ntp-keygen.1ntp-keygenman revision 1.1.1.5
10Sduke.de1 NOP 210391Sstuefe. it 1 an-trap 30Sduke. if \\n[.$] \,\\$*\/ 40Sduke.. 50Sduke.ie t \ 60Sduke.ds B-Font [CB] 70Sduke.ds I-Font [CI] 80Sduke.ds R-Font [CR] 90Sduke.el \ 100Sduke.ds B-Font B 110Sduke.ds I-Font I 120Sduke.ds R-Font R 130Sduke.TH ntp-keygen 1ntp-keygenman "21 Oct 2015" "ntp (4.2.8p4)" "User Commands" 140Sduke.\" 150Sduke.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-r5aiQP/ag-E5aaPP) 160Sduke.\" 170Sduke.\" It has been AutoGen-ed October 21, 2015 at 12:40:02 PM by AutoGen 5.18.5 180Sduke.\" From the definitions ntp-keygen-opts.def 191472Strims.\" and the template file agman-cmd.tpl 201472Strims.SH NAME 211472Strims\f\*[B-Font]ntp-keygen\fP 220Sduke\- Create a NTP host key 230Sduke.SH SYNOPSIS 240Sduke\f\*[B-Font]ntp-keygen\fP 251879Sstefank.\" Mixture of short (flag) options and long options 261879Sstefank[\f\*[B-Font]\-flags\f[]] 271879Sstefank[\f\*[B-Font]\-flag\f[] [\f\*[I-Font]value\f[]]] 281879Sstefank[\f\*[B-Font]\-\-option-name\f[][[=| ]\f\*[I-Font]value\f[]]] 291879Sstefank.sp \n(Ppu 301879Sstefank.ne 2 311879Sstefank 323883StwistiAll arguments must be options. 331879Sstefank.sp \n(Ppu 341879Sstefank.ne 2 3510367Sstuefe 361879Sstefank.SH DESCRIPTION 371879SstefankThis program generates cryptographic data files used by the NTPv4 381879Sstefankauthentication and identification schemes. 391879SstefankIt generates MD5 key files used in symmetric key cryptography. 406683SgoetzIn addition, if the OpenSSL software library has been installed, 411879Sstefankit generates keys, certificate and identity files used in public key 421879Sstefankcryptography. 431879SstefankThese files are used for cookie encryption, 441879Sstefankdigital signature and challenge/response identification algorithms 4511857Sdholmescompatible with the Internet standard security infrastructure. 461879Sstefank.sp \n(Ppu 471879Sstefank.ne 2 481879Sstefank 491879SstefankAll files are in PEM-encoded printable ASCII format, 501879Sstefankso they can be embedded as MIME attachments in mail to other sites 511879Sstefankand certificate authorities. 521879SstefankBy default, files are not encrypted. 536402Sgoetz.sp \n(Ppu 541879Sstefank.ne 2 551879Sstefank 561879SstefankWhen used to generate message digest keys, the program produces a file 571879Sstefankcontaining ten pseudo-random printable ASCII strings suitable for the 581879SstefankMD5 message digest algorithm included in the distribution. 593864SstefankIf the OpenSSL library is installed, it produces an additional ten 601879Sstefankhex-encoded random bit strings suitable for the SHA1 and other message 611879Sstefankdigest algorithms. 626760SgoetzThe message digest keys file must be distributed and stored 638656Sstefankusing secure means beyond the scope of NTP itself. 641879SstefankBesides the keys used for ordinary NTP associations, additional keys 653758Szgucan be defined as passwords for the 661879Sstefank\fCntpq\f[]\fR(1ntpqmdoc)\f[] 671929Szguand 681879Sstefank\fCntpdc\f[]\fR(1ntpdcmdoc)\f[] 691879Sstefankutility programs. 701879Sstefank.sp \n(Ppu 7110367Sstuefe.ne 2 721879Sstefank 730SdukeThe remaining generated files are compatible with other OpenSSL 740Sdukeapplications and other Public Key Infrastructure (PKI) resources. 750SdukeCertificates generated by this program are compatible with extant 760Sdukeindustry practice, although some users might find the interpretation of 771956SzguX509v3 extension fields somewhat liberal. 780SdukeHowever, the identity keys are probably not compatible with anything 790Sdukeother than Autokey. 800Sduke.sp \n(Ppu 810Sduke.ne 2 820Sduke 830SdukeSome files used by this program are encrypted using a private password. 840SdukeThe 850Sduke\f\*[B-Font]\-p\f[] 860Sdukeoption specifies the password for local encrypted files and the 870Sduke\f\*[B-Font]\-q\f[] 880Sdukeoption the password for encrypted files sent to remote sites. 890SdukeIf no password is specified, the host name returned by the Unix 900Sduke\fBgethostname\f[]\fR()\f[] 910Sdukefunction, normally the DNS name of the host is used. 920Sduke.sp \n(Ppu 930Sduke.ne 2 940Sduke 950SdukeThe 960Sduke\f\*[I-Font]pw\f[] 970Sdukeoption of the 980Sduke\f\*[I-Font]crypto\f[] 990Sdukeconfiguration command specifies the read 1000Sdukepassword for previously encrypted local files. 1010SdukeThis must match the local password used by this program. 1020SdukeIf not specified, the host name is used. 1030SdukeThus, if files are generated by this program without password, 1040Sdukethey can be read back by 1050Sduke\f\*[I-Font]ntpd\f[] 1060Sdukewithout password but only on the same host. 1070Sduke.sp \n(Ppu 1080Sduke.ne 2 1090Sduke 1103046SphhNormally, encrypted files for each host are generated by that host and 1110Sdukeused only by that host, although exceptions exist as noted later on 1120Sdukethis page. 1131887SikrylovThe symmetric keys file, normally called 1140Sduke\f\*[I-Font]ntp.keys\f[], 1150Sdukeis usually installed in 1160Sduke\fI/etc\f[]. 1170SdukeOther files and links are usually installed in 1180Sduke\fI/usr/local/etc\f[], 1190Sdukewhich is normally in a shared filesystem in 1200SdukeNFS-mounted networks and cannot be changed by shared clients. 1210SdukeThe location of the keys directory can be changed by the 1220Sduke\f\*[I-Font]keysdir\f[] 1230Sdukeconfiguration command in such cases. 1240SdukeNormally, this is in 1250Sduke\fI/etc\f[]. 1260Sduke.sp \n(Ppu 1270Sduke.ne 2 1287051Sdcubed 1290SdukeThis program directs commentary and error messages to the standard 1300Sdukeerror stream 1317051Sdcubed\f\*[I-Font]stderr\f[] 1320Sdukeand remote files to the standard output stream 1330Sduke\f\*[I-Font]stdout\f[] 134144Siveresovwhere they can be piped to other applications or redirected to files. 1357051SdcubedThe names used for generated files and links all begin with the 136144Siveresovstring 137144Siveresov\f\*[I-Font]ntpkey\f[] 1387051Sdcubedand include the file type, generating host and filestamp, 139144Siveresovas described in the 140144Siveresov\*[Lq]Cryptographic Data Files\*[Rq] 1410Sdukesection below. 1423046Sphh.SS Running the Program 1433046SphhTo test and gain experience with Autokey concepts, log in as root and 1443046Sphhchange to the keys directory, usually 1450Sduke\fI/usr/local/etc\f[] 1460SdukeWhen run for the first time, or if all files with names beginning with 1470Sduke\f\*[I-Font]ntpkey\f[] 1480Sdukehave been removed, use the 1491887Sikrylov\f\*[B-Font]ntp-keygen\fP 1501887Sikrylovcommand without arguments to generate a 1511887Sikrylovdefault RSA host key and matching RSA-MD5 certificate with expiration 1520Sdukedate one year hence. 1530SdukeIf run again without options, the program uses the 1540Sdukeexisting keys and parameters and generates only a new certificate with 1550Sdukenew expiration date one year hence. 1560Sduke.sp \n(Ppu 1570Sduke.ne 2 1580Sduke 1590SdukeRun the command on as many hosts as necessary. 1600SdukeDesignate one of them as the trusted host (TH) using 1610Sduke\f\*[B-Font]ntp-keygen\fP 16210847Sdholmeswith the 1630Sduke\f\*[B-Font]\-T\f[] 1640Sdukeoption and configure it to synchronize from reliable Internet servers. 