1@node ntp.keys Notes 2@section Notes about ntp.keys 3@pindex ntp.keys 4@cindex NTP symmetric key file format 5@ignore 6# 7# EDIT THIS FILE WITH CAUTION (invoke-ntp.keys.texi) 8# 9# It has been AutoGen-ed January 7, 2016 at 11:30:52 PM by AutoGen 5.18.5 10# From the definitions ntp.keys.def 11# and the template file agtexi-file.tpl 12@end ignore 13 14 15 16This document describes the format of an NTP symmetric key file. 17For a description of the use of this type of file, see the 18"Authentication Support" 19section of the 20@code{ntp.conf(5)} 21page. 22 23@code{ntpd(8)} 24reads its keys from a file specified using the 25@code{-k} 26command line option or the 27@code{keys} 28statement in the configuration file. 29While key number 0 is fixed by the NTP standard 30(as 56 zero bits) 31and may not be changed, 32one or more keys numbered between 1 and 65534 33may be arbitrarily set in the keys file. 34 35The key file uses the same comment conventions 36as the configuration file. 37Key entries use a fixed format of the form 38 39@example 40@kbd{keyno} @kbd{type} @kbd{key} 41@end example 42 43where 44@kbd{keyno} 45is a positive integer (between 1 and 65534), 46@kbd{type} 47is the message digest algorithm, 48and 49@kbd{key} 50is the key itself. 51 52The 53@kbd{key} 54may be given in a format 55controlled by the 56@kbd{type} 57field. 58The 59@kbd{type} 60@code{MD5} 61is always supported. 62If 63@code{ntpd} 64was built with the OpenSSL library 65then any digest library supported by that library may be specified. 66However, if compliance with FIPS 140-2 is required the 67@kbd{type} 68must be either 69@code{SHA} 70or 71@code{SHA1}. 72 73What follows are some key types, and corresponding formats: 74 75@table @asis 76@item @code{MD5} 77The key is 1 to 16 printable characters terminated by 78an EOL, 79whitespace, 80or 81a 82@code{#} 83(which is the "start of comment" character). 84 85@item @code{SHA} 86@item @code{SHA1} 87@item @code{RMD160} 88The key is a hex-encoded ASCII string of 40 characters, 89which is truncated as necessary. 90@end table 91 92Note that the keys used by the 93@code{ntpq(8)} 94and 95@code{ntpdc(8)} 96programs are checked against passwords 97requested by the programs and entered by hand, 98so it is generally appropriate to specify these keys in ASCII format. 99 100This section was generated by @strong{AutoGen}, 101using the @code{agtexi-cmd} template and the option descriptions for the @code{ntp.keys} program. 102This software is released under the NTP license, <http://ntp.org/license>. 103 104@menu 105* ntp.keys Files:: Files 106* ntp.keys See Also:: See Also 107* ntp.keys Notes:: Notes 108@end menu 109 110@node ntp.keys Files 111@subsection ntp.keys Files 112@table @asis 113@item @file{/etc/ntp.keys} 114the default name of the configuration file 115@end table 116@node ntp.keys See Also 117@subsection ntp.keys See Also 118@code{ntp.conf(5)}, 119@code{ntpd(1ntpdmdoc)}, 120@code{ntpdate(1ntpdatemdoc)}, 121@code{ntpdc(1ntpdcmdoc)}, 122@code{sntp(1sntpmdoc)} 123@node ntp.keys Notes 124@subsection ntp.keys Notes 125This document was derived from FreeBSD. 126