Lines Matching +full:other +full:- +full:key
2 . it 1 an-trap
6 .ds B-Font [CB]
7 .ds I-Font [CI]
8 .ds R-Font [CR]
10 .ds B-Font B
11 .ds I-Font I
12 .ds R-Font R
13 .TH ntp-keygen @NTP_KEYGEN_MS@ "25 May 2024" "ntp (4.2.8p18)" "User Commands"
15 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
17 .\" It has been AutoGen-ed May 25, 2024 at 12:04:51 AM by AutoGen 5.18.16
18 .\" From the definitions ntp-keygen-opts.def
19 .\" and the template file agman-cmd.tpl
21 \f\*[B-Font]ntp-keygen\fP
22 \- Create a NTP host key
24 \f\*[B-Font]ntp-keygen\fP
26 [\f\*[B-Font]\-flags\f[]]
27 [\f\*[B-Font]\-flag\f[] [\f\*[I-Font]value\f[]]]
28 [\f\*[B-Font]\-\-option-name\f[][[=| ]\f\*[I-Font]value\f[]]]
39 It can generate message digest keys used in symmetric key cryptography and,
42 public key cryptography.
51 All other files are in PEM-encoded printable ASCII format,
52 so they can be embedded as MIME attachments in email to other sites
59 produces a file containing ten pseudo-random printable ASCII strings
63 hex-encoded random bit strings suitable for SHA1, AES-128-CMAC, and
64 other message digest algorithms.
76 The remaining generated files are compatible with other OpenSSL
77 applications and other Public Key Infrastructure (PKI) resources.
82 other than Autokey.
88 \f\*[B-Font]\-p\f[]
90 \f\*[B-Font]\-q\f[]
97 \f\*[B-Font]ntp-keygen\fP
107 \f\*[B-Font]pw\f[]
109 \f\*[B-Font]crypto\f[]
131 Other files and links are usually installed in
134 NFS-mounted networks and cannot be changed by shared clients.
139 \f\*[B-Font]keysdir\f[]
150 where they can be piped to other applications or redirected to files.
160 \f\*[B-Font]ntp-keygen\fP
163 \f\*[I-Font]keys\f[]
172 \f\*[I-Font]keys\f[]
178 \f\*[B-Font]ntp-keygen\fP
180 \f\*[B-Font]RSA\f[]
181 host key and matching
182 \f\*[B-Font]RSA-MD5\f[]
193 The host key is used to encrypt the cookie when required and so must be
194 \f\*[B-Font]RSA\f[]
196 By default, the host key is also the sign key used to encrypt signatures.
197 When necessary, a different sign key can be specified and this can be
199 \f\*[B-Font]RSA\f[]
201 \f\*[B-Font]DSA\f[]
204 \f\*[B-Font]MD5\f[],
206 of sign key type and message digest type supported by the OpenSSL library
208 \f\*[B-Font]AES128CMAC\f[], \f\*[B-Font]MD2\f[], \f\*[B-Font]MD5\f[], \f\*[B-Font]MDC2\f[], \f\*[B-Font]SHA\f[], \f\*[B-Font]SHA1\f[]
210 \f\*[B-Font]RIPE160\f[]
213 with the sign key.
215 \f\*[B-Font]RSA\f[]
218 \f\*[B-Font]SHA\f[]
220 \f\*[B-Font]SHA1\f[]
222 \f\*[B-Font]DSA\f[]
227 Private/public key files and certificates are compatible with
228 other OpenSSL applications and very likely other libraries as well.
233 as the other files, are probably not compatible with anything other than Autokey.
237 Running the program as other than root and using the Unix
254 Installing the keys as root might not work in NFS-mounted
261 \f\*[B-Font]keysdir\f[]
265 of other clients or servers, as these data are obtained automatically
272 for other hosts; however, in such cases files should always be encrypted.
277 The owner name is also used for the host and sign key files,
285 in NFS-mounted networks.
296 including the host key, sign key and identification parameters,
297 are permitted root read/write-only;
303 \f\*[I-Font]hostname\f[]
305 \f\*[I-Font]filestamp\f[]
320 \f\*[I-Font]filestamp\f[].
