1.TH ntp.keys 5 "07 Jan 2016" "4.2.8p5" "File Formats"
| 1.TH ntp.keys 5 "20 Jan 2016" "4.2.8p6" "File Formats"
|
2.\" 3.\" EDIT THIS FILE WITH CAUTION (ntp.man) 4.\"
| 2.\" 3.\" EDIT THIS FILE WITH CAUTION (ntp.man) 4.\"
|
5.\" It has been AutoGen-ed January 7, 2016 at 11:30:41 PM by AutoGen 5.18.5
| 5.\" It has been AutoGen-ed January 20, 2016 at 04:17:51 AM by AutoGen 5.18.5
|
6.\" From the definitions ntp.keys.def 7.\" and the template file agman-file.tpl 8.Sh NAME 9.Nm ntp.keys 10.Nd NTP symmetric key file format 11 12.\" 13.SH NAME 14ntp.keys \- NTP symmetric key file format configuration file 15.de1 NOP 16. it 1 an-trap 17. if \\n[.$] \,\\$*\/ 18.. 19.ie t \ 20.ds B-Font [CB] 21.ds I-Font [CI] 22.ds R-Font [CR] 23.el \ 24.ds B-Font B 25.ds I-Font I 26.ds R-Font R 27.SH SYNOPSIS 28\f\*[B-Font]\fP 29[\f\*[B-Font]\-\-option-name\f[]] 30[\f\*[B-Font]\-\-option-name\f[] \f\*[I-Font]value\f[]] 31.sp \n(Ppu 32.ne 2 33 34All arguments must be options. 35.sp \n(Ppu 36.ne 2 37 38.SH DESCRIPTION 39This document describes the format of an NTP symmetric key file. 40For a description of the use of this type of file, see the 41"Authentication Support" 42section of the 43\fCntp.conf\f[]\fR(5)\f[] 44page. 45.sp \n(Ppu 46.ne 2 47 48\fCntpd\f[]\fR(8)\f[] 49reads its keys from a file specified using the 50\f\*[B-Font]\-k\f[] 51command line option or the 52\f\*[B-Font]keys\f[] 53statement in the configuration file. 54While key number 0 is fixed by the NTP standard 55(as 56 zero bits) 56and may not be changed, 57one or more keys numbered between 1 and 65534 58may be arbitrarily set in the keys file. 59.sp \n(Ppu 60.ne 2 61 62The key file uses the same comment conventions 63as the configuration file. 64Key entries use a fixed format of the form 65.sp \n(Ppu 66.ne 2 67 68.in +4
| 6.\" From the definitions ntp.keys.def 7.\" and the template file agman-file.tpl 8.Sh NAME 9.Nm ntp.keys 10.Nd NTP symmetric key file format 11 12.\" 13.SH NAME 14ntp.keys \- NTP symmetric key file format configuration file 15.de1 NOP 16. it 1 an-trap 17. if \\n[.$] \,\\$*\/ 18.. 19.ie t \ 20.ds B-Font [CB] 21.ds I-Font [CI] 22.ds R-Font [CR] 23.el \ 24.ds B-Font B 25.ds I-Font I 26.ds R-Font R 27.SH SYNOPSIS 28\f\*[B-Font]\fP 29[\f\*[B-Font]\-\-option-name\f[]] 30[\f\*[B-Font]\-\-option-name\f[] \f\*[I-Font]value\f[]] 31.sp \n(Ppu 32.ne 2 33 34All arguments must be options. 35.sp \n(Ppu 36.ne 2 37 38.SH DESCRIPTION 39This document describes the format of an NTP symmetric key file. 40For a description of the use of this type of file, see the 41"Authentication Support" 42section of the 43\fCntp.conf\f[]\fR(5)\f[] 44page. 45.sp \n(Ppu 46.ne 2 47 48\fCntpd\f[]\fR(8)\f[] 49reads its keys from a file specified using the 50\f\*[B-Font]\-k\f[] 51command line option or the 52\f\*[B-Font]keys\f[] 53statement in the configuration file. 54While key number 0 is fixed by the NTP standard 55(as 56 zero bits) 56and may not be changed, 57one or more keys numbered between 1 and 65534 58may be arbitrarily set in the keys file. 59.sp \n(Ppu 60.ne 2 61 62The key file uses the same comment conventions 63as the configuration file. 64Key entries use a fixed format of the form 65.sp \n(Ppu 66.ne 2 67 68.in +4
|
69\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[]
| 69\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] \f\*[I-Font]opt_IP_list\f[]
|
70.in -4 71.sp \n(Ppu 72.ne 2 73 74where 75\f\*[I-Font]keyno\f[] 76is a positive integer (between 1 and 65534), 77\f\*[I-Font]type\f[] 78is the message digest algorithm, 79and 80\f\*[I-Font]key\f[]
| 70.in -4 71.sp \n(Ppu 72.ne 2 73 74where 75\f\*[I-Font]keyno\f[] 76is a positive integer (between 1 and 65534), 77\f\*[I-Font]type\f[] 78is the message digest algorithm, 79and 80\f\*[I-Font]key\f[]
|
81is the key itself.
| 81is the key itself, and 82\f\*[I-Font]opt_IP_list\f[] 83is an optional comma-separated list of IPs 84that are allowed to serve time. 85If 86\f\*[I-Font]opt_IP_list\f[] 87is empty, 88any properly-authenticated server message will be 89accepted.
