A few days ago the release of the new version of the Chrony 4.2 project, which provides independent implementation of an NTP client and server which is used to synchronize exact time on a variety of Linux distributions, including Fedora, Ubuntu, SUSE / openSUSE, and RHEL / CentOS.
The program supports the NTPv4 specification (RFC 5905) and the NTS (Network Time Security) protocol, which uses Public Key Infrastructure Elements (PKI) and enables the use of TLS and Authenticated Encryption with Associated Data (AEAD) for cryptographic protection of time and synchronization .
Table of Contents
About Chrony 4.2
To get the exact time data, both external NTP servers and reference clocks can be used, for example, based on GPS receivers, when using which precision can be achieved at the level of fractions of a microsecond.
The project was originally designed to function properly in unstable environments, including unreliable networks with disconnected connections, high latency and packet loss, work on virtual machines, and systems with varying temperatures (temperature affects hardware clock operation).
Typical precision between two machines synchronized over the Internet is a few milliseconds; on a LAN, the precision is typically tens of microseconds. With the hardware timestamp or a hardware reference clock, an accuracy of less than microseconds may be possible.
Two programs are included in chrony, chronyd is a daemon that can be started at boot time, and chronyc is a command line interface program that can be used to monitor chrony for performance and change various operational parameters while it is running.
Main new features of Chrony 4.2
In this new version of Chrony 4.2 added experimental support for a field that extends the capabilities of the protocol NTPv4 and is used to improve timing stability, as well as to reduce delays and value spread.
It is also mentioned in the announcement that added experimental support for NTP forwarding about the Precision Time Protocol (PTP).
Also in the server collation mode this has been improved to improve reliability, in addition to adding collation statistics to the server statistics report.
The implementation of NTS adds support for the AES-CMAC encryption algorithm and the ability to use GnuTLS hash functions.
Another novelty that stands out is the compatibility with the Solaris operating environment, as in this new version it has been translated as the reference for the Illumos project, which continues to evolve the kernel, networking stack, file systems, drivers, libraries, and core set of OpenSolaris system utilities. For Illumos, it implemented disabling kernel clock settings.
Of the other changes that stand out in this new version:
- Improved support for multiple clients behind a single address translator (NAT).
- Updated system call filter based on seccomp mechanism.
Finally, if you are interested in knowing more about it of this new version of Chrony 4.2 you can check the details In the following link.
How to install Chrony 4.2 on Linux?
For those who are interested in being able to install this utility on their system, they can do so by following the instructions we share below.
If you are a user of Debian, Ubuntu or any derivative of these, you can install by opening a terminal and typing the following command in it:
sudo apt install chrony
Now if you are a user of CentOS, RHEL or any distribution that is based on these, the command to use is the following:
sudo yum -y install chrony
In the case of those who are Fedora users, the utility can be installed by typing:
sudo dnf -y install chrony
While for those who are users of Arch Linux, Manjaro, Arco Linux or any other distribution based on Arch Linux, they can install with:
sudo pacman -S chrony