ntp.keys.5 revision 315080
1.Dd November 21 2016 2.Dt NTP_KEYS 5 File Formats 3.Os SunOS 5.10 4.\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) 5.\" 6.\" $FreeBSD: stable/10/usr.sbin/ntp/doc/ntp.keys.5 315080 2017-03-11 17:57:22Z cy $ 7.\" 8.\" It has been AutoGen-ed November 21, 2016 at 08:02:06 AM by AutoGen 5.18.5 9.\" From the definitions ntp.keys.def 10.\" and the template file agmdoc-file.tpl 11.Sh NAME 12.Nm ntp.keys 13.Nd NTP symmetric key file format 14.Sh SYNOPSIS 15.Nm 16.Op Fl \-option\-name 17.Op Fl \-option\-name Ar value 18.Pp 19All arguments must be options. 20.Pp 21.Sh DESCRIPTION 22This document describes the format of an NTP symmetric key file. 23For a description of the use of this type of file, see the 24.Qq Authentication Support 25section of the 26.Xr ntp.conf 5 27page. 28.Pp 29.Xr ntpd 8 30reads its keys from a file specified using the 31.Fl k 32command line option or the 33.Ic keys 34statement in the configuration file. 35While key number 0 is fixed by the NTP standard 36(as 56 zero bits) 37and may not be changed, 38one or more keys numbered between 1 and 65534 39may be arbitrarily set in the keys file. 40.Pp 41The key file uses the same comment conventions 42as the configuration file. 43Key entries use a fixed format of the form 44.Pp 45.D1 Ar keyno type key opt_IP_list 46.Pp 47where 48.Ar keyno 49is a positive integer (between 1 and 65534), 50.Ar type 51is the message digest algorithm, 52and 53.Ar key 54is the key itself, and 55.Ar opt_IP_list 56is an optional comma\-separated list of IPs 57that are allowed to serve time. 58If 59.Ar opt_IP_list 60is empty, 61any properly\-authenticated server message will be 62accepted. 63.Pp 64The 65.Ar key 66may be given in a format 67controlled by the 68.Ar type 69field. 70The 71.Ar type 72.Li MD5 73is always supported. 74If 75.Li ntpd 76was built with the OpenSSL library 77then any digest library supported by that library may be specified. 78However, if compliance with FIPS 140\-2 is required the 79.Ar type 80must be either 81.Li SHA 82or 83.Li SHA1 . 84.Pp 85What follows are some key types, and corresponding formats: 86.Pp 87.Bl -tag -width RMD160 -compact 88.It Li MD5 89The key is 1 to 16 printable characters terminated by 90an EOL, 91whitespace, 92or 93a 94.Li # 95(which is the "start of comment" character). 96.Pp 97.It Li SHA 98.It Li SHA1 99.It Li RMD160 100The key is a hex\-encoded ASCII string of 40 characters, 101which is truncated as necessary. 102.El 103.Pp 104Note that the keys used by the 105.Xr ntpq 8 106and 107.Xr ntpdc 8 108programs are checked against passwords 109requested by the programs and entered by hand, 110so it is generally appropriate to specify these keys in ASCII format. 111.Sh "OPTIONS" 112.Bl -tag 113.It Fl \-help 114Display usage information and exit. 115.It Fl \-more\-help 116Pass the extended usage information through a pager. 117.It Fl \-version Op Brq Ar v|c|n 118Output version of program and exit. The default mode is `v', a simple 119version. The `c' mode will print copyright information and `n' will 120print the full copyright notice. 121.El 122.Sh "OPTION PRESETS" 123Any option that is not marked as \fInot presettable\fP may be preset 124by loading values from environment variables named: 125.nf 126 \fBNTP_KEYS_<option\-name>\fP or \fBNTP_KEYS\fP 127.fi 128.ad 129.Sh "ENVIRONMENT" 130See \fBOPTION PRESETS\fP for configuration environment variables. 131.Sh FILES 132.Bl -tag -width /etc/ntp.keys -compact 133.It Pa /etc/ntp.keys 134the default name of the configuration file 135.El 136.Sh "EXIT STATUS" 137One of the following exit values will be returned: 138.Bl -tag 139.It 0 " (EXIT_SUCCESS)" 140Successful program execution. 141.It 1 " (EXIT_FAILURE)" 142The operation failed or the command syntax was not valid. 143.It 70 " (EX_SOFTWARE)" 144libopts had an internal operational error. Please report 145it to autogen\-users@lists.sourceforge.net. Thank you. 146.El 147.Sh "SEE ALSO" 148.Xr ntp.conf 5 , 149.Xr ntpd 8 , 150.Xr ntpdate 8 , 151.Xr ntpdc 8 , 152.Xr sntp 8 153.Sh "AUTHORS" 154The University of Delaware and Network Time Foundation 155.Sh "COPYRIGHT" 156Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved. 157This program is released under the terms of the NTP license, <http://ntp.org/license>. 158.Sh "BUGS" 159Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org 160.Sh NOTES 161This document was derived from FreeBSD. 162.Pp 163This manual page was \fIAutoGen\fP\-erated from the \fBntp.keys\fP 164option definitions. 165