| invoke-ntp-keygen.texi (330106) | invoke-ntp-keygen.texi (338530) |
|---|---|
| 1@node ntp-keygen Invocation 2@section Invoking ntp-keygen 3@pindex ntp-keygen 4@cindex Create a NTP host key 5@ignore 6# 7# EDIT THIS FILE WITH CAUTION (invoke-ntp-keygen.texi) 8# | 1@node ntp-keygen Invocation 2@section Invoking ntp-keygen 3@pindex ntp-keygen 4@cindex Create a NTP host key 5@ignore 6# 7# EDIT THIS FILE WITH CAUTION (invoke-ntp-keygen.texi) 8# |
| 9# It has been AutoGen-ed February 27, 2018 at 05:15:57 PM by AutoGen 5.18.5 | 9# It has been AutoGen-ed August 14, 2018 at 08:30:35 AM by AutoGen 5.18.5 |
| 10# From the definitions ntp-keygen-opts.def 11# and the template file agtexi-cmd.tpl 12@end ignore 13 14 15 16This program generates cryptographic data files used by the NTPv4 17authentication and identification schemes. --- 925 unchanged lines hidden (view full) --- 943Figure 1 shows a typical symmetric keys file used by the reference 944implementation. 945Following the header the keys are entered one per line in the format 946@example 947@kbd{keyno} @kbd{type} @kbd{key} 948@end example 949where 950@kbd{keyno} | 10# From the definitions ntp-keygen-opts.def 11# and the template file agtexi-cmd.tpl 12@end ignore 13 14 15 16This program generates cryptographic data files used by the NTPv4 17authentication and identification schemes. --- 925 unchanged lines hidden (view full) --- 943Figure 1 shows a typical symmetric keys file used by the reference 944implementation. 945Following the header the keys are entered one per line in the format 946@example 947@kbd{keyno} @kbd{type} @kbd{key} 948@end example 949where 950@kbd{keyno} |
| 951is a positive integer in the range 1-65534; | 951is a positive integer in the range 1-65535; |
| 952@kbd{type} 953is the key type for the message digest algorithm, which in the absence of the 954OpenSSL library must be 955@code{MD5} 956to designate the MD5 message digest algorithm; 957if the OpenSSL library is installed, the key type can be any 958message digest algorithm supported by that library; 959however, if compatibility with FIPS 140-2 is required, --- 91 unchanged lines hidden (view full) --- 1051the usage text by passing it through a pager program. 1052@code{more-help} is disabled on platforms without a working 1053@code{fork(2)} function. The @code{PAGER} environment variable is 1054used to select the program, defaulting to @file{more}. Both will exit 1055with a status code of 0. 1056 1057@exampleindent 0 1058@example | 952@kbd{type} 953is the key type for the message digest algorithm, which in the absence of the 954OpenSSL library must be 955@code{MD5} 956to designate the MD5 message digest algorithm; 957if the OpenSSL library is installed, the key type can be any 958message digest algorithm supported by that library; 959however, if compatibility with FIPS 140-2 is required, --- 91 unchanged lines hidden (view full) --- 1051the usage text by passing it through a pager program. 1052@code{more-help} is disabled on platforms without a working 1053@code{fork(2)} function. The @code{PAGER} environment variable is 1054used to select the program, defaulting to @file{more}. Both will exit 1055with a status code of 0. 1056 1057@exampleindent 0 1058@example |
| 1059ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.7p245 1060USAGE: ntp-keygen [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... | 1059ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p12 1060Usage: ntp-keygen [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... |
| 1061 Flg Arg Option-Name Description | 1061 Flg Arg Option-Name Description |
| 1062 -b Num imbits identity modulus bits 1063 - it must be in the range: 1064 256 to 2048 |
|
| 1062 -c Str certificate certificate scheme 1063 -C Str cipher privatekey cipher 1064 -d no debug-level Increase debug verbosity level 1065 - may appear multiple times | 1065 -c Str certificate certificate scheme 1066 -C Str cipher privatekey cipher 1067 -d no debug-level Increase debug verbosity level 1068 - may appear multiple times |