1650SdukeThen configure the other hosts to synchronize to the TH directly or 1660Sdukeindirectly. 1670SdukeA certificate trail is created when Autokey asks the immediately 1680Sdukeascendant host towards the TH to sign its certificate, which is then 1690Sdukeprovided to the immediately descendant host on request. 1700SdukeAll group hosts should have acyclic certificate trails ending on the TH. 1710Sduke.sp \n(Ppu 1720Sduke.ne 2 1730Sduke 1740SdukeThe host key is used to encrypt the cookie when required and so must be 1750SdukeRSA type. 1760SdukeBy default, the host key is also the sign key used to encrypt 1770Sdukesignatures. 1780SdukeA different sign key can be assigned using the 1794802Ssla\f\*[B-Font]\-S\f[] 1804802Sslaoption and this can be either RSA or DSA type. 1810SdukeBy default, the signature 1820Sdukemessage digest type is MD5, but any combination of sign key type and 1830Sdukemessage digest type supported by the OpenSSL library can be specified 1840Sdukeusing the 1850Sduke\f\*[B-Font]\-c\f[] 1860Sdukeoption. 1870SdukeThe rules say cryptographic media should be generated with proventic 1880Sdukefilestamps, which means the host should already be synchronized before 1890Sdukethis program is run. 1900SdukeThis of course creates a chicken-and-egg problem 1910Sdukewhen the host is started for the first time. 1920SdukeAccordingly, the host time 1930Sdukeshould be set by some other means, such as eyeball-and-wristwatch, at 1940Sdukeleast so that the certificate lifetime is within the current year. 1950SdukeAfter that and when the host is synchronized to a proventic source, the 1960Sdukecertificate should be re-generated. 1970Sduke.sp \n(Ppu 1980Sduke.ne 2 1990Sduke 2000SdukeAdditional information on trusted groups and identity schemes is on the 2010Sduke\*[Lq]Autokey Public-Key Authentication\*[Rq] 2020Sdukepage. 2030Sduke.sp \n(Ppu 2046599Sdcubed.ne 2 2056599Sdcubed 2060SdukeThe 2070Sduke\fCntpd\f[]\fR(1ntpdmdoc)\f[] 2080Sdukeconfiguration command 2090Sduke\f\*[B-Font]crypto\f[] \f\*[B-Font]pw\f[] \f\*[I-Font]password\f[] 2100Sdukespecifies the read password for previously encrypted files. 2110SdukeThe daemon expires on the spot if the password is missing 2120Sdukeor incorrect. 2130SdukeFor convenience, if a file has been previously encrypted, 2140Sdukethe default read password is the name of the host running 2150Sdukethe program. 2160SdukeIf the previous write password is specified as the host name, 2170Sdukethese files can be read by that host with no explicit password. 2180Sduke.sp \n(Ppu 2190Sduke.ne 2 2200Sduke 2210SdukeFile names begin with the prefix 2220Sduke\f\*[B-Font]ntpkey_\f[] 2230Sdukeand end with the postfix 2240Sduke\f\*[I-Font]_hostname.filestamp\f[], 2250Sdukewhere 2260Sduke\f\*[I-Font]hostname\f[] 2276599Sdcubedis the owner name, usually the string returned 2286599Sdcubedby the Unix gethostname() routine, and 2296599Sdcubed\f\*[I-Font]filestamp\f[] 2300Sdukeis the NTP seconds when the file was generated, in decimal digits. 2310SdukeThis both guarantees uniqueness and simplifies maintenance 2320Sdukeprocedures, since all files can be quickly removed 2330Sdukeby a 2340Sduke\f\*[B-Font]rm\f[] \f\*[B-Font]ntpkey\&*\f[] 2350Sdukecommand or all files generated 2360Sdukeat a specific time can be removed by a 2370Sduke\f\*[B-Font]rm\f[] 2380Sduke\f\*[I-Font]\&*filestamp\f[] 2390Sdukecommand. 2400SdukeTo further reduce the risk of misconfiguration, 2410Sdukethe first two lines of a file contain the file name 242548Sysrand generation date and time as comments. 243548Sysr.sp \n(Ppu 244548Sysr.ne 2 245548Sysr 2460SdukeAll files are installed by default in the keys directory 2470Sduke\fI/usr/local/etc\f[], 2480Sdukewhich is normally in a shared filesystem 2490Sdukein NFS-mounted networks. 2500SdukeThe actual location of the keys directory 2510Sdukeand each file can be overridden by configuration commands, 2520Sdukebut this is not recommended. 2530SdukeNormally, the files for each host are generated by that host 2540Sdukeand used only by that host, although exceptions exist 2550Sdukeas noted later on this page. 2560Sduke.sp \n(Ppu 2570Sduke.ne 2 2580Sduke 2590SdukeNormally, files containing private values, 2600Sdukeincluding the host key, sign key and identification parameters, 2610Sdukeare permitted root read/write-only; 2620Sdukewhile others containing public values are permitted world readable. 2637050SdcubedAlternatively, files containing private values can be encrypted 2640Sdukeand these files permitted world readable, 2650Sdukewhich simplifies maintenance in shared file systems. 2660SdukeSince uniqueness is insured by the hostname and 2670Sdukefile name extensions, the files for a NFS server and 2680Sdukedependent clients can all be installed in the same shared directory. 2690Sduke.sp \n(Ppu 2700Sduke.ne 2 2710Sduke 2720SdukeThe recommended practice is to keep the file name extensions 2730Sdukewhen installing a file and to install a soft link 2740Sdukefrom the generic names specified elsewhere on this page 2750Sduketo the generated files. 2760SdukeThis allows new file generations to be activated simply 2777050Sdcubedby changing the link. 2780SdukeIf a link is present, ntpd follows it to the file name 2790Sduketo extract the filestamp. 2800SdukeIf a link is not present, 2810Sduke\fCntpd\f[]\fR(1ntpdmdoc)\f[] 2820Sdukeextracts the filestamp from the file itself. 2830SdukeThis allows clients to verify that the file and generation times 2840Sdukeare always current. 2850SdukeThe 2861123Sphh\f\*[B-Font]ntp-keygen\fP 2877051Sdcubedprogram uses the same timestamp extension for all files generated 2887051Sdcubedat one time, so each generation is distinct and can be readily 2897051Sdcubedrecognized in monitoring data. 2900Sduke.SS Running the program 2910SdukeThe safest way to run the 2920Sduke\f\*[B-Font]ntp-keygen\fP 2930Sdukeprogram is logged in directly as root. 2940SdukeThe recommended procedure is change to the keys directory, 2950Sdukeusually 296387Sxlu\fI/usr/local/etc\f[], 2970Sdukethen run the program. 298387SxluWhen run for the first time, 299387Sxluor if all 300387Sxlu\f\*[B-Font]ntpkey\f[] 301387Sxlufiles have been removed, 302387Sxluthe program generates a RSA host key file and matching RSA-MD5 certificate file, 303387Sxluwhich is all that is necessary in many cases. 3040SdukeThe program also generates soft links from the generic names 3050Sduketo the respective files. 3060SdukeIf run again, the program uses the same host key file, 3070Sdukebut generates a new certificate file and link. 3080Sduke.sp \n(Ppu 3090Sduke.ne 2 3100Sduke 3110SdukeThe host key is used to encrypt the cookie when required and so must be RSA type. 3120SdukeBy default, the host key is also the sign key used to encrypt signatures. 3130SdukeWhen necessary, a different sign key can be specified and this can be 3140Sdukeeither RSA or DSA type. 3150SdukeBy default, the message digest type is MD5, but any combination 3160Sdukeof sign key type and message digest type supported by the OpenSSL library 3173465Szgucan be specified, including those using the MD2, MD5, SHA, SHA1, MDC2 3180Sdukeand RIPE160 message digest algorithms. 