Deleted Added
sdiff udiff text old ( 293423 ) new ( 294554 )
full compact
1.TH ntp.keys 5 "07 Jan 2016" "4.2.8p5" "File Formats"
1.TH ntp.keys 5 "20 Jan 2016" "4.2.8p6" "File Formats"
2.\"
3.\" EDIT THIS FILE WITH CAUTION (ntp.man)
4.\"
5.\" It has been AutoGen-ed January 7, 2016 at 11:30:41 PM by AutoGen 5.18.5
5.\" It has been AutoGen-ed January 20, 2016 at 04:17:51 AM by AutoGen 5.18.5
6.\" From the definitions ntp.keys.def
7.\" and the template file agman-file.tpl
8.Sh NAME
9.Nm ntp.keys
10.Nd NTP symmetric key file format
11
12.\"
13.SH NAME
14ntp.keys \- NTP symmetric key file format configuration file
15.de1 NOP
16. it 1 an-trap
17. if \\n[.$] \,\\$*\/
18..
19.ie t \
20.ds B-Font [CB]
21.ds I-Font [CI]
22.ds R-Font [CR]
23.el \
24.ds B-Font B
25.ds I-Font I
26.ds R-Font R
27.SH SYNOPSIS
28\f\*[B-Font]\fP
29[\f\*[B-Font]\-\-option-name\f[]]
30[\f\*[B-Font]\-\-option-name\f[] \f\*[I-Font]value\f[]]
31.sp \n(Ppu
32.ne 2
33
34All arguments must be options.
35.sp \n(Ppu
36.ne 2
37
38.SH DESCRIPTION
39This document describes the format of an NTP symmetric key file.
40For a description of the use of this type of file, see the
41"Authentication Support"
42section of the
43\fCntp.conf\f[]\fR(5)\f[]
44page.
45.sp \n(Ppu
46.ne 2
47
48\fCntpd\f[]\fR(8)\f[]
49reads its keys from a file specified using the
50\f\*[B-Font]\-k\f[]
51command line option or the
52\f\*[B-Font]keys\f[]
53statement in the configuration file.
54While key number 0 is fixed by the NTP standard
55(as 56 zero bits)
56and may not be changed,
57one or more keys numbered between 1 and 65534
58may be arbitrarily set in the keys file.
59.sp \n(Ppu
60.ne 2
61
62The key file uses the same comment conventions
63as the configuration file.
64Key entries use a fixed format of the form
65.sp \n(Ppu
66.ne 2
67
68.in +4
69\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[]
69\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] \f\*[I-Font]opt_IP_list\f[]
70.in -4
71.sp \n(Ppu
72.ne 2
73
74where
75\f\*[I-Font]keyno\f[]
76is a positive integer (between 1 and 65534),
77\f\*[I-Font]type\f[]
78is the message digest algorithm,
79and
80\f\*[I-Font]key\f[]
81is the key itself.
81is the key itself, and
82\f\*[I-Font]opt_IP_list\f[]
83is an optional comma-separated list of IPs
84that are allowed to serve time.
85If
86\f\*[I-Font]opt_IP_list\f[]
87is empty,
88any properly-authenticated server message will be
89accepted.
90.sp \n(Ppu
91.ne 2
92
93The
94\f\*[I-Font]key\f[]
95may be given in a format
96controlled by the
97\f\*[I-Font]type\f[]
98field.
99The
100\f\*[I-Font]type\f[]
101\f[C]MD5\f[]
102is always supported.
103If
104\f[C]ntpd\f[]
105was built with the OpenSSL library
106then any digest library supported by that library may be specified.
107However, if compliance with FIPS 140-2 is required the
108\f\*[I-Font]type\f[]
109must be either
110\f[C]SHA\f[]
111or
112\f[C]SHA1\f[].
113.sp \n(Ppu
114.ne 2
115
116What follows are some key types, and corresponding formats:
117.sp \n(Ppu
118.ne 2
119
120.TP 7
121.NOP \f[C]MD5\f[]
122The key is 1 to 16 printable characters terminated by
123an EOL,
124whitespace,
125or
126a
127\f[C]#\f[]
128(which is the "start of comment" character).
129.sp \n(Ppu
130.ne 2
131
132.br
133.ns
134.TP 7
135.NOP \f[C]SHA\f[]
136.br
137.ns
138.TP 7
139.NOP \f[C]SHA1\f[]
140.br
141.ns
142.TP 7
143.NOP \f[C]RMD160\f[]
144The key is a hex-encoded ASCII string of 40 characters,
145which is truncated as necessary.
146.PP
147.sp \n(Ppu
148.ne 2
149
150Note that the keys used by the
151\fCntpq\f[]\fR(8)\f[]
152and
153\fCntpdc\f[]\fR(8)\f[]
154programs are checked against passwords
155requested by the programs and entered by hand,
156so it is generally appropriate to specify these keys in ASCII format.
157.SH FILES
158.TP 14
159.NOP \fI/etc/ntp.keys\f[]
160the default name of the configuration file
161.PP
162.SH "SEE ALSO"
163\fCntp.conf\f[]\fR(5)\f[],
164\fCntpd\f[]\fR(@NTPD_MS@)\f[],
165\fCntpdate\f[]\fR(@NTPDATE_MS@)\f[],
166\fCntpdc\f[]\fR(@NTPDC_MS@)\f[],
167\fCsntp\f[]\fR(@SNTP_MS@)\f[]
168.SH "AUTHORS"
169The University of Delaware and Network Time Foundation
170.SH "COPYRIGHT"
163Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
171Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
172This program is released under the terms of the NTP license, <http://ntp.org/license>.
173.SH "BUGS"
174Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
175.SH NOTES
176This document was derived from FreeBSD.
177.sp \n(Ppu
178.ne 2
179
180This manual page was \fIAutoGen\fP-erated from the \fBntp.keys\fP
181option definitions.