1*f5f40dd6SCy Schubert.Dd May 25 2024 22b15cb3dSCy Schubert.Dt NTP_KEYS 5mdoc File Formats 3a466cc55SCy Schubert.Os FreeBSD 12.1-RELEASE_SI 42b15cb3dSCy Schubert.\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) 52b15cb3dSCy Schubert.\" 6*f5f40dd6SCy Schubert.\" It has been AutoGen-ed May 25, 2024 at 12:03:52 AM by AutoGen 5.18.16 72b15cb3dSCy Schubert.\" From the definitions ntp.keys.def 82b15cb3dSCy Schubert.\" and the template file agmdoc-file.tpl 92b15cb3dSCy Schubert.Sh NAME 102b15cb3dSCy Schubert.Nm ntp.keys 112b15cb3dSCy Schubert.Nd NTP symmetric key file format 122b15cb3dSCy Schubert 132b15cb3dSCy Schubert.Sh NAME 142b15cb3dSCy Schubert.Nm ntp.keys 152b15cb3dSCy Schubert.Nd NTP symmetric key file format 162b15cb3dSCy Schubert.Sh SYNOPSIS 172b15cb3dSCy Schubert.Nm 182b15cb3dSCy Schubert.Op Fl \-option\-name 192b15cb3dSCy Schubert.Op Fl \-option\-name Ar value 202b15cb3dSCy Schubert.Pp 212b15cb3dSCy SchubertAll arguments must be options. 222b15cb3dSCy Schubert.Pp 232b15cb3dSCy Schubert.Sh DESCRIPTION 242b15cb3dSCy SchubertThis document describes the format of an NTP symmetric key file. 252b15cb3dSCy SchubertFor a description of the use of this type of file, see the 262b15cb3dSCy Schubert.Qq Authentication Support 272b15cb3dSCy Schubertsection of the 282b15cb3dSCy Schubert.Xr ntp.conf 5 292b15cb3dSCy Schubertpage. 302b15cb3dSCy Schubert.Pp 312b15cb3dSCy Schubert.Xr ntpd 8 322b15cb3dSCy Schubertreads its keys from a file specified using the 332b15cb3dSCy Schubert.Fl k 342b15cb3dSCy Schubertcommand line option or the 352b15cb3dSCy Schubert.Ic keys 362b15cb3dSCy Schubertstatement in the configuration file. 372b15cb3dSCy SchubertWhile key number 0 is fixed by the NTP standard 382b15cb3dSCy Schubert(as 56 zero bits) 392b15cb3dSCy Schubertand may not be changed, 404e1ef62aSXin LIone or more keys numbered between 1 and 65535 412b15cb3dSCy Schubertmay be arbitrarily set in the keys file. 422b15cb3dSCy Schubert.Pp 432b15cb3dSCy SchubertThe key file uses the same comment conventions 442b15cb3dSCy Schubertas the configuration file. 452b15cb3dSCy SchubertKey entries use a fixed format of the form 462b15cb3dSCy Schubert.Pp 4768ba7e87SXin LI.D1 Ar keyno type key opt_IP_list 482b15cb3dSCy Schubert.Pp 492b15cb3dSCy Schubertwhere 502b15cb3dSCy Schubert.Ar keyno 514e1ef62aSXin LIis a positive integer (between 1 and 65535), 522b15cb3dSCy Schubert.Ar type 532b15cb3dSCy Schubertis the message digest algorithm, 542b15cb3dSCy Schubert.Ar key 5568ba7e87SXin LIis the key itself, and 5668ba7e87SXin LI.Ar opt_IP_list 5768ba7e87SXin LIis an optional comma\-separated list of IPs 5809100258SXin LIwhere the 5909100258SXin LI.Ar keyno 6009100258SXin LIshould be trusted. 6168ba7e87SXin LIthat are allowed to serve time. 6209100258SXin LIEach IP in 6309100258SXin LI.Ar opt_IP_list 6409100258SXin LImay contain an optional 6509100258SXin LI.Cm /subnetbits 6609100258SXin LIspecification which identifies the number of bits for 6709100258SXin LIthe desired subnet of trust. 6868ba7e87SXin LIIf 6968ba7e87SXin LI.Ar opt_IP_list 7068ba7e87SXin LIis empty, 7109100258SXin LIany properly\-authenticated message will be 7268ba7e87SXin LIaccepted. 732b15cb3dSCy Schubert.Pp 742b15cb3dSCy SchubertThe 752b15cb3dSCy Schubert.Ar key 762b15cb3dSCy Schubertmay be given in a format 772b15cb3dSCy Schubertcontrolled by the 782b15cb3dSCy Schubert.Ar type 792b15cb3dSCy Schubertfield. 802b15cb3dSCy SchubertThe 812b15cb3dSCy Schubert.Ar type 822b15cb3dSCy Schubert.Li MD5 832b15cb3dSCy Schubertis always supported. 842b15cb3dSCy SchubertIf 852b15cb3dSCy Schubert.Li ntpd 862b15cb3dSCy Schubertwas built with the OpenSSL library 872b15cb3dSCy Schubertthen any digest library supported by that library may be specified. 882b15cb3dSCy SchubertHowever, if compliance with FIPS 140\-2 is required the 892b15cb3dSCy Schubert.Ar type 902b15cb3dSCy Schubertmust be either 912b15cb3dSCy Schubert.Li SHA 922b15cb3dSCy Schubertor 932b15cb3dSCy Schubert.Li SHA1 . 