324 \f\*[I-Font]filestamp\f[]
329 \f\*[B-Font]ntp-keygen\fP
331 \f\*[I-Font]filestamp\f[]
340 \f\*[B-Font]ntp-keygen\fP
342 \f\*[B-Font]\-T\f[]
344 Then configure the other hosts to synchronize to the TH directly or
353 The host key is used to encrypt the cookie when required and so must be
355 By default, the host key is also the sign key used to encrypt
357 A different sign key can be assigned using the
358 \f\*[B-Font]\-S\f[]
360 \f\*[B-Font]RSA\f[]
362 \f\*[B-Font]DSA\f[]
366 \f\*[B-Font]MD5\f[],
367 but any combination of sign key type and
370 \f\*[B-Font]\-c\f[]
378 This of course creates a chicken-and-egg problem
381 should be set by some other means, such as eyeball-and-wristwatch, at
384 certificate should be re-generated.
389 \*[Lq]Autokey Public-Key Authentication\*[Rq]
397 \fI_\f[]\f\*[I-Font]hostname\f[]. \f\*[I-Font]filestamp\f[],
399 \f\*[I-Font]hostname\f[]
404 \f\*[I-Font]filestamp\f[]
409 \f\*[B-Font]rm\f[] \fIntpkey\&*\f[]
412 \f\*[B-Font]rm\f[] \fI\&*\f[]\f\*[I-Font]filestamp\f[]
425 \f\*[B-Font]RSA\f[]
427 \f\*[B-Font]MD5\f[]
430 \f\*[B-Font]TC\f[]
432 First, configure a NTP subnet including one or more low-stratum
433 trusted hosts from which all other hosts derive synchronization
436 all other hosts have nontrusted certificates.
454 \f\*[B-Font]ntp-keygen\fP
455 \f\*[B-Font]\-T\f[]
457 On all other hosts do the same, but leave off the
458 \f\*[B-Font]\-T\f[]
467 If it is necessary to use a different sign key or different digest/signature
469 \f\*[B-Font]ntp-keygen\fP
471 \f\*[B-Font]\-S\f[] \f\*[I-Font]type\f[]
473 \f\*[I-Font]type\f[]
475 \f\*[B-Font]RSA\f[]
477 \f\*[B-Font]DSA\f[].
479 \f\*[B-Font]DSA\f[]\-signed
483 \f\*[B-Font]ntp-keygen\fP
485 \f\*[B-Font]\-c\f[] \f\*[I-Font]scheme\f[]
487 \f\*[I-Font]scheme\f[]
490 \f\*[B-Font]ntp-keygen\fP
492 using the same scheme and sign key, and soft link.
499 \f\*[B-Font]ntp-keygen\fP
502 However, if the host or sign key is changed,
508 Other dependent hosts will continue as usual until signatures are refreshed,
513 \f\*[B-Font]TC\f[]
517 \f\*[B-Font]PC\f[], \f\*[B-Font]IFF\f[], \f\*[B-Font]GQ\f[]
519 \f\*[B-Font]MV\f[]
539 only as clients have key files that contain only client keys.
545 \f\*[B-Font]ntp-keygen\fP
546 \f\*[B-Font]\-P\f[]
547 \f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[]
548 to generate the host key file
549 \fIntpkey\f[]_ \f\*[B-Font]RSA\f[] \fIkey_alice.\f[] \f\*[I-Font]filestamp\f[]
551 \fIntpkey\f[]_ \f\*[B-Font]RSA-MD5\f[] \f\*[B-Font]_\f[] \fIcert_alice.\f[] \f\*[I-Font]filestamp\f[],
554 they replace the files which would be generated in other schemes.
556 \f\*[I-Font]bob\f[]
558 \fIntpkey_host_\f[]\f\*[I-Font]bob\f[]
559 to the host key file and soft link
560 \fIntpkey_cert_\f[]\f\*[I-Font]bob\f[]
566 to all other hosts in the group, and recreating the soft links.