3190SdukeHowever, the scheme specified in the certificate must be compatible 3200Sdukewith the sign key. 3210SdukeCertificates using any digest algorithm are compatible with RSA sign keys; 3220Sdukehowever, only SHA and SHA1 certificates are compatible with DSA sign keys. 3230Sduke.sp \n(Ppu 3240Sduke.ne 2 3250Sduke 3260SdukePrivate/public key files and certificates are compatible with 3270Sdukeother OpenSSL applications and very likely other libraries as well. 3280SdukeCertificates or certificate requests derived from them should be compatible 3290Sdukewith extant industry practice, although some users might find 3300Sdukethe interpretation of X509v3 extension fields somewhat liberal. 3310SdukeHowever, the identification parameter files, although encoded 3320Sdukeas the other files, are probably not compatible with anything other than Autokey. 3330Sduke.sp \n(Ppu 3340Sduke.ne 2 3350Sduke 3360SdukeRunning the program as other than root and using the Unix 3370Sduke\f\*[B-Font]su\f[] 3380Sdukecommand 3390Sduketo assume root may not work properly, since by default the OpenSSL library 3400Sdukelooks for the random seed file 3410Sduke\f\*[B-Font].rnd\f[] 3420Sdukein the user home directory. 3430SdukeHowever, there should be only one 3446599Sdcubed\f\*[B-Font].rnd\f[], 3450Sdukemost conveniently 3460Sdukein the root directory, so it is convenient to define the 3470Sduke\f\*[B-Font]$RANDFILE\f[] 3483465Szguenvironment variable used by the OpenSSL library as the path to 3490Sduke\f\*[B-Font]/.rnd\f[]. 3500Sduke.sp \n(Ppu 3510Sduke.ne 2 3520Sduke 3530SdukeInstalling the keys as root might not work in NFS-mounted 3540Sdukeshared file systems, as NFS clients may not be able to write 3550Sduketo the shared keys directory, even as root. 3560SdukeIn this case, NFS clients can specify the files in another 3570Sdukedirectory such as 3580Sduke\fI/etc\f[] 3590Sdukeusing the 3600Sduke\f\*[B-Font]keysdir\f[] 3610Sdukecommand. 3620SdukeThere is no need for one client to read the keys and certificates 3630Sdukeof other clients or servers, as these data are obtained automatically 3647050Sdcubedby the Autokey protocol. 3657050Sdcubed.sp \n(Ppu 3667050Sdcubed.ne 2 3677050Sdcubed 3687050SdcubedOrdinarily, cryptographic files are generated by the host that uses them, 3697050Sdcubedbut it is possible for a trusted agent (TA) to generate these files 3707050Sdcubedfor other hosts; however, in such cases files should always be encrypted. 3717050SdcubedThe subject name and trusted name default to the hostname 3720Sdukeof the host generating the files, but can be changed by command line options. 3730SdukeIt is convenient to designate the owner name and trusted name 3740Sdukeas the subject and issuer fields, respectively, of the certificate. 3750SdukeThe owner name is also used for the host and sign key files, 3760Sdukewhile the trusted name is used for the identity files. 3770Sduke.sp \n(Ppu 3780Sduke.ne 2 3790Sduke 3800SdukeAll files are installed by default in the keys directory 3810Sduke\fI/usr/local/etc\f[], 3820Sdukewhich is normally in a shared filesystem 3830Sdukein NFS-mounted networks. 3840SdukeThe actual location of the keys directory 3850Sdukeand each file can be overridden by configuration commands, 3860Sdukebut this is not recommended. 3870SdukeNormally, the files for each host are generated by that host 3880Sdukeand used only by that host, although exceptions exist 3890Sdukeas noted later on this page. 3900Sduke.sp \n(Ppu 3910Sduke.ne 2 3920Sduke 3930SdukeNormally, files containing private values, 3940Sdukeincluding the host key, sign key and identification parameters, 3950Sdukeare permitted root read/write-only; 3960Sdukewhile others containing public values are permitted world readable. 3970SdukeAlternatively, files containing private values can be encrypted 3980Sdukeand these files permitted world readable, 3990Sdukewhich simplifies maintenance in shared file systems. 4003465SzguSince uniqueness is insured by the hostname and 4010Sdukefile name extensions, the files for a NFS server and 4020Sdukedependent clients can all be installed in the same shared directory. 4030Sduke.sp \n(Ppu 4040Sduke.ne 2 4050Sduke 4060SdukeThe recommended practice is to keep the file name extensions 4070Sdukewhen installing a file and to install a soft link 4080Sdukefrom the generic names specified elsewhere on this page 4090Sduketo the generated files. 4100SdukeThis allows new file generations to be activated simply 4110Sdukeby changing the link. 4120SdukeIf a link is present, ntpd follows it to the file name 4130Sduketo extract the filestamp. 4140SdukeIf a link is not present, 4150Sduke\fCntpd\f[]\fR(1ntpdmdoc)\f[] 4160Sdukeextracts the filestamp from the file itself. 4170SdukeThis allows clients to verify that the file and generation times 4180Sdukeare always current. 4190SdukeThe 4200Sduke\f\*[B-Font]ntp-keygen\fP 4210Sdukeprogram uses the same timestamp extension for all files generated 4220Sdukeat one time, so each generation is distinct and can be readily 4230Sdukerecognized in monitoring data. 4240Sduke.SS Running the program 4250SdukeThe safest way to run the 4260Sduke\f\*[B-Font]ntp-keygen\fP 4270Sdukeprogram is logged in directly as root. 4280SdukeThe recommended procedure is change to the keys directory, 4290Sdukeusually 4300Sduke\fI/usr/local/etc\f[], 4310Sdukethen run the program. 4320SdukeWhen run for the first time, 4330Sdukeor if all 4340Sduke\f\*[B-Font]ntpkey\f[] 4350Sdukefiles have been removed, 4360Sdukethe program generates a RSA host key file and matching RSA-MD5 certificate file, 4377462Scoleenpwhich is all that is necessary in many cases. 4380SdukeThe program also generates soft links from the generic names 4390Sduketo the respective files. 4400SdukeIf run again, the program uses the same host key file, 4410Sdukebut generates a new certificate file and link. 4422767Sdcubed.sp \n(Ppu 44310847Sdholmes.ne 2 44410847Sdholmes 44510847SdholmesThe host key is used to encrypt the cookie when required and so must be RSA type. 44610847SdholmesBy default, the host key is also the sign key used to encrypt signatures. 44710847SdholmesWhen necessary, a different sign key can be specified and this can be 44810847Sdholmeseither RSA or DSA type. 44910847SdholmesBy default, the message digest type is MD5, but any combination 45010847Sdholmesof sign key type and message digest type supported by the OpenSSL library 45110847Sdholmescan be specified, including those using the MD2, MD5, SHA, SHA1, MDC2 4522767Sdcubedand RIPE160 message digest algorithms. 4532767SdcubedHowever, the scheme specified in the certificate must be compatible 4540Sdukewith the sign key. 4550SdukeCertificates using any digest algorithm are compatible with RSA sign keys; 4560Sdukehowever, only SHA and SHA1 certificates are compatible with DSA sign keys. 4570Sduke.sp \n(Ppu 4580Sduke.ne 2 4590Sduke 4600SdukePrivate/public key files and certificates are compatible with 4610Sdukeother OpenSSL applications and very likely other libraries as well. 4620SdukeCertificates or certificate requests derived from them should be compatible 4630Sdukewith extant industry practice, although some users might find 4640Sdukethe interpretation of X509v3 extension fields somewhat liberal. 