Time is important on servers, especially mission-critical ones. You, as system administrator have to make sure that the time on all of your servers is correct. You can use NTP to sync time on your server to NTP server. Using NTP will ensure that all your servers have the same time and if time drift happened it will be synced again. NTP protocol uses User Datagram Protocol (UDP) port 123, quite easy to remember.
There are four types of NTP servers, it uses a hierarchical system called stratum, from stratum 0 to stratum 3. Stratum 0 is not connected to network. It connects an atomic clock to a computer via RS-232 port. NTP Server on stratum 0 is the main source of clock. It will make sure that time is correct including leap second. Stratum 1 connects and syncs time to a Stratum 0 server. Stratum 2 connects to Stratum 2 to sync time, and stratum 3 servers sync time to stratum 2 servers. From security perspective NTP is quite secure, for the 25 years of its life, only a few security bugs have been found. No known high-risk vulnerabilities for the current release of the software.
First, you can clean all yum cache :
# yum clean all
Re-download yum metadata :
# yum check-update
Install NTP Daemon
# yum install ntp
Make sure of NTP running on startup on all runlevel
# chkconfig --level 2345 ntpd on
You can use the default NTP server provided by CentOS or add an NTP server closer to you. A closer NTP server will better sync time on your server. You can go to http://www.pool.ntp.org/en/ to know NTP servers that are close to you. For example, I live in Indonesia, I go to http://www.pool.ntp.org/zone/id and add the NTP servers listed on that page on my configuration file.
The NTP configuration file is located at
/etc/ntp.conf. I search using the following lines :
server 0.centos.pool.ntp.org server 1.centos.pool.ntp.org server 2.centos.pool.ntp.org
and change it with:
# Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). server 0.id.pool.ntp.org server 1.id.pool.ntp.org server 2.id.pool.ntp.org server 3.id.pool.ntp.org
Please make sure you choose an NTP server located on your country or closer to your country. But, of course you can still leave the NTP servers value in the default value. Before we start the NTP daemon, we do sync time for the first time
# ntpd -q
Start NTP Daemon
# service ntpd start
To print the current state of known peers, you can use
[[email protected] ~]# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== ntp.idsirtii.or 188.8.131.52 3 u 6 64 1 5.789 43.221 0.000 184.108.40.206 220.127.116.11 2 u 5 64 1 9.400 41.914 0.000 ip-243-189.data .INIT. 16 u - 64 0 0.000 0.000 0.000 toliman.radsby. 18.104.22.168 3 u 3 64 1 23.179 35.505 0.000
Hope this tutorial is useful. Have a nice day!