571 \f\*[B-Font]IFF\f[]
573 \f\*[B-Font]TC\f[]
577 \f\*[B-Font]IFF\f[]
580 \f\*[B-Font]ntp-keygen\fP
581 \f\*[B-Font]\-T\f[]
582 \f\*[B-Font]\-I\f[]
583 \f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[]
585 \fIntpkey_IFFpar_alice.\f[]\f\*[I-Font]filestamp\f[],
594 \f\*[B-Font]IFF\f[]
605 \f\*[B-Font]ntp-keygen\fP
606 \f\*[B-Font]\-e\f[]
618 \f\*[B-Font]GQ\f[]
620 \f\*[B-Font]TC\f[]
624 \f\*[B-Font]IFF\f[]
627 \f\*[B-Font]ntp-keygen\fP
628 \f\*[B-Font]\-T\f[]
629 \f\*[B-Font]\-G\f[]
630 \f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[]
632 \fIntpkey_GQpar_alice.\f[]\f\*[I-Font]filestamp\f[],
639 \f\*[I-Font]bob\f[]
642 \fIntpkey_gq_\f[]\f\*[I-Font]bob\f[]
645 \f\*[B-Font]GQ\f[]
647 \f\*[B-Font]GQ\f[]
654 \f\*[B-Font]MV\f[]
656 \f\*[B-Font]TC\f[]
662 \f\*[B-Font]ntp-keygen\fP
663 \f\*[B-Font]\-V\f[] \f\*[I-Font]n\f[]
664 \f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[],
666 \f\*[I-Font]n\f[]
669 \fIntpkeys_MVpar_trish.\f[]\f\*[I-Font]filestamp\f[]
670 and client key files
671 \fIntpkeys_MVkey\f[]\f\*[I-Font]d\f[] \f\*[I-Font]_\f[] \fItrish.\f[] \f\*[I-Font]filestamp\f[]
673 \f\*[I-Font]d\f[]
674 is the key number (0 \&<
675 \f\*[I-Font]d\f[]
677 \f\*[I-Font]n\f[]).
682 Copy one of the client key files to alice for later distribution
684 It does not matter which client key file goes to alice,
686 Alice copies the client key file to all of her clients.
689 to the client key file.
691 \f\*[B-Font]MV\f[]
696 .NOP \f\*[B-Font]\-b\f[] \f\*[B-Font]\-\-imbits\f[]= \f\*[I-Font]modulus\f[]
698 \f\*[I-Font]modulus\f[]
705 .NOP \f\*[B-Font]\-c\f[] \f\*[B-Font]\-\-certificate\f[]= \f\*[I-Font]scheme\f[]
708 \f\*[I-Font]scheme\f[]
710 \f\*[B-Font]RSA-MD2\f[], \f\*[B-Font]RSA-MD5\f[], \f\*[B-Font]RSA-MDC2\f[], \f\*[B-Font]RSA-SHA\f[], \f\*[B-Font]RSA-SHA1\f[], \f\*[B-Font]RSA-RIPEMD160\f[], \f\*[B-Font]DSA-SHA\f[],
712 \f\*[B-Font]DSA-SHA1\f[].
714 \f\*[B-Font]RSA\f[]
716 \f\*[B-Font]RSA\f[]
717 sign key and
718 \f\*[B-Font]DSA\f[]
720 \f\*[B-Font]DSA\f[]
721 sign key.
723 \f\*[B-Font]RSA-MD5\f[].
724 If compatibility with FIPS 140-2 is required, either the
725 \f\*[B-Font]DSA-SHA\f[]
727 \f\*[B-Font]DSA-SHA1\f[]
730 .NOP \f\*[B-Font]\-C\f[] \f\*[B-Font]\-\-cipher\f[]= \f\*[I-Font]cipher\f[]
732 The default without this option is three-key triple DES in CBC mode,
733 \f\*[B-Font]des-ede3-cbc\f[].
735 \f\*[B-Font]openssl\f[] \f\*[B-Font]\-h\f[]
738 .NOP \f\*[B-Font]\-d\f[] \f\*[B-Font]\-\-debug-level\f[]
740 This option displays the cryptographic data produced in eye-friendly billboards.
742 .NOP \f\*[B-Font]\-D\f[] \f\*[B-Font]\-\-set-debug-level\f[]= \f\*[I-Font]level\f[]
744 \f\*[I-Font]level\f[].