4650SdukeHowever, the identification parameter files, although encoded 4660Sdukeas the other files, are probably not compatible with anything other than Autokey. 4670Sduke.sp \n(Ppu 4680Sduke.ne 2 4690Sduke 4700SdukeRunning the program as other than root and using the Unix 4710Sduke\f\*[B-Font]su\f[] 4720Sdukecommand 4730Sduketo assume root may not work properly, since by default the OpenSSL library 4740Sdukelooks for the random seed file 4750Sduke\f\*[B-Font].rnd\f[] 4767462Scoleenpin the user home directory. 4770SdukeHowever, there should be only one 4780Sduke\f\*[B-Font].rnd\f[], 4790Sdukemost conveniently 4800Sdukein the root directory, so it is convenient to define the 4810Sduke\f\*[B-Font]$RANDFILE\f[] 4820Sdukeenvironment variable used by the OpenSSL library as the path to 4830Sduke\f\*[B-Font]/.rnd\f[]. 4840Sduke.sp \n(Ppu 4850Sduke.ne 2 4860Sduke 4870SdukeInstalling the keys as root might not work in NFS-mounted 4880Sdukeshared file systems, as NFS clients may not be able to write 4890Sduketo the shared keys directory, even as root. 4900SdukeIn this case, NFS clients can specify the files in another 4910Sdukedirectory such as 4920Sduke\fI/etc\f[] 4930Sdukeusing the 4940Sduke\f\*[B-Font]keysdir\f[] 4950Sdukecommand. 4960SdukeThere is no need for one client to read the keys and certificates 4970Sdukeof other clients or servers, as these data are obtained automatically 4980Sdukeby the Autokey protocol. 4990Sduke.sp \n(Ppu 5000Sduke.ne 2 5010Sduke 5020SdukeOrdinarily, cryptographic files are generated by the host that uses them, 5030Sdukebut it is possible for a trusted agent (TA) to generate these files 5040Sdukefor other hosts; however, in such cases files should always be encrypted. 5050SdukeThe subject name and trusted name default to the hostname 5060Sdukeof the host generating the files, but can be changed by command line options. 5070SdukeIt is convenient to designate the owner name and trusted name 5080Sdukeas the subject and issuer fields, respectively, of the certificate. 5093957SdcubedThe owner name is also used for the host and sign key files, 5100Sdukewhile the trusted name is used for the identity files. 5113957Sdcubedseconds. 5120Sdukeseconds. 5130Sdukes Trusted Hosts and Groups 5143957SdcubedEach cryptographic configuration involves selection of a signature scheme 5150Sdukeand identification scheme, called a cryptotype, 5160Sdukeas explained in the 5170Sduke\fIAuthentication\f[] \fIOptions\f[] 5180Sdukesection of 5190Sduke\fCntp.conf\f[]\fR(5)\f[]. 5200SdukeThe default cryptotype uses RSA encryption, MD5 message digest 5210Sdukeand TC identification. 5220SdukeFirst, configure a NTP subnet including one or more low-stratum 5230Sduketrusted hosts from which all other hosts derive synchronization 5243957Sdcubeddirectly or indirectly. 5253957SdcubedTrusted hosts have trusted certificates; 5263957Sdcubedall other hosts have nontrusted certificates. 5270SdukeThese hosts will automatically and dynamically build authoritative 5280Sdukecertificate trails to one or more trusted hosts. 5290SdukeA trusted group is the set of all hosts that have, directly or indirectly, 5300Sdukea certificate trail ending at a trusted host. 5310SdukeThe trail is defined by static configuration file entries 5320Sdukeor dynamic means described on the 5336213Sgoetz\fIAutomatic\f[] \fINTP\f[] \fIConfiguration\f[] \fIOptions\f[] 5346213Sgoetzsection of 5350Sduke\fCntp.conf\f[]\fR(5)\f[]. 5366213Sgoetz.sp \n(Ppu 5376213Sgoetz.ne 2 5386213Sgoetz 5396213SgoetzOn each trusted host as root, change to the keys directory. 5406213SgoetzTo insure a fresh fileset, remove all 5417344Schegar\f\*[B-Font]ntpkey\f[] 54212391Serikjfiles. 5437344SchegarThen run 5446213Sgoetz\f\*[B-Font]ntp-keygen\fP 5456213Sgoetz\f\*[B-Font]\-T\f[] 5466213Sgoetzto generate keys and a trusted certificate. 5470SdukeOn all other hosts do the same, but leave off the 5486213Sgoetz\f\*[B-Font]\-T\f[] 5496213Sgoetzflag to generate keys and nontrusted certificates. 5506213SgoetzWhen complete, start the NTP daemons beginning at the lowest stratum 5516213Sgoetzand working up the tree. 5526213SgoetzIt may take some time for Autokey to instantiate the certificate trails 5536213Sgoetzthroughout the subnet, but setting up the environment is completely automatic. 5546213Sgoetz.sp \n(Ppu 5556213Sgoetz.ne 2 5566213Sgoetz 5570SdukeIf it is necessary to use a different sign key or different digest/signature 5586213Sgoetzscheme than the default, run 5596213Sgoetz\f\*[B-Font]ntp-keygen\fP 5606213Sgoetzwith the 5616213Sgoetz\f\*[B-Font]\-S\f[] \f\*[I-Font]type\f[] 5626213Sgoetzoption, where 56312391Serikj\f\*[I-Font]type\f[] 5640Sdukeis either 5656213Sgoetz\f\*[B-Font]RSA\f[] 5666213Sgoetzor 5676213Sgoetz\f\*[B-Font]DSA\f[]. 5686213SgoetzThe most often need to do this is when a DSA-signed certificate is used. 5696213SgoetzIf it is necessary to use a different certificate scheme than the default, 5706213Sgoetzrun 5716213Sgoetz\f\*[B-Font]ntp-keygen\fP 5726213Sgoetzwith the 5736213Sgoetz\f\*[B-Font]\-c\f[] \f\*[I-Font]scheme\f[] 5746213Sgoetzoption and selected 5756213Sgoetz\f\*[I-Font]scheme\f[] 5766213Sgoetzas needed. 5776213Sgoetzf 5786213Sgoetz\f\*[B-Font]ntp-keygen\fP 5796213Sgoetzis run again without these options, it generates a new certificate 5806213Sgoetzusing the same scheme and sign key. 5816213Sgoetz.sp \n(Ppu 5826213Sgoetz.ne 2 5836213Sgoetz 5846213SgoetzAfter setting up the environment it is advisable to update certificates 5856213Sgoetzfrom time to time, if only to extend the validity interval. 5866213SgoetzSimply run 5876213Sgoetz\f\*[B-Font]ntp-keygen\fP 5886213Sgoetzwith the same flags as before to generate new certificates 5896213Sgoetzusing existing keys. 5906213SgoetzHowever, if the host or sign key is changed, 5916213Sgoetz\fCntpd\f[]\fR(1ntpdmdoc)\f[] 5926213Sgoetzshould be restarted. 5936213SgoetzWhen 5946213Sgoetz\fCntpd\f[]\fR(1ntpdmdoc)\f[] 5957462Scoleenpis restarted, it loads any new files and restarts the protocol. 5966213SgoetzOther dependent hosts will continue as usual until signatures are refreshed, 5976213Sgoetzat which time the protocol is restarted. 5986213Sgoetz.SS Identity Schemes 5996213SgoetzAs mentioned on the Autonomous Authentication page, 6006213Sgoetzthe default TC identity scheme is vulnerable to a middleman attack. 6016213SgoetzHowever, there are more secure identity schemes available, 6026213Sgoetzincluding PC, IFF, GQ and MV described on the 6036213Sgoetz"Identification Schemes" 6046213Sgoetzpage 6056213Sgoetz(maybe available at 6067462Scoleenp\f[C]http://www.eecis.udel.edu/%7emills/keygen.html\f[]). 6077462ScoleenpThese schemes are based on a TA, one or more trusted hosts 6086213Sgoetzand some number of nontrusted hosts. 6096213SgoetzTrusted hosts prove identity using values provided by the TA, 6106213Sgoetzwhile the remaining hosts prove identity using values provided 6116213Sgoetzby a trusted host and certificate trails that end on that host. 6126213SgoetzThe name of a trusted host is also the name of its sugroup 6136213Sgoetzand also the subject and issuer name on its trusted certificate. 