|
82.sp \n(Ppu 83.ne 2 84 85The 86\f\*[I-Font]key\f[] 87may be given in a format 88controlled by the 89\f\*[I-Font]type\f[] 90field. 91The 92\f\*[I-Font]type\f[] 93\f[C]MD5\f[] 94is always supported. 95If 96\f[C]ntpd\f[] 97was built with the OpenSSL library 98then any digest library supported by that library may be specified. 99However, if compliance with FIPS 140-2 is required the 100\f\*[I-Font]type\f[] 101must be either 102\f[C]SHA\f[] 103or 104\f[C]SHA1\f[]. 105.sp \n(Ppu 106.ne 2 107 108What follows are some key types, and corresponding formats: 109.sp \n(Ppu 110.ne 2 111 112.TP 7 113.NOP \f[C]MD5\f[] 114The key is 1 to 16 printable characters terminated by 115an EOL, 116whitespace, 117or 118a 119\f[C]#\f[] 120(which is the "start of comment" character). 121.sp \n(Ppu 122.ne 2 123 124.br 125.ns 126.TP 7 127.NOP \f[C]SHA\f[] 128.br 129.ns 130.TP 7 131.NOP \f[C]SHA1\f[] 132.br 133.ns 134.TP 7 135.NOP \f[C]RMD160\f[] 136The key is a hex-encoded ASCII string of 40 characters, 137which is truncated as necessary. 138.PP 139.sp \n(Ppu 140.ne 2 141 142Note that the keys used by the 143\fCntpq\f[]\fR(8)\f[] 144and 145\fCntpdc\f[]\fR(8)\f[] 146programs are checked against passwords 147requested by the programs and entered by hand, 148so it is generally appropriate to specify these keys in ASCII format. 149.SH FILES 150.TP 14 151.NOP \fI/etc/ntp.keys\f[] 152the default name of the configuration file 153.PP 154.SH "SEE ALSO" 155\fCntp.conf\f[]\fR(5)\f[], 156\fCntpd\f[]\fR(@NTPD_MS@)\f[], 157\fCntpdate\f[]\fR(@NTPDATE_MS@)\f[], 158\fCntpdc\f[]\fR(@NTPDC_MS@)\f[], 159\fCsntp\f[]\fR(@SNTP_MS@)\f[] 160.SH "AUTHORS" 161The University of Delaware and Network Time Foundation 162.SH "COPYRIGHT"
| 90.sp \n(Ppu 91.ne 2 92 93The 94\f\*[I-Font]key\f[] 95may be given in a format 96controlled by the 97\f\*[I-Font]type\f[] 98field. 99The 100\f\*[I-Font]type\f[] 101\f[C]MD5\f[] 102is always supported. 103If 104\f[C]ntpd\f[] 105was built with the OpenSSL library 106then any digest library supported by that library may be specified. 107However, if compliance with FIPS 140-2 is required the 108\f\*[I-Font]type\f[] 109must be either 110\f[C]SHA\f[] 111or 112\f[C]SHA1\f[]. 113.sp \n(Ppu 114.ne 2 115 116What follows are some key types, and corresponding formats: 117.sp \n(Ppu 118.ne 2 119 120.TP 7 121.NOP \f[C]MD5\f[] 122The key is 1 to 16 printable characters terminated by 123an EOL, 124whitespace, 125or 126a 127\f[C]#\f[] 128(which is the "start of comment" character). 129.sp \n(Ppu 130.ne 2 131 132.br 133.ns 134.TP 7 135.NOP \f[C]SHA\f[] 136.br 137.ns 138.TP 7 139.NOP \f[C]SHA1\f[] 140.br 141.ns 142.TP 7 143.NOP \f[C]RMD160\f[] 144The key is a hex-encoded ASCII string of 40 characters, 145which is truncated as necessary. 146.PP 147.sp \n(Ppu 148.ne 2 149 150Note that the keys used by the 151\fCntpq\f[]\fR(8)\f[] 152and 153\fCntpdc\f[]\fR(8)\f[] 154programs are checked against passwords 155requested by the programs and entered by hand, 156so it is generally appropriate to specify these keys in ASCII format. 157.SH FILES 158.TP 14 159.NOP \fI/etc/ntp.keys\f[] 160the default name of the configuration file 161.PP 162.SH "SEE ALSO" 163\fCntp.conf\f[]\fR(5)\f[], 164\fCntpd\f[]\fR(@NTPD_MS@)\f[], 165\fCntpdate\f[]\fR(@NTPDATE_MS@)\f[], 166\fCntpdc\f[]\fR(@NTPDC_MS@)\f[], 167\fCsntp\f[]\fR(@SNTP_MS@)\f[] 168.SH "AUTHORS" 169The University of Delaware and Network Time Foundation 170.SH "COPYRIGHT"
|
163Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
| 171Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
|
164This program is released under the terms of the NTP license, <http://ntp.org/license>. 165.SH "BUGS" 166Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org 167.SH NOTES 168This document was derived from FreeBSD. 169.sp \n(Ppu 170.ne 2 171 172This manual page was \fIAutoGen\fP-erated from the \fBntp.keys\fP 173option definitions.
| 172This program is released under the terms of the NTP license, <http://ntp.org/license>. 173.SH "BUGS" 174Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org 175.SH NOTES 176This document was derived from FreeBSD. 177.sp \n(Ppu 178.ne 2 179 180This manual page was \fIAutoGen\fP-erated from the \fBntp.keys\fP 181option definitions.
|