745 This option displays the cryptographic data produced in eye-friendly billboards.
747 .NOP \f\*[B-Font]\-e\f[] \f\*[B-Font]\-\-id-key\f[]
749 \f\*[B-Font]IFF\f[]
751 \f\*[B-Font]GQ\f[]
753 \f\*[I-Font]IFFkey\f[] \f\*[I-Font]or\f[] \f\*[I-Font]GQkey\f[]
757 This is intended for automatic key distribution by email.
759 .NOP \f\*[B-Font]\-G\f[] \f\*[B-Font]\-\-gq-params\f[]
761 \f\*[B-Font]GQ\f[]
762 parameters and key file for the Guillou-Quisquater (GQ) identity scheme.
764 \f\*[B-Font]\-I\f[]
766 \f\*[B-Font]\-V\f[]
769 .NOP \f\*[B-Font]\-H\f[] \f\*[B-Font]\-\-host-key\f[]
771 \f\*[B-Font]RSA\f[]
772 public/private host key file.
774 .NOP \f\*[B-Font]\-I\f[] \f\*[B-Font]\-\-iffkey\f[]
776 \f\*[B-Font]IFF\f[]
777 key file for the Schnorr (IFF) identity scheme.
779 \f\*[B-Font]\-G\f[]
784 .NOP \f\*[B-Font]\-i\f[] \f\*[B-Font]\-\-ident\f[]= \f\*[I-Font]group\f[]
786 \f\*[I-Font]group\f[].
788 \f\*[B-Font]IFF\f[], \f\*[B-Font]GQ\f[],
790 \f\*[B-Font]MV\f[]
794 \f\*[B-Font]\-i\f[]
796 \f\*[B-Font]\-s\f[]
800 \f\*[I-Font]host\f[] \f\*[I-Font]@@\f[] \f\*[I-Font]group\f[]
802 \f\*[B-Font]crypto\f[] \f\*[B-Font]ident\f[]
804 \f\*[B-Font]server\f[] \f\*[B-Font]ident\f[]
807 .NOP \f\*[B-Font]\-l\f[] \f\*[B-Font]\-\-lifetime\f[]= \f\*[I-Font]days\f[]
809 \f\*[I-Font]days\f[].
812 .NOP \f\*[B-Font]\-m\f[] \f\*[B-Font]\-\-modulus\f[]= \f\*[I-Font]bits\f[]
814 \f\*[I-Font]bits\f[].
819 .NOP \f\*[B-Font]\-M\f[] \f\*[B-Font]\-\-md5key\f[]
821 \f\*[B-Font]MD5\f[]
823 \f\*[B-Font]SHA\f[]
826 \f\*[B-Font]MD5\f[]
827 key is a string of 20 random printable ASCII characters, while a
828 \f\*[B-Font]SHA\f[]
829 key is a string of 40 random hex digits.
830 The file can be edited using a text editor to change the key type or key content.
831 This option is mutually exclusive with all other options.
833 .NOP \f\*[B-Font]\-p\f[] \f\*[B-Font]\-\-password\f[]= \f\*[I-Font]passwd\f[]
835 \f\*[I-Font]passwd\f[].
836 These include the host, sign and identify key files.
838 \f\*[B-Font]hostname\f[]
841 .NOP \f\*[B-Font]\-P\f[] \f\*[B-Font]\-\-pvt-cert\f[]
843 \f\*[B-Font]PC\f[]
848 .NOP \f\*[B-Font]\-q\f[] \f\*[B-Font]\-\-export-passwd\f[]= \f\*[I-Font]passwd\f[]
850 \f\*[B-Font]IFF\f[], \f\*[B-Font]GQ\f[] \f\*[B-Font]and\f[] \f\*[B-Font]MV\f[]
854 \f\*[I-Font]passwd\f[].
856 \f\*[B-Font]\-p\f[]
858 \f\*[B-Font]\-q\f[]
861 \f\*[B-Font]hostname\f[]
864 .NOP \f\*[B-Font]\-s\f[] \f\*[B-Font]\-\-subject-key\f[]= [host] [@@ \f\*[I-Font]group\f[]]
866 \f\*[I-Font]host\f[]
868 \f\*[I-Font]group\f[]
871 \f\*[I-Font]host\f[] \f\*[I-Font]@@\f[] \f\*[I-Font]group\f[]
874 \f\*[B-Font]\-s\f[] \f\*[B-Font]\-@@\f[] \f\*[I-Font]group\f[]
876 \f\*[B-Font]\-i\f[] \f\*[I-Font]group\f[].
