1052d159aSCy Schubert<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 2052d159aSCy Schubert<html> 3a466cc55SCy Schubert<!-- Created by GNU Texinfo 6.6, http://www.gnu.org/software/texinfo/ --> 42b15cb3dSCy Schubert<head> 5052d159aSCy Schubert<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 62b15cb3dSCy Schubert<title>NTP Symmetric Key</title> 7052d159aSCy Schubert 82b15cb3dSCy Schubert<meta name="description" content="NTP Symmetric Key"> 9052d159aSCy Schubert<meta name="keywords" content="NTP Symmetric Key"> 10052d159aSCy Schubert<meta name="resource-type" content="document"> 11052d159aSCy Schubert<meta name="distribution" content="global"> 12052d159aSCy Schubert<meta name="Generator" content="makeinfo"> 13052d159aSCy Schubert<link href="#Top" rel="start" title="Top"> 14052d159aSCy Schubert<link href="dir.html#Top" rel="up" title="(dir)"> 15052d159aSCy Schubert<style type="text/css"> 16052d159aSCy Schubert<!-- 17052d159aSCy Schuberta.summary-letter {text-decoration: none} 18052d159aSCy Schubertblockquote.indentedblock {margin-right: 0em} 19052d159aSCy Schubertdiv.display {margin-left: 3.2em} 20052d159aSCy Schubertdiv.example {margin-left: 3.2em} 21052d159aSCy Schubertdiv.lisp {margin-left: 3.2em} 22052d159aSCy Schubertkbd {font-style: oblique} 232b15cb3dSCy Schubertpre.display {font-family: inherit} 242b15cb3dSCy Schubertpre.format {font-family: inherit} 25052d159aSCy Schubertpre.menu-comment {font-family: serif} 26052d159aSCy Schubertpre.menu-preformatted {font-family: serif} 27052d159aSCy Schubertspan.nolinebreak {white-space: nowrap} 28052d159aSCy Schubertspan.roman {font-family: initial; font-weight: normal} 29052d159aSCy Schubertspan.sansserif {font-family: sans-serif; font-weight: normal} 30052d159aSCy Schubertul.no-bullet {list-style: none} 31052d159aSCy Schubert--> 32052d159aSCy Schubert</style> 33052d159aSCy Schubert 34052d159aSCy Schubert 352b15cb3dSCy Schubert</head> 36052d159aSCy Schubert 37052d159aSCy Schubert<body lang="en"> 38052d159aSCy Schubert<h1 class="settitle" align="center">NTP Symmetric Key</h1> 39052d159aSCy Schubert 40052d159aSCy Schubert 41052d159aSCy Schubert 42052d159aSCy Schubert 43052d159aSCy Schubert 44a466cc55SCy Schubert<span id="Top"></span><div class="header"> 45052d159aSCy Schubert<p> 46052d159aSCy SchubertNext: <a href="#ntp_002ekeys-Description" accesskey="n" rel="next">ntp.keys Description</a>, Previous: <a href="dir.html#Top" accesskey="p" rel="prev">(dir)</a>, Up: <a href="dir.html#Top" accesskey="u" rel="up">(dir)</a> </p> 472b15cb3dSCy Schubert</div> 48a466cc55SCy Schubert<span id="NTP_0027s-Symmetric-Key-File-User-Manual"></span><h1 class="top">NTP’s Symmetric Key File User Manual</h1> 492b15cb3dSCy Schubert 50052d159aSCy Schubert<p>This document describes the symmetric key file for the NTP Project’s 512b15cb3dSCy Schubert<code>ntpd</code> program. 52052d159aSCy Schubert</p> 53*f5f40dd6SCy Schubert<p>This document applies to version 4.2.8p18 of <code>ntp.keys</code>. 