ntp.keys.5 revision 301256
1.Dd June 2 2016 2.Dt NTP_KEYS 5 File Formats 3.Os SunOS 5.10 4.\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) 5.\" 6.\" $FreeBSD: stable/10/usr.sbin/ntp/doc/ntp.keys.5 301256 2016-06-03 08:59:21Z delphij $ 7.\" 8.\" It has been AutoGen-ed June 2, 2016 at 07:36:20 AM by AutoGen 5.18.5 9.\" From the definitions ntp.keys.def 10.\" and the template file agmdoc-file.tpl 11.Sh NAME 12.Nm ntp.keys 13.Nd NTP symmetric key file format 14 15.Sh NAME 16.Nm ntp.keys 17.Nd NTP symmetric key file format 18.Sh SYNOPSIS 19.Nm 20.Op Fl \-option\-name 21.Op Fl \-option\-name Ar value 22.Pp 23All arguments must be options. 24.Pp 25.Sh DESCRIPTION 26This document describes the format of an NTP symmetric key file. 27For a description of the use of this type of file, see the 28.Qq Authentication Support 29section of the 30.Xr ntp.conf 5 31page. 32.Pp 33.Xr ntpd 8 34reads its keys from a file specified using the 35.Fl k 36command line option or the 37.Ic keys 38statement in the configuration file. 39While key number 0 is fixed by the NTP standard 40(as 56 zero bits) 41and may not be changed, 42one or more keys numbered between 1 and 65534 43may be arbitrarily set in the keys file. 44.Pp 45The key file uses the same comment conventions 46as the configuration file. 47Key entries use a fixed format of the form 48.Pp 49.D1 Ar keyno type key opt_IP_list 50.Pp 51where 52.Ar keyno 53is a positive integer (between 1 and 65534), 54.Ar type 55is the message digest algorithm, 56and 57.Ar key 58is the key itself, and 59.Ar opt_IP_list 60is an optional comma\-separated list of IPs 61that are allowed to serve time. 62If 63.Ar opt_IP_list 64is empty, 65any properly\-authenticated server message will be 66accepted. 67.Pp 68The 69.Ar key 70may be given in a format 71controlled by the 72.Ar type 73field. 74The 75.Ar type 76.Li MD5 77is always supported. 78If 79.Li ntpd 80was built with the OpenSSL library 81then any digest library supported by that library may be specified. 82However, if compliance with FIPS 140\-2 is required the 83.Ar type 84must be either 85.Li SHA 86or 87.Li SHA1 . 88.Pp 89What follows are some key types, and corresponding formats: 90.Pp 91.Bl -tag -width RMD160 -compact 92.It Li MD5 93The key is 1 to 16 printable characters terminated by 94an EOL, 95whitespace, 96or 97a 98.Li # 99(which is the "start of comment" character). 100.Pp 101.It Li SHA 102.It Li SHA1 103.It Li RMD160 104The key is a hex\-encoded ASCII string of 40 characters, 105which is truncated as necessary. 106.El 107.Pp 108Note that the keys used by the 109.Xr ntpq 8 110and 111.Xr ntpdc 8 112programs are checked against passwords 113requested by the programs and entered by hand, 114so it is generally appropriate to specify these keys in ASCII format. 115.Sh "OPTIONS" 116.Bl -tag 117.It Fl \-help 118Display usage information and exit. 119.It Fl \-more\-help 120Pass the extended usage information through a pager. 121.It Fl \-version Op Brq Ar v|c|n 122Output version of program and exit. The default mode is `v', a simple 123version. The `c' mode will print copyright information and `n' will 124print the full copyright notice. 125.El 126.Sh "OPTION PRESETS" 127Any option that is not marked as \fInot presettable\fP may be preset 128by loading values from environment variables named: 129.nf 130 \fBNTP_KEYS_<option\-name>\fP or \fBNTP_KEYS\fP 131.fi 132.ad 133.Sh "ENVIRONMENT" 134See \fBOPTION PRESETS\fP for configuration environment variables. 135.Sh FILES 136.Bl -tag -width /etc/ntp.keys -compact 137.It Pa /etc/ntp.keys 138the default name of the configuration file 139.El 140.Sh "EXIT STATUS" 141One of the following exit values will be returned: 142.Bl -tag 143.It 0 " (EXIT_SUCCESS)" 144Successful program execution. 145.It 1 " (EXIT_FAILURE)" 146The operation failed or the command syntax was not valid. 147.It 70 " (EX_SOFTWARE)" 148libopts had an internal operational error. Please report 149it to autogen\-users@lists.sourceforge.net. Thank you. 150.El 151.Sh "SEE ALSO" 152.Xr ntp.conf 5 , 153.Xr ntpd 8 , 154.Xr ntpdate 8 , 155.Xr ntpdc 8 , 156.Xr sntp 8 157.Sh "AUTHORS" 158The University of Delaware and Network Time Foundation 159.Sh "COPYRIGHT" 160Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved. 161This program is released under the terms of the NTP license, <http://ntp.org/license>. 162.Sh "BUGS" 163Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org 164.Sh NOTES 165This document was derived from FreeBSD. 166.Pp 167This manual page was \fIAutoGen\fP\-erated from the \fBntp.keys\fP 168option definitions. 169