879 \f\*[B-Font]IFF\f[], \f\*[B-Font]GQ\f[],
881 \f\*[B-Font]MV\f[]
884 \f\*[I-Font]host\f[]
886 \f\*[B-Font]hostname\f[]
889 .NOP \f\*[B-Font]\-S\f[] \f\*[B-Font]\-\-sign-key\f[]= [\f\*[B-Font]RSA\f[] | \f\*[B-Font]DSA\f[]]
890 Generate a new encrypted public/private sign key file of the specified type.
891 By default, the sign key is the host key and has the same type.
892 If compatibility with FIPS 140-2 is required, the sign key type must be
893 \f\*[B-Font]DSA\f[].
895 .NOP \f\*[B-Font]\-T\f[] \f\*[B-Font]\-\-trusted-cert\f[]
897 By default, the program generates a non-trusted certificate.
899 .NOP \f\*[B-Font]\-V\f[] \f\*[B-Font]\-\-mv-params\f[] \f\*[I-Font]nkeys\f[]
901 \f\*[I-Font]nkeys\f[]
902 encrypted server keys and parameters for the Mu-Varadharajan (MV)
905 \f\*[B-Font]\-I\f[]
907 \f\*[B-Font]\-G\f[]
912 All cryptographically sound key generation schemes must have means
914 the internal pseudo-random number generator used
918 \f\*[B-Font]ntp-keygen\fP
929 can be used to do this and some systems have built-in entropy sources.
940 \f\*[B-Font]ntp-keygen\fP
944 \f\*[B-Font]randfile\f[]
946 \f\*[B-Font]crypto\f[]
949 \f\*[B-Font]ntp-keygen\fP
955 whether root or some other user.
963 \f\*[B-Font]ntp-keygen\fP
977 \fIntpkey_\f[]\f\*[I-Font]key\f[] \f\*[I-Font]_\f[] \f\*[I-Font]name\f[]. \f\*[I-Font]filestamp\f[],
979 \f\*[I-Font]key\f[]
980 is the key or parameter type,
981 \f\*[I-Font]name\f[]
983 \f\*[I-Font]filestamp\f[]
986 \f\*[I-Font]key\f[]
989 \f\*[I-Font]key\f[]
998 \f\*[B-Font]ntp-keygen\fP
1006 rules, then encrypted if necessary, and finally written in PEM-encoded
1013 is somewhat different than the other files in the interest of backward compatibility.
1021 1 MD5 L";Nw<\`.I<f4U0)247"i # MD5 key
1022 2 MD5 &>l0%XXK9O'51VwV<xq~ # MD5 key
1023 3 MD5 lb4zLW~d^!K:]RsD'qb6 # MD5 key
1024 4 MD5 Yue:tL[+vR)M\`n~bY,'? # MD5 key
1025 5 MD5 B;fx'Kgr/&4ZTbL6=RxA # MD5 key
1026 6 MD5 4eYwa\`o}3i@@@@V@@..R9!l # MD5 key
1027 7 MD5 \`A.([h+;wTQ|xfi%Sn_! # MD5 key
1028 8 MD5 45:V,r4]l6y^JH6"Sh?F # MD5 key
1029 9 MD5 3-5vcn*6l29DS?Xdsg)* # MD5 key
1030 10 MD5 2late4Me # MD5 key
1031 11 SHA1 a27872d3030a9025b8446c751b4551a7629af65c # SHA1 key
1032 12 SHA1 21bc3b4865dbb9e920902abdccb3e04ff97a5e74 # SHA1 key
1033 13 SHA1 2b7736fe24fef5ba85ae11594132ab5d6f6daba9 # SHA1 key
1034 14 SHA a5332809c8878dd3a5b918819108a111509aeceb # SHA key
1035 15 MD2 2fe16c88c760ff2f16d4267e36c1aa6c926e6964 # MD2 key
1036 16 MD4 b2691811dc19cfc0e2f9bcacd74213f29812183d # MD4 key
