ntp.keys.5 revision 315080 
1.Dd November 21 2016
2.Dt NTP_KEYS 5 File Formats
3.Os SunOS 5.10
4.\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
5.\"
6.\" $FreeBSD: stable/10/usr.sbin/ntp/doc/ntp.keys.5 315080 2017-03-11 17:57:22Z cy $
7.\"
8.\"  It has been AutoGen-ed  November 21, 2016 at 08:02:06 AM by AutoGen 5.18.5
9.\"  From the definitions    ntp.keys.def
10.\"  and the template file   agmdoc-file.tpl
11.Sh NAME
12.Nm ntp.keys
13.Nd NTP symmetric key file format
14.Sh SYNOPSIS
15.Nm
16.Op Fl \-option\-name
17.Op Fl \-option\-name Ar value
18.Pp
19All arguments must be options.
20.Pp
21.Sh DESCRIPTION
22This document describes the format of an NTP symmetric key file.
23For a description of the use of this type of file, see the
24.Qq Authentication Support
25section of the
26.Xr ntp.conf 5
27page.
28.Pp
29.Xr ntpd 8
30reads its keys from a file specified using the
31.Fl k
32command line option or the
33.Ic keys
34statement in the configuration file.
35While key number 0 is fixed by the NTP standard
36(as 56 zero bits)
37and may not be changed,
38one or more keys numbered between 1 and 65534
39may be arbitrarily set in the keys file.
40.Pp
41The key file uses the same comment conventions
42as the configuration file.
43Key entries use a fixed format of the form
44.Pp
45.D1 Ar keyno type key opt_IP_list
46.Pp
47where
48.Ar keyno
49is a positive integer (between 1 and 65534),
50.Ar type
51is the message digest algorithm,
52and
53.Ar key
54is the key itself, and
55.Ar opt_IP_list
56is an optional comma\-separated list of IPs
57that are allowed to serve time.
58If
59.Ar opt_IP_list
60is empty,
61any properly\-authenticated server message will be
62accepted.
63.Pp
64The
65.Ar key
66may be given in a format
67controlled by the
68.Ar type
69field.
70The
71.Ar type
72.Li MD5
73is always supported.
74If
75.Li ntpd
76was built with the OpenSSL library
77then any digest library supported by that library may be specified.
78However, if compliance with FIPS 140\-2 is required the
79.Ar type
80must be either
81.Li SHA
82or
83.Li SHA1 .
84.Pp
85What follows are some key types, and corresponding formats:
86.Pp
87.Bl -tag -width RMD160 -compact
88.It Li MD5
89The key is 1 to 16 printable characters terminated by
90an EOL,
91whitespace,
92or
93a
94.Li #
95(which is the "start of comment" character).
96.Pp
97.It Li SHA
98.It Li SHA1
99.It Li RMD160
100The key is a hex\-encoded ASCII string of 40 characters,
101which is truncated as necessary.
102.El
103.Pp
104Note that the keys used by the
105.Xr ntpq 8
106and
107.Xr ntpdc 8
108programs are checked against passwords
109requested by the programs and entered by hand,
110so it is generally appropriate to specify these keys in ASCII format.
111.Sh "OPTIONS"
112.Bl -tag
113.It Fl \-help
114Display usage information and exit.
115.It Fl \-more\-help
116Pass the extended usage information through a pager.
117.It Fl \-version Op Brq Ar v|c|n
118Output version of program and exit.  The default mode is `v', a simple
119version.  The `c' mode will print copyright information and `n' will
120print the full copyright notice.
121.El
122.Sh "OPTION PRESETS"
123Any option that is not marked as \fInot presettable\fP may be preset
124by loading values from environment variables named:
125.nf
126  \fBNTP_KEYS_<option\-name>\fP or \fBNTP_KEYS\fP
127.fi
128.ad
129.Sh "ENVIRONMENT"
130See \fBOPTION PRESETS\fP for configuration environment variables.
131.Sh FILES
132.Bl -tag -width /etc/ntp.keys -compact
133.It Pa /etc/ntp.keys
134the default name of the configuration file
135.El
136.Sh "EXIT STATUS"
137One of the following exit values will be returned:
138.Bl -tag
139.It 0 " (EXIT_SUCCESS)"
140Successful program execution.
141.It 1 " (EXIT_FAILURE)"
142The operation failed or the command syntax was not valid.
143.It 70 " (EX_SOFTWARE)"
144libopts had an internal operational error.  Please report
145it to autogen\-users@lists.sourceforge.net.  Thank you.
146.El
147.Sh "SEE ALSO"
148.Xr ntp.conf 5 ,
149.Xr ntpd 8 ,
150.Xr ntpdate 8 ,
151.Xr ntpdc 8 ,
152.Xr sntp 8
153.Sh "AUTHORS"
154The University of Delaware and Network Time Foundation
155.Sh "COPYRIGHT"
156Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
157This program is released under the terms of the NTP license, <http://ntp.org/license>.
158.Sh "BUGS"
159Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
160.Sh NOTES
161This document was derived from FreeBSD.
162.Pp
163This manual page was \fIAutoGen\fP\-erated from the \fBntp.keys\fP
164option definitions.
165