6146213SgoetzThe TA is not necessarily a trusted host in this sense, but often is. 6156213Sgoetz.sp \n(Ppu 6166213Sgoetz.ne 2 6176213Sgoetz 6186213SgoetzIn some schemes there are separate keys for servers and clients. 6196213SgoetzA server can also be a client of another server, 6206213Sgoetzbut a client can never be a server for another client. 6216213SgoetzIn general, trusted hosts and nontrusted hosts that operate 62212391Serikjas both server and client have parameter files that contain 6236213Sgoetzboth server and client keys. 6246213SgoetzHosts that operate 6256213Sgoetzonly as clients have key files that contain only client keys. 6266213Sgoetz.sp \n(Ppu 6276213Sgoetz.ne 2 6286213Sgoetz 6296213SgoetzThe PC scheme supports only one trusted host in the group. 6306213SgoetzOn trusted host alice run 6316213Sgoetz\f\*[B-Font]ntp-keygen\fP 6326213Sgoetz\f\*[B-Font]\-P\f[] 6336213Sgoetz\f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[] 6346213Sgoetzto generate the host key file 6356213Sgoetz\fIntpkey_RSAkey_\f[]\f\*[I-Font]alice.filestamp\f[] 6366213Sgoetzand trusted private certificate file 6376213Sgoetz\fIntpkey_RSA-MD5_cert_\f[]\f\*[I-Font]alice.filestamp\f[]. 6386213SgoetzCopy both files to all group hosts; 6396213Sgoetzthey replace the files which would be generated in other schemes. 6406213SgoetzOn each host bob install a soft link from the generic name 6416213Sgoetz\fIntpkey_host_\f[]\f\*[I-Font]bob\f[] 6426213Sgoetzto the host key file and soft link 6436213Sgoetz\fIntpkey_cert_\f[]\f\*[I-Font]bob\f[] 6446213Sgoetzto the private certificate file. 6456213SgoetzNote the generic links are on bob, but point to files generated 6466213Sgoetzby trusted host alice. 6476213SgoetzIn this scheme it is not possible to refresh 6486213Sgoetzeither the keys or certificates without copying them 6496213Sgoetzto all other hosts in the group. 6506213Sgoetz.sp \n(Ppu 6516213Sgoetz.ne 2 6520Sduke 6536213SgoetzFor the IFF scheme proceed as in the TC scheme to generate keys 6546213Sgoetzand certificates for all group hosts, then for every trusted host in the group, 6550Sdukegenerate the IFF parameter file. 6560SdukeOn trusted host alice run 6576213Sgoetz\f\*[B-Font]ntp-keygen\fP 6586213Sgoetz\f\*[B-Font]\-T\f[] 6596213Sgoetz\f\*[B-Font]\-I\f[] 6606213Sgoetz\f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[] 6616213Sgoetzto produce her parameter file 6626213Sgoetz\fIntpkey_IFFpar_\f[]\f\*[I-Font]alice.filestamp\f[], 6636213Sgoetzwhich includes both server and client keys. 6647462ScoleenpCopy this file to all group hosts that operate as both servers 6657462Scoleenpand clients and install a soft link from the generic 6666213Sgoetz\fIntpkey_iff_\f[]\f\*[I-Font]alice\f[] 6676213Sgoetzto this file. 6686213SgoetzIf there are no hosts restricted to operate only as clients, 6696213Sgoetzthere is nothing further to do. 6706213SgoetzAs the IFF scheme is independent 6716213Sgoetzof keys and certificates, these files can be refreshed as needed. 6727462Scoleenp.sp \n(Ppu 6736213Sgoetz.ne 2 6746213Sgoetz 6750SdukeIf a rogue client has the parameter file, it could masquerade 6760Sdukeas a legitimate server and present a middleman threat. 6770SdukeTo eliminate this threat, the client keys can be extracted 6780Sdukefrom the parameter file and distributed to all restricted clients. 6790SdukeAfter generating the parameter file, on alice run 6800Sduke\f\*[B-Font]ntp-keygen\fP 6810Sduke\f\*[B-Font]\-e\f[] 6827051Sdcubedand pipe the output to a file or mail program. 6830SdukeCopy or mail this file to all restricted clients. 6840SdukeOn these clients install a soft link from the generic 6850Sduke\fIntpkey_iff_\f[]\f\*[I-Font]alice\f[] 6860Sduketo this file. 6870SdukeTo further protect the integrity of the keys, 6880Sdukeeach file can be encrypted with a secret password. 6890Sduke.sp \n(Ppu 6900Sduke.ne 2 6910Sduke 6920SdukeFor the GQ scheme proceed as in the TC scheme to generate keys 6930Sdukeand certificates for all group hosts, then for every trusted host 6940Sdukein the group, generate the IFF parameter file. 6950SdukeOn trusted host alice run 6960Sduke\f\*[B-Font]ntp-keygen\fP 6970Sduke\f\*[B-Font]\-T\f[] 6986599Sdcubed\f\*[B-Font]\-G\f[] 6990Sduke\f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[] 7000Sduketo produce her parameter file 7010Sduke\fIntpkey_GQpar_\f[]\f\*[I-Font]alice.filestamp\f[], 7020Sdukewhich includes both server and client keys. 7030SdukeCopy this file to all group hosts and install a soft link 7040Sdukefrom the generic 7050Sduke\fIntpkey_gq_\f[]\f\*[I-Font]alice\f[] 7060Sduketo this file. 7070SdukeIn addition, on each host bob install a soft link 70811236Sdholmesfrom generic 70911236Sdholmes\fIntpkey_gq_\f[]\f\*[I-Font]bob\f[] 7100Sduketo this file. 7110SdukeAs the GQ scheme updates the GQ parameters file and certificate 7120Sdukeat the same time, keys and certificates can be regenerated as needed. 7130Sduke.sp \n(Ppu 7140Sduke.ne 2 7150Sduke 7160SdukeFor the MV scheme, proceed as in the TC scheme to generate keys 7170Sdukeand certificates for all group hosts. 7180SdukeFor illustration assume trish is the TA, alice one of several trusted hosts 7190Sdukeand bob one of her clients. 7200SdukeOn TA trish run 7219651Sdholmes\f\*[B-Font]ntp-keygen\fP 7229651Sdholmes\f\*[B-Font]\-V\f[] \f\*[I-Font]n\f[] 7239651Sdholmes\f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[], 7240Sdukewhere 7250Sduke\f\*[I-Font]n\f[] 7266599Sdcubedis the number of revokable keys (typically 5) to produce 7276599Sdcubedthe parameter file 7280Sduke\fIntpkeys_MVpar_\f[]\f\*[I-Font]trish.filestamp\f[] 72910367Sstuefeand client key files 73010367Sstuefe\fIntpkeys_MVkeyd_\f[]\f\*[I-Font]trish.filestamp\f[] 73110367Sstuefewhere 7320Sduke\f\*[I-Font]d\f[] 7330Sdukeis the key number (0 \&< 7340Sduke\f\*[I-Font]d\f[] 7350Sduke\&< 7360Sduke\f\*[I-Font]n\f[]). 7370SdukeCopy the parameter file to alice and install a soft link 7380Sdukefrom the generic 73911271Sdholmes\fIntpkey_mv_\f[]\f\*[I-Font]alice\f[] 74011271Sdholmesto this file. 74111271SdholmesCopy one of the client key files to alice for later distribution 7423046Sphhto her clients. 7436599SdcubedIt doesn't matter which client key file goes to alice, 7446599Sdcubedsince they all work the same way. 7453046SphhAlice copies the client key file to all of her cliens. 7460SdukeOn client bob install a soft link from generic 7473046Sphh\fIntpkey_mvkey_\f[]\f\*[I-Font]bob\f[] 7483046Sphhto the client key file. 7493046SphhAs the MV scheme is independent of keys and certificates, 7500Sdukethese files can be refreshed as needed. 7510Sduke.SS Command Line Options 7520Sduke.TP 7 7530Sduke.NOP \f\*[B-Font]\-c\f[] \f\*[I-Font]scheme\f[] 7540SdukeSelect certificate message digest/signature encryption scheme. 7550SdukeThe 7560Sduke\f\*[I-Font]scheme\f[] 7570Sdukecan be one of the following: 7580Sduke. Cm RSA-MD2 , RSA-MD5 , RSA-SHA , RSA-SHA1 , RSA-MDC2 , RSA-RIPEMD160 , DSA-SHA , 7590Sdukeor 7600Sduke\f\*[B-Font]DSA-SHA1\f[]. 7610SdukeNote that RSA schemes must be used with a RSA sign key and DSA 7620Sdukeschemes must be used with a DSA sign key. 7630SdukeThe default without this option is 7640Sduke\f\*[B-Font]RSA-MD5\f[]. 