diff --git a/sw/buildroot_overlay/etc/default/chrony b/sw/buildroot_overlay/etc/default/chrony
index 20ea86a..7403a3c 100644
--- a/sw/buildroot_overlay/etc/default/chrony
+++ b/sw/buildroot_overlay/etc/default/chrony
@@ -1,3 +1,7 @@
-# Disable chrony (NTP client)
+# Only start Chrony if an NTP server is configured.
+
+if [ ! -f /etc/chrony/sources.d/ntp.sources ]; then
+    echo "NTP server not configured, not starting chrony."
+    exit 1
+fi
 
-exit
diff --git a/sw/buildroot_overlay/etc/init.d/S03read_config.sh b/sw/buildroot_overlay/etc/init.d/S03read_config.sh
index 04ae8f1..32bff6d 100755
--- a/sw/buildroot_overlay/etc/init.d/S03read_config.sh
+++ b/sw/buildroot_overlay/etc/init.d/S03read_config.sh
@@ -25,12 +25,23 @@ copy_ssh_host_key() {
     chmod 0600 /etc/dropbear/dropbear_ed25519_host_key || true
 }
 
+# Take NTP server from configuration partition.
+copy_ntp_server() {
+
+    # If an NTP server is configured, copy it to Chrony configuration.
+    if [ -s ${CONFIG_DIR}/ntp.sources ]; then
+        mkdir -p /etc/chrony/sources.d
+        cp -p ${CONFIG_DIR}/ntp.sources /etc/chrony/sources.d
+    fi
+}
+
 case "$1" in
   start)
     echo "Reading configuration files from SD card ..."
     lock_config || exit 1
     read_config || exit 1
     copy_ssh_host_key
+    copy_ntp_server
     ;;
   stop|restart|reload)
     true
diff --git a/sw/buildroot_overlay/opt/puzzlefw/bin/puzzle-ntpcfg b/sw/buildroot_overlay/opt/puzzlefw/bin/puzzle-ntpcfg
new file mode 100755
index 0000000..8104ccb
--- /dev/null
+++ b/sw/buildroot_overlay/opt/puzzlefw/bin/puzzle-ntpcfg
@@ -0,0 +1,171 @@
+#!/bin/sh
+#
+# Manage NTP configuration.
+#
+
+. /opt/puzzlefw/lib/functions.sh
+
+# Show current configuration.
+ntpcfg_show() {
+
+    echo "Active NTP configuration:"
+    if [ -s /etc/chrony/sources.d/ntp.sources ]; then
+        cat /etc/chrony/sources.d/ntp.sources
+    else
+        echo "disabled"
+    fi
+    echo
+
+    echo "Saved NTP configuration:"
+    if [ -s ${CONFIG_DIR}/ntp.sources ]; then
+        cat ${CONFIG_DIR}/ntp.sources
+    else
+        echo "disabled"
+    fi
+    echo
+}
+
+# Check that parameter is a well-formed IPv4 address.
+check_ipaddr() {
+    IFS="." read a b c d <<EOF
+$1
+EOF
+    for i in "$a" "$b" "$c" "$d" ; do
+        if ! [ "$i" -ge 0 -a "$i" -le 255 ]; then
+            echo "ERROR: Invalid IP address '$1'" >&2
+            exit 1
+        fi
+    done
+}
+
+# Configure and enable Chrony.
+ntpcfg_server() {
+
+    if [ "$1" != "server" ]; then
+        echo "ERROR: Invalid command '$1'" >&2
+        exit 1
+    fi
+
+    NTPSERVER="$2"
+
+    if [ -z "$NTPSERVER" ]; then
+        echo "ERROR: Server IP address not specified" >&2
+        exit 1
+    fi
+
+    check_ipaddr "$NTPSERVER"
+
+    POLLOPTS=""
+
+    if [ "$#" -gt 2 ]; then
+
+        if [ "$3" != "poll" ]; then
+            echo "ERROR: Unknown option '$3'" >&2
+            exit 1
+        fi
+
+	POLLINT="$4"
+
+        if [ -z "$POLLINT" ]; then
+            echo "ERROR: Poll interval not specified" >&2
