ntp/doc/ntp.keys.5

.Dd January 7 2016
.Dt NTP_KEYS 5 File Formats
.Os SunOS 5.10
.\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
.\"
.\" $FreeBSD: releng/9.3/usr.sbin/ntp/doc/ntp.keys.5 293896 2016-01-14 09:11:26Z glebius $
.\"
.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:00 PM by AutoGen 5.18.5
.\"  From the definitions    ntp.keys.def
.\"  and the template file   agmdoc-file.tpl
.Sh NAME
.Nm ntp.keys
.Nd NTP symmetric key file format

.Sh NAME
.Nm ntp.keys
.Nd NTP symmetric key file format
.Sh SYNOPSIS
.Nm
.Op Fl \-option\-name
.Op Fl \-option\-name Ar value
.Pp
All arguments must be options.
.Pp
.Sh DESCRIPTION
This document describes the format of an NTP symmetric key file.
For a description of the use of this type of file, see the
.Qq Authentication Support
section of the
.Xr ntp.conf 5
page.
.Pp
.Xr ntpd 8
reads its keys from a file specified using the
.Fl k
command line option or the
.Ic keys
statement in the configuration file.
While key number 0 is fixed by the NTP standard
(as 56 zero bits)
and may not be changed,
one or more keys numbered between 1 and 65534
may be arbitrarily set in the keys file.
.Pp
The key file uses the same comment conventions
as the configuration file.
Key entries use a fixed format of the form
.Pp
.D1 Ar keyno type key
.Pp
where
.Ar keyno
is a positive integer (between 1 and 65534),
.Ar type
is the message digest algorithm,
and
.Ar key
is the key itself.
.Pp
The
.Ar key
may be given in a format
controlled by the
.Ar type
field.
The
.Ar type
.Li MD5
is always supported.
If
.Li ntpd
was built with the OpenSSL library
then any digest library supported by that library may be specified.
However, if compliance with FIPS 140\-2 is required the
.Ar type
must be either
.Li SHA
or
.Li SHA1 .
.Pp
What follows are some key types, and corresponding formats:
.Pp
.Bl -tag -width RMD160 -compact
.It Li MD5
The key is 1 to 16 printable characters terminated by
an EOL,
whitespace,
or
a
.Li #
(which is the "start of comment" character).
.Pp
.It Li SHA
.It Li SHA1
.It Li RMD160
The key is a hex\-encoded ASCII string of 40 characters,
which is truncated as necessary.
.El
.Pp
Note that the keys used by the
.Xr ntpq 8
and
.Xr ntpdc 8
programs are checked against passwords
requested by the programs and entered by hand,
so it is generally appropriate to specify these keys in ASCII format.
.Sh "OPTIONS"
.Bl -tag
.It Fl \-help
Display usage information and exit.
.It Fl \-more\-help
Pass the extended usage information through a pager.
.It Fl \-version Op Brq Ar v|c|n
Output version of program and exit.  The default mode is `v', a simple
version.  The `c' mode will print copyright information and `n' will
print the full copyright notice.
.El
.Sh "OPTION PRESETS"
Any option that is not marked as \fInot presettable\fP may be preset
by loading values from environment variables named:
.nf
  \fBNTP_KEYS_<option\-name>\fP or \fBNTP_KEYS\fP
.fi
.ad
.Sh "ENVIRONMENT"
See \fBOPTION PRESETS\fP for configuration environment variables.
.Sh FILES
.Bl -tag -width /etc/ntp.keys -compact
.It Pa /etc/ntp.keys
the default name of the configuration file
.El
.Sh "EXIT STATUS"
One of the following exit values will be returned:
.Bl -tag
.It 0 " (EXIT_SUCCESS)"
Successful program execution.
.It 1 " (EXIT_FAILURE)"
The operation failed or the command syntax was not valid.
.It 70 " (EX_SOFTWARE)"
libopts had an internal operational error.  Please report
it to autogen\-users@lists.sourceforge.net.  Thank you.
.El
.Sh "SEE ALSO"
.Xr ntp.conf 5 ,
.Xr ntpd 8 ,
.Xr ntpdate 8 ,
.Xr ntpdc 8 ,
.Xr sntp 8
.Sh "AUTHORS"
The University of Delaware and Network Time Foundation
.Sh "COPYRIGHT"
Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh "BUGS"
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
.Sh NOTES
This document was derived from FreeBSD.
.Pp
This manual page was \fIAutoGen\fP\-erated from the \fBntp.keys\fP
option definitions.