7650Sduke.TP 7 7660Sduke.NOP \f\*[B-Font]\-d\f[] 7670SdukeEnable debugging. 7680SdukeThis option displays the cryptographic data produced in eye-friendly billboards. 7690Sduke.TP 7 7700Sduke.NOP \f\*[B-Font]\-e\f[] 77110367SstuefeWrite the IFF client keys to the standard output. 77210367SstuefeThis is intended for automatic key distribution by mail. 77311236Sdholmes.TP 7 77411236Sdholmes.NOP \f\*[B-Font]\-G\f[] 77511236SdholmesGenerate parameters and keys for the GQ identification scheme, 77611236Sdholmesobsoleting any that may exist. 77711236Sdholmes.TP 7 77811236Sdholmes.NOP \f\*[B-Font]\-g\f[] 77911236SdholmesGenerate keys for the GQ identification scheme 78011236Sdholmesusing the existing GQ parameters. 78111236SdholmesIf the GQ parameters do not yet exist, create them first. 7820Sduke.TP 7 7830Sduke.NOP \f\*[B-Font]\-H\f[] 7840SdukeGenerate new host keys, obsoleting any that may exist. 7850Sduke.TP 7 7860Sduke.NOP \f\*[B-Font]\-I\f[] 7870SdukeGenerate parameters for the IFF identification scheme, 7880Sdukeobsoleting any that may exist. 7890Sduke.TP 7 7900Sduke.NOP \f\*[B-Font]\-i\f[] \f\*[I-Font]name\f[] 7910SdukeSet the suject name to 7920Sduke\f\*[I-Font]name\f[]. 7930SdukeThis is used as the subject field in certificates 7940Sdukeand in the file name for host and sign keys. 7950Sduke.TP 7 7960Sduke.NOP \f\*[B-Font]\-M\f[] 7976599SdcubedGenerate MD5 keys, obsoleting any that may exist. 7980Sduke.TP 7 7990Sduke.NOP \f\*[B-Font]\-P\f[] 8000SdukeGenerate a private certificate. 8010SdukeBy default, the program generates public certificates. 8020Sduke.TP 7 8030Sduke.NOP \f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[] 8040SdukeEncrypt generated files containing private data with 8050Sduke\f\*[I-Font]password\f[] 8066599Sdcubedand the DES-CBC algorithm. 8070Sduke.TP 7 8086599Sdcubed.NOP \f\*[B-Font]\-q\f[] 8090SdukeSet the password for reading files to password. 8100Sduke.TP 7 8110Sduke.NOP \f\*[B-Font]\-S\f[] [\f\*[B-Font]RSA\f[] | \f\*[B-Font]DSA\f[]] 8120SdukeGenerate a new sign key of the designated type, 8130Sdukeobsoleting any that may exist. 8140SdukeBy default, the program uses the host key as the sign key. 8150Sduke.TP 7 8160Sduke.NOP \f\*[B-Font]\-s\f[] \f\*[I-Font]name\f[] 8170SdukeSet the issuer name to 8180Sduke\f\*[I-Font]name\f[]. 8190SdukeThis is used for the issuer field in certificates 8209956Ssebastianand in the file name for identity files. 8210Sduke.TP 7 8220Sduke.NOP \f\*[B-Font]\-T\f[] 8230SdukeGenerate a trusted certificate. 8249956SsebastianBy default, the program generates a non-trusted certificate. 8250Sduke.TP 7 8260Sduke.NOP \f\*[B-Font]\-V\f[] \f\*[I-Font]nkeys\f[] 8270SdukeGenerate parameters and keys for the Mu-Varadharajan (MV) identification scheme. 8289956Ssebastian.PP 8290Sduke.SS Random Seed File 8300SdukeAll cryptographically sound key generation schemes must have means 8310Sduketo randomize the entropy seed used to initialize 8329956Ssebastianthe internal pseudo-random number generator used 8330Sdukeby the library routines. 8340SdukeThe OpenSSL library uses a designated random seed file for this purpose. 8350SdukeThe file must be available when starting the NTP daemon and 8360Sduke\f\*[B-Font]ntp-keygen\fP 8370Sdukeprogram. 8380SdukeIf a site supports OpenSSL or its companion OpenSSH, 8390Sdukeit is very likely that means to do this are already available. 8400Sduke.sp \n(Ppu 8410Sduke.ne 2 8420Sduke 8437050SdcubedIt is important to understand that entropy must be evolved 8440Sdukefor each generation, for otherwise the random number sequence 8450Sdukewould be predictable. 8460SdukeVarious means dependent on external events, such as keystroke intervals, 8470Sdukecan be used to do this and some systems have built-in entropy sources. 8480SdukeSuitable means are described in the OpenSSL software documentation, 8490Sdukebut are outside the scope of this page. 8500Sduke.sp \n(Ppu 8510Sduke.ne 2 8520Sduke 8530SdukeThe entropy seed used by the OpenSSL library is contained in a file, 85410367Sstuefeusually called 85510367Sstuefe\f\*[B-Font].rnd\f[], 85610367Sstuefewhich must be available when starting the NTP daemon 8570Sdukeor the 8580Sduke\f\*[B-Font]ntp-keygen\fP 8590Sdukeprogram. 8600SdukeThe NTP daemon will first look for the file 8610Sdukeusing the path specified by the 8620Sduke\f\*[B-Font]randfile\f[] 8630Sdukesubcommand of the 8640Sduke\f\*[B-Font]crypto\f[] 8650Sdukeconfiguration command. 8667050SdcubedIf not specified in this way, or when starting the 8677050Sdcubed\f\*[B-Font]ntp-keygen\fP 8687050Sdcubedprogram, 8690Sdukethe OpenSSL library will look for the file using the path specified 8700Sdukeby the 8710SdukeRANDFILE 8720Sdukeenvironment variable in the user home directory, 8730Sdukewhether root or some other user. 8740SdukeIf the 8750SdukeRANDFILE 8760Sdukeenvironment variable is not present, 8770Sdukethe library will look for the 8780Sduke\f\*[B-Font].rnd\f[] 8790Sdukefile in the user home directory. 8800SdukeIf the file is not available or cannot be written, 8810Sdukethe daemon exits with a message to the system log and the program 8820Sdukeexits with a suitable error message. 88310367Sstuefe.SS Cryptographic Data Files 88410367SstuefeAll other file formats begin with two lines. 88510391SstuefeThe first contains the file name, including the generated host name 88610367Sstuefeand filestamp. 88710367SstuefeThe second contains the datestamp in conventional Unix date format. 88810367SstuefeLines beginning with # are considered comments and ignored by the 88910391Sstuefe\f\*[B-Font]ntp-keygen\fP 89010367Sstuefeprogram and 89110367Sstuefe\fCntpd\f[]\fR(1ntpdmdoc)\f[] 89210367Sstuefedaemon. 89310367SstuefeCryptographic values are encoded first using ASN.1 rules, 89410367Sstuefethen encrypted if necessary, and finally written PEM-encoded 89510367Sstuefeprintable ASCII format preceded and followed by MIME content identifier lines. 89610367Sstuefe.sp \n(Ppu 89710367Sstuefe.ne 2 89810367Sstuefe 89910367SstuefeThe format of the symmetric keys file is somewhat different 90010367Sstuefethan the other files in the interest of backward compatibility. 9010SdukeSince DES-CBC is deprecated in NTPv4, the only key format of interest 90211979Srdurbinis MD5 alphanumeric strings. 90311979SrdurbinFollowing hte heard the keys are 90411979Srdurbinentered one per line in the format 90511979Srdurbin.in +4 90611979Srdurbin\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] 90711979Srdurbin.in -4 90811979Srdurbinwhere 9097051Sdcubed\f\*[I-Font]keyno\f[] 91011979Srdurbinis a positive integer in the range 1-65,535, 9110Sduke\f\*[I-Font]type\f[] 9120Sdukeis the string MD5 defining the key format and 9130Sduke\f\*[I-Font]key\f[] 9140Sdukeis the key itself, 9150Sdukewhich is a printable ASCII string 16 characters or less in length. 9160SdukeEach character is chosen from the 93 printable characters 9176599Sdcubedin the range 0x21 through 0x7f excluding space and the 9180Sduke\[oq]#\[cq] 9196599Sdcubedcharacter. 