+            exit 1
+        fi
+
+        if ! [ "$POLLINT" -ge "-1" -a "$POLLINT" -le "10" ]; then
+            echo "ERROR: Invalid poll interval '$POLLINT', must be between -1 and 10" >&2
+            exit 1
+        fi
+
+        POLLOPTS="minpoll $POLLINT maxpoll $POLLINT"
+
+        if [ "$#" -gt 4 ]; then
+            echo "ERROR: Unexpected option '$5'" >&2
+            exit 1
+        fi
+
+    fi
+
+    # Lock to avoid conflicting changes.
+    lock_config || exit 1
+
+    echo "Configuring Chrony to start on boot with server $NTPSERVER ..."
+
+    SERVERLINE="server $NTPSERVER $POLLOPTS iburst prefer"
+    echo "$SERVERLINE" > ${CONFIG_DIR}/ntp.sources.new
+
+    sync_config ntp.sources || exit 1
+
+    mkdir -p /etc/chrony/sources.d
+    cp -p ${CONFIG_DIR}/ntp.sources /etc/chrony/sources.d
+
+    echo
+    echo "New NTP configuration:"
+    cat /etc/chrony/sources.d/ntp.sources
+    echo
+ 
+    echo "Restarting Chrony ..."
+    /etc/init.d/S49chrony restart
+}
+
+# Disable starting Chrony during boot.
+ntpcfg_disable() {
+
+    # Lock to avoid conflicting changes.
+    lock_config || exit 1
+
+    echo "Disabling Chrony startup on boot ..."
+
+    echo -n "" > ${CONFIG_DIR}/ntp.sources.new
+    sync_config ntp.sources || exit 1
+
+    echo "Stopping Chrony ..."
+    /etc/init.d/S49chrony stop
+
+    rm -f /etc/chrony/sources.d/ntp.sources
+}
+
+case "$1" in
+  show)
+    ntpcfg_show
+    ;;
+  server)
+    ntpcfg_server "$@"
+    ;;
+  disable)
+    ntpcfg_disable
+    ;;
+  *)
+    script="${0##*/}"
+    cat <<EOF
+Usage: $script {server|disable|show}
+
+Manage NTP server configuration.
+
+  $script server {IP-address} [poll N]
+    Enable starting Chrony during boot and specify NTP server to use.
+
+    Optionally, the poll interval can be specified as a power of 2 in seconds,
+    for example "poll 5" means a polling interval of 32 seconds. By default,
+    the poll interval starts at 6 (64 seconds) and slowly steps up to
+    10 (1024 seconds).
+
+    Sub-millisecond accuracy can be achieved with an NTP server in the local
+    network and "poll 0" (poll each second).
+
+    Do not use a poll interval shorter than 64 seconds unless the NTP server
+    is in the local network. Doing this with a public NTP server is
+    considered abuse.
+
+  $script disable
+    Disable starting Chrony during boot and stop Chrony if it was running.
+
+  $script show
+    Display NTP configuration.
+
+EOF
+    exit 1
+    ;;
+esac
+
+exit $?
+
diff --git a/sw/buildroot_overlay/opt/puzzlefw/lib/functions.sh b/sw/buildroot_overlay/opt/puzzlefw/lib/functions.sh
index 26f52d9..69e98fe 100644
--- a/sw/buildroot_overlay/opt/puzzlefw/lib/functions.sh
+++ b/sw/buildroot_overlay/opt/puzzlefw/lib/functions.sh
@@ -33,6 +33,7 @@ read_config() {
 
     # Copy config files to RAM filesystem.
     cp -a ${CONFIG_MOUNTPOINT}/*.conf $CONFIG_DIR || true
+    cp -a ${CONFIG_MOUNTPOINT}/ntp.sources $CONFIG_DIR || true
     cp -a ${CONFIG_MOUNTPOINT}/dropbear_* $CONFIG_DIR || true
 
     umount $CONFIG_MOUNTPOINT