| 1066 -D Str set-debug-level Set the debug verbosity level | 1069 -D Num set-debug-level Set the debug verbosity level |
| 1067 - may appear multiple times 1068 -e no id-key Write IFF or GQ identity keys 1069 -G no gq-params Generate GQ parameters and keys 1070 -H no host-key generate RSA host key 1071 -I no iffkey generate IFF parameters 1072 -i Str ident set Autokey group name 1073 -l Num lifetime set certificate lifetime | 1070 - may appear multiple times 1071 -e no id-key Write IFF or GQ identity keys 1072 -G no gq-params Generate GQ parameters and keys 1073 -H no host-key generate RSA host key 1074 -I no iffkey generate IFF parameters 1075 -i Str ident set Autokey group name 1076 -l Num lifetime set certificate lifetime |
| 1074 -M no md5key generate MD5 keys 1075 -m Num modulus modulus 1076 - It must be in the range: | 1077 -m Num modulus prime modulus 1078 - it must be in the range: |
| 1077 256 to 2048 | 1079 256 to 2048 |
| 1080 -M no md5key generate symmetric keys |
|
| 1078 -P no pvt-cert generate PC private certificate | 1081 -P no pvt-cert generate PC private certificate |
| 1079 -p Str pvt-passwd output private password 1080 -q Str get-pvt-passwd input private password 1081 -S Str sign-key generate sign key (RSA or DSA) | 1082 -p Str password local private password 1083 -q Str export-passwd export IFF or GQ group keys with password |
| 1082 -s Str subject-name set host and optionally group name | 1084 -s Str subject-name set host and optionally group name |
| 1085 -S Str sign-key generate sign key (RSA or DSA) |
|
| 1083 -T no trusted-cert trusted certificate (TC scheme) 1084 -V Num mv-params generate <num> MV parameters 1085 -v Num mv-keys update <num> MV keys | 1086 -T no trusted-cert trusted certificate (TC scheme) 1087 -V Num mv-params generate <num> MV parameters 1088 -v Num mv-keys update <num> MV keys |
| 1086 opt version Output version information and exit 1087 -? no help Display extended usage information and exit 1088 -! no more-help Extended usage information passed thru pager 1089 -> opt save-opts Save the option state to a config file 1090 -< Str load-opts Load options from a config file 1091 - disabled as --no-load-opts | 1089 opt version output version information and exit 1090 -? no help display extended usage information and exit 1091 -! no more-help extended usage information passed thru pager 1092 -> opt save-opts save the option state to a config file 1093 -< Str load-opts load options from a config file 1094 - disabled as '--no-load-opts' |
| 1092 - may appear multiple times 1093 1094Options are specified by doubled hyphens and their name or by a single 1095hyphen and the flag character. 1096 1097 | 1095 - may appear multiple times 1096 1097Options are specified by doubled hyphens and their name or by a single 1098hyphen and the flag character. 1099 1100 |
| 1098 | |
| 1099The following option preset mechanisms are supported: 1100 - reading file $HOME/.ntprc 1101 - reading file ./.ntprc 1102 - examining environment variables named NTP_KEYGEN_* 1103 | 1101The following option preset mechanisms are supported: 1102 - reading file $HOME/.ntprc 1103 - reading file ./.ntprc 1104 - examining environment variables named NTP_KEYGEN_* 1105 |
| 1104please send bug reports to: http://bugs.ntp.org, bugs@@ntp.org | 1106Please send bug reports to: <http://bugs.ntp.org, bugs@@ntp.org> |
| 1105@end example 1106@exampleindent 4 1107 1108@node ntp-keygen imbits 1109@subsection imbits option (-b) 1110@cindex ntp-keygen-imbits 1111 1112This is the ``identity modulus bits'' option. --- 411 unchanged lines hidden --- | 1107@end example 1108@exampleindent 4 1109 1110@node ntp-keygen imbits 1111@subsection imbits option (-b) 1112@cindex ntp-keygen-imbits 1113 1114This is the ``identity modulus bits'' option. --- 411 unchanged lines hidden --- |