Debian Linux Manual NTP Time Synchronization and Verification

How to get your system clock NTP synced so you don’t have to hear a disjointed FT8 symphony any more.

Ntpd is a very fancy tool used to automatically keep the system clock in check in its default configuration but that doesn’t mean that your system time is adequately in sync enough to work synchronous amateur radio modes like FT8. Ntpd will sync the system clock on system startup but the longer the computer stays powered on, the more the clock will drift, and the acceptable drift in ntpd is, while rare, potentially greater than what FT8 can cope with.

The following is a tutorial-esque collection of terminal commands to get the post objective achieved. If you know what you are doing just skip ahead to the script and take a look. I encourage people to modify the script as they like. The script is set at a default delta of 60ms but in reality, a time difference of up to about 0.9 seconds is still able to be decoded in FT8.

First things first, lets make sure our system is up to date and that we have ntpd installed. Ntpd should be installed by default but you may have had a lapse in judgement and installed timesyncd at some point. Some of these commands require elevated privileges so make sure you’re in the sudoers file before running sudo or it will not work.

sudo apt update && sudo apt -y upgrade
sudo apt -y install ntp
sudo systemctl enable ntp.service

Next, lets verify our timezone is set correctly. Make sure to set the zone to your zone based on the entry returned to you by the first command.

timedatectl list-timezones
sudo timedatectl set-timezone America/Los_Angeles

Let’s now install a nifty tool from the iputils package called clockdiff. Clockdiff, another fancy time tool, allows us to specify an IP address or FQDN to compare our system time with another computer based on ICMP timestamp requests down to millisecond resolution. You can read about it more here in the man page.

sudo apt install -y iputils-clockdiff

I’ve written a simple shell script for us to use to check our system clock against the server when we suspect that our time is off. If their server isn’t in sync we’ve all got bigger problems. If you receive a message from clockdiff saying that the address is down you’ve likely incurred a temporary rate limit ban for having run the command too many times or there is something wrong with your network connection. Please be nice to other’s servers and don’t just spam this script. As it is, I’ve added a check to make sure that the script isn’t run more than once every five minutes. When the script detects our system time has drifted more than 60ms, it will try to sync our system clock by restarting the ntpd service. If you want to try other servers, select an address from this list. I’ve had good luck with the NIST server run out of University of Colorado Boulder. Keep in mind this warning from NIST Internet Time Services.

All users should ensure that their software NEVER queries a server more frequently than once every 4 seconds. Systems that exceed this rate will be refused service. In extreme cases, systems that exceed this limit may be considered as attempting a denial-of-service attack. – NIST Internet Time Service

Additionally ICMP timestamp request tomfoolery is long known from an infosec perspective. You may be banned from some servers for requesting the timestamp too often. It’s also often a feature that has been flat out disabled so this may not work properly in the future.

checktime () {
    diffnow=$(sudo clockdiff $server | awk '{print $2}')
    if [ -z "$diffnow" ]; then
            if ((${diffnow#-} < maxdiffms)); then
                echo "Meh, good enough."
                echo "Drift detected, syncing time."
                sudo systemctl restart ntp.service
if [ ! -f "$tmpfile" ]; then
    touch $tmpfile
    lastchecked=$(date +%s -r $tmpfile)
    timenow=$(date +%s)
    if ((timenow-lastchecked<300)); then
        echo "Wait a little longer."
        touch $tmpfile

Run the commands below and copy the above contents into nano when it pops open and close it by typing [ctrl]+’x’, pressing [y], and hitting [enter].

cd ~
mkdir .scripts
echo "export PATH="/home/$USER/.scripts:$PATH"" >> .bashrc
nano .scripts/ts
chmod +x .scripts/ts

I could have just added this all in github and made an installation script but then you probably wouldn’t have been responsible or payed attention to what was happening. Now that the script has been added and given the appropriate permissions, and the ~/.scripts folder has been added to $PATH, the next time you start a shell session you should be able to run the script by typing ‘ts’ in the terminal window. The script returns, “Meh, good enough,” if the time is within the specified delta or, “Drift detected, syncing time,” if it isn’t. Some of the commands in the script require elevated privileges to complete. If your privilege hasn’t already been escalated through a previously typed ‘sudo’ command during the session, the OS will prompt you for your password.

You can verify that the tool works by setting your clock off by a few seconds and running the script.

sudo date -s '0.5 seconds ago'

If you have any trouble, just get in touch through the usual means. If you’re a licensed amateur radio operator, it shouldn’t be hard to reach out.