9207050Sdcubed.sp \n(Ppu 9217050Sdcubed.ne 2 9227050Sdcubed 9237050SdcubedNote that the keys used by the 9247050Sdcubed\fCntpq\f[]\fR(1ntpqmdoc)\f[] 9257050Sdcubedand 9267050Sdcubed\fCntpdc\f[]\fR(1ntpdcmdoc)\f[] 9277050Sdcubedprograms 9287050Sdcubedare checked against passwords requested by the programs 9297050Sdcubedand entered by hand, so it is generally appropriate to specify these keys 9307050Sdcubedin human readable ASCII format. 9317050Sdcubed.sp \n(Ppu 9327050Sdcubed.ne 2 9337050Sdcubed 9347050SdcubedThe 9357050Sdcubed\f\*[B-Font]ntp-keygen\fP 9367050Sdcubedprogram generates a MD5 symmetric keys file 9377050Sdcubed\fIntpkey_MD5key_\f[]\f\*[I-Font]hostname.filestamp\f[]. 9387050SdcubedSince the file contains private shared keys, 9397050Sdcubedit should be visible only to root and distributed by secure means 9407050Sdcubedto other subnet hosts. 9410SdukeThe NTP daemon loads the file 9420Sduke\fIntp.keys\f[], 9430Sdukeso 9440Sduke\f\*[B-Font]ntp-keygen\fP 94511979Srdurbininstalls a soft link from this name to the generated file. 94611979SrdurbinSubsequently, similar soft links must be installed by manual 9470Sdukeor automated means on the other subnet hosts. 9480SdukeWhile this file is not used with the Autokey Version 2 protocol, 9490Sdukeit is needed to authenticate some remote configuration commands 9500Sdukeused by the 9510Sduke\fCntpq\f[]\fR(1ntpqmdoc)\f[] 9520Sdukeand 9530Sduke\fCntpdc\f[]\fR(1ntpdcmdoc)\f[] 9540Sdukeutilities. 9550Sduke.SH "OPTIONS" 9560Sduke.TP 9570Sduke.NOP \f\*[B-Font]\-b\f[] \f\*[I-Font]imbits\f[], \f\*[B-Font]\-\-imbits\f[]=\f\*[I-Font]imbits\f[] 9580Sdukeidentity modulus bits. 9590SdukeThis option takes an integer number as its argument. 9600SdukeThe value of 9610Sduke\f\*[I-Font]imbits\f[] 9620Sdukeis constrained to being: 9630Sduke.in +4 9640Sduke.nf 9650Sduke.na 9660Sdukein the range 256 through 2048 9670Sduke.fi 9680Sduke.in -4 9690Sduke.sp 9700SdukeThe number of bits in the identity modulus. The default is 256. 9716267Sfparain.TP 9720Sduke.NOP \f\*[B-Font]\-c\f[] \f\*[I-Font]scheme\f[], \f\*[B-Font]\-\-certificate\f[]=\f\*[I-Font]scheme\f[] 9730Sdukecertificate scheme. 9740Sduke.sp 9750Sdukescheme is one of 9760SdukeRSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160, 9770SdukeDSA-SHA, or DSA-SHA1. 9780Sduke.sp 97911236SdholmesSelect the certificate message digest/signature encryption scheme. 98010367SstuefeNote that RSA schemes must be used with a RSA sign key and DSA 98110367Sstuefeschemes must be used with a DSA sign key. The default without 98210367Sstuefethis option is RSA-MD5. 98310391Sstuefe.TP 98410367Sstuefe.NOP \f\*[B-Font]\-C\f[] \f\*[I-Font]cipher\f[], \f\*[B-Font]\-\-cipher\f[]=\f\*[I-Font]cipher\f[] 98510367Sstuefeprivatekey cipher. 98610367Sstuefe.sp 98710627SstuefeSelect the cipher which is used to encrypt the files containing 98810367Sstuefeprivate keys. The default is three-key triple DES in CBC mode, 98910367Sstuefeequivalent to "@code{-C des-ede3-cbc". The openssl tool lists ciphers 9900Sdukeavailable in "\fBopenssl \-h\fP" output. 9910Sduke.TP 9920Sduke.NOP \f\*[B-Font]\-d\f[], \f\*[B-Font]\-\-debug\-level\f[] 9930SdukeIncrease debug verbosity level. 9940SdukeThis option may appear an unlimited number of times. 9950Sduke.sp 9960Sduke.TP 9970Sduke.NOP \f\*[B-Font]\-D\f[] \f\*[I-Font]number\f[], \f\*[B-Font]\-\-set\-debug\-level\f[]=\f\*[I-Font]number\f[] 9980SdukeSet the debug verbosity level. 9990SdukeThis option may appear an unlimited number of times. 10000SdukeThis option takes an integer number as its argument. 10010Sduke.sp 10020Sduke.TP 10030Sduke.NOP \f\*[B-Font]\-e\f[], \f\*[B-Font]\-\-id\-key\f[] 10040SdukeWrite IFF or GQ identity keys. 100511271Sdholmes.sp 100611271SdholmesWrite the IFF or GQ client keys to the standard output. This is 100711271Sdholmesintended for automatic key distribution by mail. 100811271Sdholmes.TP 10090Sduke.NOP \f\*[B-Font]\-G\f[], \f\*[B-Font]\-\-gq\-params\f[] 10100SdukeGenerate GQ parameters and keys. 10110Sduke.sp 10120SdukeGenerate parameters and keys for the GQ identification scheme, 10130Sdukeobsoleting any that may exist. 10140Sduke.TP 10150Sduke.NOP \f\*[B-Font]\-H\f[], \f\*[B-Font]\-\-host\-key\f[] 10167051Sdcubedgenerate RSA host key. 10179430Sdholmes.sp 10189430SdholmesGenerate new host keys, obsoleting any that may exist. 10199302Sdholmes.TP 10207051Sdcubed.NOP \f\*[B-Font]\-I\f[], \f\*[B-Font]\-\-iffkey\f[] 10210Sdukegenerate IFF parameters. 10227051Sdcubed.sp 10237051SdcubedGenerate parameters for the IFF identification scheme, obsoleting 10240Sdukeany that may exist. 10250Sduke.TP 10260Sduke.NOP \f\*[B-Font]\-i\f[] \f\*[I-Font]group\f[], \f\*[B-Font]\-\-ident\f[]=\f\*[I-Font]group\f[] 10270Sdukeset Autokey group name. 10289302Sdholmes.sp 10290SdukeSet the optional Autokey group name to name. This is used in 10300Sdukethe file name of IFF, GQ, and MV client parameters files. In 10310Sdukethat role, the default is the host name if this option is not 10327050Sdcubedprovided. The group name, if specified using \fB-i/--ident\fP or 10337050Sdcubedusing \fB-s/--subject-name\fP following an '\fB@\fP' character, 10347050Sdcubedis also a part of the self-signed host certificate's subject and 10357050Sdcubedissuer names in the form \fBhost@group\fP and should match the 10367051Sdcubed'\fBcrypto ident\fP' or '\fBserver ident\fP' configuration in 10377050Sdcubed\fBntpd\fP's configuration file. 10387051Sdcubed.TP 10397050Sdcubed.NOP \f\*[B-Font]\-l\f[] \f\*[I-Font]lifetime\f[], \f\*[B-Font]\-\-lifetime\f[]=\f\*[I-Font]lifetime\f[] 10407051Sdcubedset certificate lifetime. 10410SdukeThis option takes an integer number as its argument. 10420Sduke.sp 10430SdukeSet the certificate expiration to lifetime days from now. 10440Sduke.TP 10450Sduke.NOP \f\*[B-Font]\-M\f[], \f\*[B-Font]\-\-md5key\f[] 10460Sdukegenerate MD5 keys. 10470Sduke.sp 10480SdukeGenerate MD5 keys, obsoleting any that may exist. 10490Sduke.TP 10500Sduke.NOP \f\*[B-Font]\-m\f[] \f\*[I-Font]modulus\f[], \f\*[B-Font]\-\-modulus\f[]=\f\*[I-Font]modulus\f[] 10510Sdukemodulus. 10520SdukeThis option takes an integer number as its argument. 10530SdukeThe value of 10540Sduke\f\*[I-Font]modulus\f[] 10550Sdukeis constrained to being: 10560Sduke.in +4 10570Sduke.nf 10580Sduke.na 10590Sdukein the range 256 through 2048 10600Sduke.fi 10610Sduke.in -4 10620Sduke.sp 10630SdukeThe number of bits in the prime modulus. The default is 512. 10640Sduke.TP 10650Sduke.NOP \f\*[B-Font]\-P\f[], \f\*[B-Font]\-\-pvt\-cert\f[] 10660Sdukegenerate PC private certificate. 10670Sduke.sp 10680SdukeGenerate a private certificate. By default, the program generates 10690Sdukepublic certificates. 10700Sduke.TP 10710Sduke.NOP \f\*[B-Font]\-p\f[] \f\*[I-Font]passwd\f[], \f\*[B-Font]\-\-password\f[]=\f\*[I-Font]passwd\f[] 10729430Sdholmeslocal private password. 10739430Sdholmes.sp 10749430SdholmesLocal files containing private data are encrypted with the 10750SdukeDES-CBC algorithm and the specified password. The same password 10760Sdukemust be specified to the local ntpd via the "crypto pw password" 10770Sdukeconfiguration command. The default password is the local 10780Sdukehostname. 10797050Sdcubed.TP 10800Sduke.NOP \f\*[B-Font]\-q\f[] \f\*[I-Font]passwd\f[], \f\*[B-Font]\-\-export\-passwd\f[]=\f\*[I-Font]passwd\f[] 10810Sdukeexport IFF or GQ group keys with password. 