54052d159aSCy Schubert</p> 55a466cc55SCy Schubert<span id="SEC_Overview"></span> 56052d159aSCy Schubert<h2 class="shortcontents-heading">Short Table of Contents</h2> 572b15cb3dSCy Schubert 582b15cb3dSCy Schubert<div class="shortcontents"> 59052d159aSCy Schubert<ul class="no-bullet"> 60a466cc55SCy Schubert<li><a id="stoc-Description" href="#toc-Description">1 Description</a></li> 612b15cb3dSCy Schubert</ul> 622b15cb3dSCy Schubert</div> 632b15cb3dSCy Schubert 642b15cb3dSCy Schubert 65052d159aSCy Schubert<table class="menu" border="0" cellspacing="0"> 66a466cc55SCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Description" accesskey="1">ntp.keys Description</a></td><td> </td><td align="left" valign="top"> 67052d159aSCy Schubert</td></tr> 68a466cc55SCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="2">ntp.keys Notes</a></td><td> </td><td align="left" valign="top"> 69052d159aSCy Schubert</td></tr> 70052d159aSCy Schubert</table> 71052d159aSCy Schubert 72052d159aSCy Schubert<hr> 73a466cc55SCy Schubert<span id="ntp_002ekeys-Description"></span><div class="header"> 74052d159aSCy Schubert<p> 75052d159aSCy SchubertPrevious: <a href="#Top" accesskey="p" rel="prev">Top</a>, Up: <a href="#Top" accesskey="u" rel="up">Top</a> </p> 762b15cb3dSCy Schubert</div> 77a466cc55SCy Schubert<span id="Description"></span><h2 class="chapter">1 Description</h2> 782b15cb3dSCy Schubert 792b15cb3dSCy Schubert<p>The name and location of the symmetric key file for <code>ntpd</code> can 802b15cb3dSCy Schubertbe specified in a configuration file, by default <code>/etc/ntp.keys</code>. 81052d159aSCy Schubert</p> 82052d159aSCy Schubert<table class="menu" border="0" cellspacing="0"> 83a466cc55SCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="1">Notes about ntp.keys</a></td><td> </td><td align="left" valign="top"> 84052d159aSCy Schubert</td></tr> 85052d159aSCy Schubert</table> 862b15cb3dSCy Schubert 87052d159aSCy Schubert<hr> 88a466cc55SCy Schubert<span id="ntp_002ekeys-Notes"></span><div class="header"> 89052d159aSCy Schubert<p> 90052d159aSCy SchubertPrevious: <a href="#ntp_002ekeys-See-Also" accesskey="p" rel="prev">ntp.keys See Also</a>, Up: <a href="#ntp_002ekeys-Description" accesskey="u" rel="up">ntp.keys Description</a> </p> 912b15cb3dSCy Schubert</div> 92a466cc55SCy Schubert<span id="Notes-about-ntp_002ekeys"></span><h3 class="section">1.1 Notes about ntp.keys</h3> 93a466cc55SCy Schubert<span id="index-ntp_002ekeys"></span> 94a466cc55SCy Schubert<span id="index-NTP-symmetric-key-file-format"></span> 952b15cb3dSCy Schubert 962b15cb3dSCy Schubert 972b15cb3dSCy Schubert 982b15cb3dSCy Schubert<p>This document describes the format of an NTP symmetric key file. 992b15cb3dSCy SchubertFor a description of the use of this type of file, see the 100052d159aSCy Schubert"Authentication Support" 1012b15cb3dSCy Schubertsection of the 1022b15cb3dSCy Schubert<code>ntp.conf(5)</code> 1032b15cb3dSCy Schubertpage. 104052d159aSCy Schubert</p> 1052b15cb3dSCy Schubert<p><code>ntpd(8)</code> 1062b15cb3dSCy Schubertreads its keys from a file specified using the 1072b15cb3dSCy Schubert<code>-k</code> 1082b15cb3dSCy Schubertcommand line option or the 1092b15cb3dSCy Schubert<code>keys</code> 1102b15cb3dSCy Schubertstatement in the configuration file. 1112b15cb3dSCy SchubertWhile key number 0 is fixed by the NTP standard 1122b15cb3dSCy Schubert(as 56 zero bits) 1132b15cb3dSCy Schubertand may not be changed, 