2.2.1.2 Ensure chrony is configured - NTP server

Information

chrony is a daemon which implements the Network Time Protocol (NTP) and is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. More information on chrony can be found at http://chrony.tuxfamily.org/. chrony can be configured to be a client and/or a server.

Rationale:

If chrony is in use on the system proper configuration is vital to ensuring time synchronization is working properly.

Note: This recommendation only applies if chrony is in use on the system.

Solution

Add or edit server or pool lines to /etc/chrony.conf as appropriate:

server <remote-server>

Add or edit the OPTIONS in /etc/sysconfig/chronyd to include '-u chrony':

OPTIONS='-u chrony'

See Also

https://workbench.cisecurity.org/files/3152

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-8, CSCv6|6.1, CSCv7|6.1

Plugin: Unix

Control ID: 45edd19d9a8213d6adeb9ef1df8d95b75d2e928e2a18436b8546485e2ae8d898