13.5.2. Using chronyc for Remote Administration
To configure
chrony to connect to a remote instance of
chronyd
, issue a command as
root
in the following format:
~]# chronyc -h
hostname
Where
hostname is the
hostname
of a system running
chronyd
to connect to in order to allow remote administration from that host. The default is to connect to the daemon on the localhost.
To configure
chrony to connect to a remote instance of
chronyd
on a non-default port, issue a command as
root
in the following format:
~]# chronyc -h
hostname -p
port
Where
port is the port in use for controlling and monitoring by the instance of
chronyd
to be connected to.
Note that commands issued at the chrony command prompt are not persistent. Only commands in the configuration file are persistent.
From the remote systems, the system administrator can issue commands after first using the
password
command, preceded by the
authhash
command if the key used a hash different from MD5, at the
chronyc command prompt as follows:
chronyc> password secretpasswordwithnospaces
200 OK
The password or hash associated with the command key for a remote system is best obtained by SSH
. An SSH
connection should be established to the remote machine and the ID of the command key from /etc/chrony.conf
and the command key in /etc/chrony.keys
memorized or stored securely for the duration of the session.