1144e1ef62aSXin LIone or more keys numbered between 1 and 65535 1152b15cb3dSCy Schubertmay be arbitrarily set in the keys file. 116052d159aSCy Schubert</p> 1172b15cb3dSCy Schubert<p>The key file uses the same comment conventions 1182b15cb3dSCy Schubertas the configuration file. 1192b15cb3dSCy SchubertKey entries use a fixed format of the form 120052d159aSCy Schubert</p> 121052d159aSCy Schubert<div class="example"> 12268ba7e87SXin LI<pre class="example"><kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd> 123052d159aSCy Schubert</pre></div> 124052d159aSCy Schubert 1252b15cb3dSCy Schubert<p>where 1262b15cb3dSCy Schubert<kbd>keyno</kbd> 1274e1ef62aSXin LIis a positive integer (between 1 and 65535), 1282b15cb3dSCy Schubert<kbd>type</kbd> 1292b15cb3dSCy Schubertis the message digest algorithm, 1302b15cb3dSCy Schubert<kbd>key</kbd> 13168ba7e87SXin LIis the key itself, and 13268ba7e87SXin LI<kbd>opt_IP_list</kbd> 13368ba7e87SXin LIis an optional comma-separated list of IPs 13409100258SXin LIwhere the 13509100258SXin LI<kbd>keyno</kbd> 13609100258SXin LIshould be trusted. 13768ba7e87SXin LIthat are allowed to serve time. 13809100258SXin LIEach IP in 13909100258SXin LI<kbd>opt_IP_list</kbd> 14009100258SXin LImay contain an optional 14109100258SXin LI<code>/subnetbits</code> 14209100258SXin LIspecification which identifies the number of bits for 14309100258SXin LIthe desired subnet of trust. 14468ba7e87SXin LIIf 14568ba7e87SXin LI<kbd>opt_IP_list</kbd> 14668ba7e87SXin LIis empty, 14709100258SXin LIany properly-authenticated message will be 14868ba7e87SXin LIaccepted. 149052d159aSCy Schubert</p> 1502b15cb3dSCy Schubert<p>The 1512b15cb3dSCy Schubert<kbd>key</kbd> 1522b15cb3dSCy Schubertmay be given in a format 1532b15cb3dSCy Schubertcontrolled by the 1542b15cb3dSCy Schubert<kbd>type</kbd> 1552b15cb3dSCy Schubertfield. 1562b15cb3dSCy SchubertThe 1572b15cb3dSCy Schubert<kbd>type</kbd> 1582b15cb3dSCy Schubert<code>MD5</code> 1592b15cb3dSCy Schubertis always supported. 1602b15cb3dSCy SchubertIf 1612b15cb3dSCy Schubert<code>ntpd</code> 1622b15cb3dSCy Schubertwas built with the OpenSSL library 1632b15cb3dSCy Schubertthen any digest library supported by that library may be specified. 1642b15cb3dSCy SchubertHowever, if compliance with FIPS 140-2 is required the 1652b15cb3dSCy Schubert<kbd>type</kbd> 1662b15cb3dSCy Schubertmust be either 1672b15cb3dSCy Schubert<code>SHA</code> 1682b15cb3dSCy Schubertor 1692b15cb3dSCy Schubert<code>SHA1</code>. 170052d159aSCy Schubert</p> 1712b15cb3dSCy Schubert<p>What follows are some key types, and corresponding formats: 172052d159aSCy Schubert</p> 173052d159aSCy Schubert<dl compact="compact"> 174052d159aSCy Schubert<dt><code>MD5</code></dt> 175052d159aSCy Schubert<dd><p>The key is 1 to 16 printable characters terminated by 1762b15cb3dSCy Schubertan EOL, 1772b15cb3dSCy Schubertwhitespace, 1782b15cb3dSCy Schubertor 1792b15cb3dSCy Schuberta 1802b15cb3dSCy Schubert<code>#</code> 181052d159aSCy Schubert(which is the "start of comment" character). 182052d159aSCy Schubert</p> 183052d159aSCy Schubert</dd> 184052d159aSCy Schubert<dt><code>SHA</code></dt> 185052d159aSCy Schubert<dt><code>SHA1</code></dt> 186052d159aSCy Schubert<dt><code>RMD160</code></dt> 187052d159aSCy Schubert<dd><p>The key is a hex-encoded ASCII string of 40 characters, 1882b15cb3dSCy Schubertwhich is truncated as necessary. 