1037 17 MD5 e4d6735b8bdad58ec5ffcb087300a17f7fef1f7c # MD5 key
1038 18 MDC2 a8d5e2315c025bf3a79174c87fbd10477de2eabc # MDC2 key
1039 19 RIPEMD160 77ca332cafb30e3cafb174dcd5b80ded7ba9b3d2 # RIPEMD160 key
1040 20 AES128CMAC f92ff73eee86c1e7dc638d6489a04e4e555af878 # AES128CMAC key
1041 .in -4
1044 Figure 1. Typical Symmetric Key File
1045 .in -4
1053 \f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[]
1054 .in -4
1056 \f\*[I-Font]keyno\f[]
1057 is a positive integer in the range 1-65535;
1058 \f\*[I-Font]type\f[]
1059 is the key type for the message digest algorithm, which in the absence of the
1061 \f\*[B-Font]MD5\f[]
1063 if the OpenSSL library is installed, the key type can be any
1065 however, if compatibility with FIPS 140-2 is required,
1066 the key type must be either
1067 \f\*[B-Font]SHA\f[]
1069 \f\*[B-Font]SHA1\f[];
1070 \f\*[I-Font]key\f[]
1071 is the key itself,
1083 An OpenSSL key consists of a hex-encoded ASCII string of 40 characters, which
1100 \f\*[B-Font]ntp-keygen\fP
1102 \fIntpkey_MD5key_\f[]\f\*[I-Font]hostname\f[]. \f\*[I-Font]filestamp\f[].
1105 to other subnet hosts.
1109 \f\*[B-Font]ntp-keygen\fP
1112 or automated means on the other subnet hosts.
1122 .NOP \f\*[B-Font]\-b\f[] \f\*[I-Font]imbits\f[], \f\*[B-Font]\-\-imbits\f[]=\f\*[I-Font]imbits\f[]
1126 \f\*[I-Font]imbits\f[]
1133 .in -4
1137 .NOP \f\*[B-Font]\-c\f[] \f\*[I-Font]scheme\f[], \f\*[B-Font]\-\-certificate\f[]=\f\*[I-Font]scheme\f[]
1141 RSA-MD2, RSA-MD5, RSA-MDC2, RSA-SHA, RSA-SHA1, RSA-RIPEMD160,
1142 DSA-SHA, or DSA-SHA1.
1145 Note that RSA schemes must be used with a RSA sign key and DSA
1146 schemes must be used with a DSA sign key. The default without
1147 this option is RSA-MD5.
1149 .NOP \f\*[B-Font]\-C\f[] \f\*[I-Font]cipher\f[], \f\*[B-Font]\-\-cipher\f[]=\f\*[I-Font]cipher\f[]
1153 private keys. The default is three-key triple DES in CBC mode,
1154 equivalent to "\fB-C des-ede3-cbc\fP". The openssl tool lists ciphers
1155 available in "\fBopenssl \-h\fP" output.
1157 .NOP \f\*[B-Font]\-d\f[], \f\*[B-Font]\-\-debug\-level\f[]
1162 .NOP \f\*[B-Font]\-D\f[] \f\*[I-Font]number\f[], \f\*[B-Font]\-\-set\-debug\-level\f[]=\f\*[I-Font]number\f[]
1168 .NOP \f\*[B-Font]\-e\f[], \f\*[B-Font]\-\-id\-key\f[]
1173 This is intended for automatic key distribution by email.
1175 .NOP \f\*[B-Font]\-G\f[], \f\*[B-Font]\-\-gq\-params\f[]
1181 .NOP \f\*[B-Font]\-H\f[], \f\*[B-Font]\-\-host\-key\f[]
1182 generate RSA host key.