942b15cb3dSCy Schubert.Pp 952b15cb3dSCy SchubertWhat follows are some key types, and corresponding formats: 962b15cb3dSCy Schubert.Pp 972b15cb3dSCy Schubert.Bl -tag -width RMD160 -compact 982b15cb3dSCy Schubert.It Li MD5 992b15cb3dSCy SchubertThe key is 1 to 16 printable characters terminated by 1002b15cb3dSCy Schubertan EOL, 1012b15cb3dSCy Schubertwhitespace, 1022b15cb3dSCy Schubertor 1032b15cb3dSCy Schuberta 1042b15cb3dSCy Schubert.Li # 1052b15cb3dSCy Schubert(which is the "start of comment" character). 1062b15cb3dSCy Schubert.Pp 1072b15cb3dSCy Schubert.It Li SHA 1082b15cb3dSCy Schubert.It Li SHA1 1092b15cb3dSCy Schubert.It Li RMD160 1102b15cb3dSCy SchubertThe key is a hex\-encoded ASCII string of 40 characters, 1112b15cb3dSCy Schubertwhich is truncated as necessary. 1122b15cb3dSCy Schubert.El 1132b15cb3dSCy Schubert.Pp 1142b15cb3dSCy SchubertNote that the keys used by the 1152b15cb3dSCy Schubert.Xr ntpq 8 1162b15cb3dSCy Schubertand 1172b15cb3dSCy Schubert.Xr ntpdc 8 1182b15cb3dSCy Schubertprograms are checked against passwords 1192b15cb3dSCy Schubertrequested by the programs and entered by hand, 1202b15cb3dSCy Schubertso it is generally appropriate to specify these keys in ASCII format. 1212b15cb3dSCy Schubert.Sh "OPTIONS" 1222b15cb3dSCy Schubert.Bl -tag 1232b15cb3dSCy Schubert.It Fl \-help 1242b15cb3dSCy SchubertDisplay usage information and exit. 1252b15cb3dSCy Schubert.It Fl \-more\-help 1262b15cb3dSCy SchubertPass the extended usage information through a pager. 1272b15cb3dSCy Schubert.It Fl \-version Op Brq Ar v|c|n 1282b15cb3dSCy SchubertOutput version of program and exit. The default mode is `v', a simple 1292b15cb3dSCy Schubertversion. The `c' mode will print copyright information and `n' will 1302b15cb3dSCy Schubertprint the full copyright notice. 1312b15cb3dSCy Schubert.El 1322b15cb3dSCy Schubert.Sh "OPTION PRESETS" 1332b15cb3dSCy SchubertAny option that is not marked as \fInot presettable\fP may be preset 1342b15cb3dSCy Schubertby loading values from environment variables named: 1352b15cb3dSCy Schubert.nf 1362b15cb3dSCy Schubert \fBNTP_KEYS_<option\-name>\fP or \fBNTP_KEYS\fP 1372b15cb3dSCy Schubert.fi 1382b15cb3dSCy Schubert.ad 1392b15cb3dSCy Schubert.Sh "ENVIRONMENT" 1402b15cb3dSCy SchubertSee \fBOPTION PRESETS\fP for configuration environment variables. 1412b15cb3dSCy Schubert.Sh FILES 1422b15cb3dSCy Schubert.Bl -tag -width /etc/ntp.keys -compact 1432b15cb3dSCy Schubert.It Pa /etc/ntp.keys 1442b15cb3dSCy Schubertthe default name of the configuration file 1452b15cb3dSCy Schubert.El 1462b15cb3dSCy Schubert.Sh "EXIT STATUS" 1472b15cb3dSCy SchubertOne of the following exit values will be returned: 1482b15cb3dSCy Schubert.Bl -tag 1492b15cb3dSCy Schubert.It 0 " (EXIT_SUCCESS)" 1502b15cb3dSCy SchubertSuccessful program execution. 1512b15cb3dSCy Schubert.It 1 " (EXIT_FAILURE)" 1522b15cb3dSCy SchubertThe operation failed or the command syntax was not valid. 1532b15cb3dSCy Schubert.It 70 " (EX_SOFTWARE)" 1542b15cb3dSCy Schubertlibopts had an internal operational error. Please report 1552b15cb3dSCy Schubertit to autogen\-users@lists.sourceforge.net. Thank you. 1562b15cb3dSCy Schubert.El 1572b15cb3dSCy Schubert.Sh "SEE ALSO" 1582b15cb3dSCy Schubert.Xr ntp.conf 5 , 1592b15cb3dSCy Schubert.Xr ntpd 1ntpdmdoc , 1602b15cb3dSCy Schubert.Xr ntpdate 1ntpdatemdoc , 1612b15cb3dSCy Schubert.Xr ntpdc 1ntpdcmdoc , 1622b15cb3dSCy Schubert.Xr sntp 1sntpmdoc 1632b15cb3dSCy Schubert.Sh "AUTHORS" 1642b15cb3dSCy SchubertThe University of Delaware and Network Time Foundation 1652b15cb3dSCy Schubert.Sh "COPYRIGHT" 166*f5f40dd6SCy SchubertCopyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved. 1672b15cb3dSCy SchubertThis program is released under the terms of the NTP license, <http://ntp.org/license>. 1682b15cb3dSCy Schubert.Sh "BUGS" 169a466cc55SCy SchubertPlease send bug reports to: https://bugs.ntp.org, bugs@ntp.org 1702b15cb3dSCy Schubert.Sh NOTES 1712b15cb3dSCy SchubertThis document was derived from FreeBSD. 1722b15cb3dSCy Schubert.Pp 1732b15cb3dSCy SchubertThis manual page was \fIAutoGen\fP\-erated from the \fBntp.keys\fP 1742b15cb3dSCy Schubertoption definitions. 175