10827050Sdcubed.sp 10837050SdcubedExport IFF or GQ identity group keys to the standard output, 10840Sdukeencrypted with the DES-CBC algorithm and the specified password. 10850SdukeThe same password must be specified to the remote ntpd via the 10867050Sdcubed"crypto pw password" configuration command. See also the option 10877050Sdcubed--id-key (-e) for unencrypted exports. 10880Sduke.TP 10890Sduke.NOP \f\*[B-Font]\-S\f[] \f\*[I-Font]sign\f[], \f\*[B-Font]\-\-sign\-key\f[]=\f\*[I-Font]sign\f[] 10907050Sdcubedgenerate sign key (RSA or DSA). 10910Sduke.sp 10920SdukeGenerate a new sign key of the designated type, obsoleting any 10930Sdukethat may exist. By default, the program uses the host key as the 10947051Sdcubedsign key. 10950Sduke.TP 10967051Sdcubed.NOP \f\*[B-Font]\-s\f[] \f\*[I-Font]host@group\f[], \f\*[B-Font]\-\-subject\-name\f[]=\f\*[I-Font]host@group\f[] 10970Sdukeset host and optionally group name. 10980Sduke.sp 10990SdukeSet the Autokey host name, and optionally, group name specified 11000Sdukefollowing an '\fB@\fP' character. The host name is used in the file 11010Sdukename of generated host and signing certificates, without the 11020Sdukegroup name. The host name, and if provided, group name are used 11030Sdukein \fBhost@group\fP form for the host certificate's subject and issuer 11040Sdukefields. Specifying '\fB-s @group\fP' is allowed, and results in 11050Sdukeleaving the host name unchanged while appending \fB@group\fP to the 11060Sdukesubject and issuer fields, as with \fB-i group\fP. The group name, or 11070Sdukeif not provided, the host name are also used in the file names 11080Sdukeof IFF, GQ, and MV client parameter files. 11090Sduke.TP 11100Sduke.NOP \f\*[B-Font]\-T\f[], \f\*[B-Font]\-\-trusted\-cert\f[] 11110Sduketrusted certificate (TC scheme). 11120Sduke.sp 11130SdukeGenerate a trusted certificate. By default, the program generates 11140Sdukea non-trusted certificate. 11150Sduke.TP 11160Sduke.NOP \f\*[B-Font]\-V\f[] \f\*[I-Font]num\f[], \f\*[B-Font]\-\-mv\-params\f[]=\f\*[I-Font]num\f[] 11170Sdukegenerate <num> MV parameters. 11180SdukeThis option takes an integer number as its argument. 11190Sduke.sp 11200SdukeGenerate parameters and keys for the Mu-Varadharajan (MV) 11210Sdukeidentification scheme. 11220Sduke.TP 11231956Szgu.NOP \f\*[B-Font]\-v\f[] \f\*[I-Font]num\f[], \f\*[B-Font]\-\-mv\-keys\f[]=\f\*[I-Font]num\f[] 11241956Szguupdate <num> MV keys. 11259056SdavidThis option takes an integer number as its argument. 11261956Szgu.sp 11271956SzguThis option has not been fully documented. 11281956Szgu.TP 11290Sduke.NOP \f\*[B-Font]\-\&?\f[], \f\*[B-Font]\-\-help\f[] 11303644SzguDisplay usage information and exit. 11316599Sdcubed.TP 11326599Sdcubed.NOP \f\*[B-Font]\-\&!\f[], \f\*[B-Font]\-\-more-help\f[] 11330SdukePass the extended usage information through a pager. 11343644Szgu.TP 11356599Sdcubed.NOP \f\*[B-Font]\->\f[] [\f\*[I-Font]cfgfile\f[]], \f\*[B-Font]\-\-save-opts\f[] [=\f\*[I-Font]cfgfile\f[]] 11360SdukeSave the option state to \fIcfgfile\fP. The default is the \fIlast\fP 11370Sdukeconfiguration file listed in the \fBOPTION PRESETS\fP section, below. 11380SdukeThe command will exit after updating the config file. 11390Sduke.TP 11400Sduke.NOP \f\*[B-Font]\-<\f[] \f\*[I-Font]cfgfile\f[], \f\*[B-Font]\-\-load-opts\f[]=\f\*[I-Font]cfgfile\f[], \f\*[B-Font]\-\-no-load-opts\f[] 11410SdukeLoad options from \fIcfgfile\fP. 11420SdukeThe \fIno-load-opts\fP form will disable the loading 11430Sdukeof earlier config/rc/ini files. \fI\-\-no-load-opts\fP is handled early, 11440Sdukeout of order. 11450Sduke.TP 11460Sduke.NOP \f\*[B-Font]\-\-version\f[] [{\f\*[I-Font]v|c|n\f[]}] 11470SdukeOutput version of program and exit. The default mode is `v', a simple 11480Sdukeversion. The `c' mode will print copyright information and `n' will 11490Sdukeprint the full copyright notice. 11500Sduke.PP 11510Sduke.SH "OPTION PRESETS" 11520SdukeAny option that is not marked as \fInot presettable\fP may be preset 11530Sdukeby loading values from configuration ("RC" or ".INI") file(s) and values from 11540Sdukeenvironment variables named: 11550Sduke.nf 11560Sduke \fBNTP_KEYGEN_<option-name>\fP or \fBNTP_KEYGEN\fP 11570Sduke.fi 11580Sduke.ad 11590SdukeThe environmental presets take precedence (are processed later than) 11600Sdukethe configuration files. 11610SdukeThe \fIhomerc\fP files are "\fI$HOME\fP", and "\fI.\fP". 11620SdukeIf any of these are directories, then the file \fI.ntprc\fP 11630Sdukeis searched for within those directories. 11640Sduke.SH USAGE 11657051SdcubedThe 11667051Sdcubed\f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[] 11677051Sdcubedoption specifies the write password and 11687051Sdcubed\f\*[B-Font]\-q\f[] \f\*[I-Font]password\f[] 11697051Sdcubedoption the read password for previously encrypted files. 11707051SdcubedThe 11717051Sdcubed\f\*[B-Font]ntp-keygen\fP 11727050Sdcubedprogram prompts for the password if it reads an encrypted file 11737050Sdcubedand the password is missing or incorrect. 11747050SdcubedIf an encrypted file is read successfully and 11750Sdukeno write password is specified, the read password is used 11760Sdukeas the write password by default. 11770Sduke.SH "ENVIRONMENT" 11787050SdcubedSee \fBOPTION PRESETS\fP for configuration environment variables. 11790Sduke.SH "FILES" 11800SdukeSee \fBOPTION PRESETS\fP for configuration files. 11810Sduke.SH "EXIT STATUS" 11826267SfparainOne of the following exit values will be returned: 11836267Sfparain.TP 11840Sduke.NOP 0 " (EXIT_SUCCESS)" 11850SdukeSuccessful program execution. 11861956Szgu.TP 11870Sduke.NOP 1 " (EXIT_FAILURE)" 11880SdukeThe operation failed or the command syntax was not valid. 11890Sduke.TP 11900Sduke.NOP 66 " (EX_NOINPUT)" 11910SdukeA specified configuration file could not be loaded. 11920Sduke.TP 11930Sduke.NOP 70 " (EX_SOFTWARE)" 11940Sdukelibopts had an internal operational error. Please report 11950Sdukeit to autogen-users@lists.sourceforge.net. Thank you. 11960Sduke.PP 119711236Sdholmes.SH "AUTHORS" 119811236SdholmesThe University of Delaware and Network Time Foundation 119911236Sdholmes.SH "COPYRIGHT" 120011236SdholmesCopyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved. 120111236SdholmesThis program is released under the terms of the NTP license, <http://ntp.org/license>. 120211236Sdholmes.SH BUGS 120311236SdholmesIt can take quite a while to generate some cryptographic values, 12040Sdukefrom one to several minutes with modern architectures 12050Sdukesuch as UltraSPARC and up to tens of minutes to an hour 12060Sdukewith older architectures such as SPARC IPC. 12070Sduke.sp \n(Ppu 12080Sduke.ne 2 12090Sduke 12100SdukePlease report bugs to http://bugs.ntp.org . 12110Sduke.sp \n(Ppu 12120Sduke.ne 2 12130Sduke 12140SdukePlease send bug reports to: http://bugs.ntp.org, bugs@ntp.org 12150Sduke.SH NOTES 12160SdukePortions of this document came from FreeBSD. 12170Sduke.sp \n(Ppu 12180Sduke.ne 2 12190Sduke 12200SdukeThis manual page was \fIAutoGen\fP-erated from the \fBntp-keygen\fP 12210Sdukeoption definitions. 12220Sduke