1186 .NOP \f\*[B-Font]\-I\f[], \f\*[B-Font]\-\-iffkey\f[]
1192 .NOP \f\*[B-Font]\-i\f[] \f\*[I-Font]group\f[], \f\*[B-Font]\-\-ident\f[]=\f\*[I-Font]group\f[]
1198 provided. The group name, if specified using \fB-i/--ident\fP or
1199 using \fB-s/--subject-name\fP following an '\fB@@\fP' character,
1200 is also a part of the self-signed host certificate subject and
1205 .NOP \f\*[B-Font]\-l\f[] \f\*[I-Font]lifetime\f[], \f\*[B-Font]\-\-lifetime\f[]=\f\*[I-Font]lifetime\f[]
1211 .NOP \f\*[B-Font]\-m\f[] \f\*[I-Font]modulus\f[], \f\*[B-Font]\-\-modulus\f[]=\f\*[I-Font]modulus\f[]
1215 \f\*[I-Font]modulus\f[]
1222 .in -4
1226 .NOP \f\*[B-Font]\-M\f[], \f\*[B-Font]\-\-md5key\f[]
1231 .NOP \f\*[B-Font]\-P\f[], \f\*[B-Font]\-\-pvt\-cert\f[]
1237 .NOP \f\*[B-Font]\-p\f[] \f\*[I-Font]passwd\f[], \f\*[B-Font]\-\-password\f[]=\f\*[I-Font]passwd\f[]
1241 DES-CBC algorithm and the specified password. The same password
1246 .NOP \f\*[B-Font]\-q\f[] \f\*[I-Font]passwd\f[], \f\*[B-Font]\-\-export\-passwd\f[]=\f\*[I-Font]passwd\f[]
1250 encrypted with the DES-CBC algorithm and the specified password.
1253 --id-key (-e) for unencrypted exports.
1255 .NOP \f\*[B-Font]\-s\f[] \f\*[I-Font]host@group\f[], \f\*[B-Font]\-\-subject\-name\f[]=\f\*[I-Font]host@group\f[]
1263 fields. Specifying '\fB-s @@group\fP' is allowed, and results in
1265 subject and issuer fields, as with \fB-i group\fP. The group name, or
1269 .NOP \f\*[B-Font]\-S\f[] \f\*[I-Font]sign\f[], \f\*[B-Font]\-\-sign\-key\f[]=\f\*[I-Font]sign\f[]
1270 generate sign key (RSA or DSA).
1272 Generate a new sign key of the designated type, obsoleting any
1273 that may exist. By default, the program uses the host key as the
1274 sign key.
1276 .NOP \f\*[B-Font]\-T\f[], \f\*[B-Font]\-\-trusted\-cert\f[]
1280 a non-trusted certificate.
1282 .NOP \f\*[B-Font]\-V\f[] \f\*[I-Font]num\f[], \f\*[B-Font]\-\-mv\-params\f[]=\f\*[I-Font]num\f[]
1286 Generate parameters and keys for the Mu-Varadharajan (MV)
1289 .NOP \f\*[B-Font]\-v\f[] \f\*[I-Font]num\f[], \f\*[B-Font]\-\-mv\-keys\f[]=\f\*[I-Font]num\f[]
1295 .NOP \f\*[B-Font]\-\&?\f[], \f\*[B-Font]\-\-help\f[]
1298 .NOP \f\*[B-Font]\-\&!\f[], \f\*[B-Font]\-\-more-help\f[]
1301 .NOP \f\*[B-Font]\->\f[] [\f\*[I-Font]cfgfile\f[]], \f\*[B-Font]\-\-save-opts\f[] [=\f\*[I-Font]cfgfile\f[]]
1306 .NOP \f\*[B-Font]\-<\f[] \f\*[I-Font]cfgfile\f[], \f\*[B-Font]\-\-load-opts\f[]=\f\*[I-Font]cfgfile\f[], \f\*[B-Font]\-\-no-load-opts\f[]
1308 The \fIno-load-opts\fP form will disable the loading
1309 of earlier config/rc/ini files. \fI\-\-no-load-opts\fP is handled early,
1312 .NOP \f\*[B-Font]\-\-version\f[] [{\f\*[I-Font]v|c|n\f[]}]
1322 \fBNTP_KEYGEN_<option-name>\fP or \fBNTP_KEYGEN\fP
1349 it to autogen-users@lists.sourceforge.net. Thank you.
1354 Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
1371 This manual page was \fIAutoGen\fP-erated from the \fBntp-keygen\fP