability, and synchronization status. Look for a server marked with an asterisk (`*`) next to its `remote` address, which indicates the server currently being used for synchronization. A plus sign (`+`) indicates a good candidate server.
You can also check the overall time synchronization status with `timedatectl`:
“`bash
timedatectl
“`
This command will show you the current local time, universal time, RTC time, and importantly, whether NTP synchronization is active. Look for `NTP synchronized: yes`.
By default, `NTPsec` is configured to use a pool of public NTP servers. However, you might want to configure specific NTP servers, especially in an enterprise environment or if you prefer certain regional servers. The main configuration file for `NTPsec` is `/etc/ntpsec/ntp.conf`.
To edit the configuration file:
“`bash
sudo nano /etc/ntpsec/ntp.conf
“`
Inside this file, you’ll find lines starting with `pool` or `server`. You can comment out the default `pool` lines and add your preferred `server` entries. For example:
“`
# pool 0.ubuntu.pool.ntp.org iburst
# pool 1.ubuntu.pool.ntp.org iburst
# pool 2.ubuntu.pool.ntp.org iburst
# pool 3.ubuntu.pool.ntp.org iburst
server ntp.your-company.com iburst
server time.nist.gov iburst
“`
Replace `ntp.your-company.com` with your internal NTP server or choose other reliable public NTP servers. The `iburst` option speeds up the initial synchronization.
After making changes to the configuration file, you must restart the `ntpsec` service for the changes to take effect:
“`bash
sudo systemctl restart ntpsec
“`
Then, verify the synchronization status again using `ntpq -p` and `timedatectl`.
Setting up NTP on Ubuntu 24.04 is a straightforward process that ensures your server’s clock remains accurate and reliable. Whether you stick with the default `systemd-timesyncd` or opt for the more robust `NTPsec`, accurate time synchronization is a foundational element for a stable and secure server environment.
