InformationSystem time should be synchronized between all systems in an environment. This is typically done by establishing an authoritative time server or set of servers and having all systems synchronize their clocks to them.
Time synchronization is important to support time sensitive security mechanisms like Kerberos and also ensures log files have consistent time records across the enterprise, which aids in forensic investigations.
SolutionOn physical systems or virtual systems where host based time synchronization is not available install NTP or chrony using the appropriate package manager or manual installation:
To install chrony:
Run one of the folloing commands:
# yum install chrony
To install ntp:
Run one of the following commands:
# yum install ntp
On virtual systems where host based time synchronization is available consult your virtualization software documentation and setup host based synchronization.
systemd-timesyncd is part of systemd. Some versions of systemd have been compiled without systemd-timesycnd. On these distributions, chrony or NTP should be used instead of systemd-timesycnd.
This Benchmark recommendation maps to:
Red Hat Enterprise Linux 7 Security Technical Implementation Guide:
Version 2, Release: 3 Benchmark Date: 26 Apr 2019
Vul ID: V-72269
Rule ID: SV-86893r4_rule
STIG ID: RHEL-07-040500
Severity: CAT II