189052d159aSCy Schubert</p></dd> 1902b15cb3dSCy Schubert</dl> 1912b15cb3dSCy Schubert 1922b15cb3dSCy Schubert<p>Note that the keys used by the 1932b15cb3dSCy Schubert<code>ntpq(8)</code> 1942b15cb3dSCy Schubertand 1952b15cb3dSCy Schubert<code>ntpdc(8)</code> 1962b15cb3dSCy Schubertprograms are checked against passwords 1972b15cb3dSCy Schubertrequested by the programs and entered by hand, 1982b15cb3dSCy Schubertso it is generally appropriate to specify these keys in ASCII format. 199052d159aSCy Schubert</p> 2002b15cb3dSCy Schubert<p>This section was generated by <strong>AutoGen</strong>, 2012b15cb3dSCy Schubertusing the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.keys</code> program. 2022b15cb3dSCy SchubertThis software is released under the NTP license, <http://ntp.org/license>. 203052d159aSCy Schubert</p> 204052d159aSCy Schubert<table class="menu" border="0" cellspacing="0"> 205a466cc55SCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Files" accesskey="1">ntp.keys Files</a></td><td> </td><td align="left" valign="top">Files 206052d159aSCy Schubert</td></tr> 207a466cc55SCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-See-Also" accesskey="2">ntp.keys See Also</a></td><td> </td><td align="left" valign="top">See Also 208052d159aSCy Schubert</td></tr> 209a466cc55SCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="3">ntp.keys Notes</a></td><td> </td><td align="left" valign="top">Notes 210052d159aSCy Schubert</td></tr> 211052d159aSCy Schubert</table> 2122b15cb3dSCy Schubert 213052d159aSCy Schubert<hr> 214a466cc55SCy Schubert<span id="ntp_002ekeys-Files"></span><div class="header"> 215052d159aSCy Schubert<p> 216052d159aSCy SchubertNext: <a href="#ntp_002ekeys-See-Also" accesskey="n" rel="next">ntp.keys See Also</a>, Up: <a href="#ntp_002ekeys-Notes" accesskey="u" rel="up">ntp.keys Notes</a> </p> 2172b15cb3dSCy Schubert</div> 218a466cc55SCy Schubert<span id="ntp_002ekeys-Files-1"></span><h4 class="subsection">1.1.1 ntp.keys Files</h4> 219052d159aSCy Schubert<dl compact="compact"> 220052d159aSCy Schubert<dt><samp>/etc/ntp.keys</samp></dt> 221052d159aSCy Schubert<dd><p>the default name of the configuration file 222052d159aSCy Schubert</p></dd> 2232b15cb3dSCy Schubert</dl> 224052d159aSCy Schubert<hr> 225a466cc55SCy Schubert<span id="ntp_002ekeys-See-Also"></span><div class="header"> 226052d159aSCy Schubert<p> 227052d159aSCy SchubertPrevious: <a href="#ntp_002ekeys-Files" accesskey="p" rel="prev">ntp.keys Files</a>, Up: <a href="#ntp_002ekeys-Notes" accesskey="u" rel="up">ntp.keys Notes</a> </p> 2282b15cb3dSCy Schubert</div> 229a466cc55SCy Schubert<span id="ntp_002ekeys-See-Also-1"></span><h4 class="subsection">1.1.2 ntp.keys See Also</h4> 2302b15cb3dSCy Schubert<p><code>ntp.conf(5)</code>, 2312b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code>, 2322b15cb3dSCy Schubert<code>ntpdate(1ntpdatemdoc)</code>, 2332b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code>, 2342b15cb3dSCy Schubert<code>sntp(1sntpmdoc)</code> 235052d159aSCy Schubert</p><hr> 236052d159aSCy Schubert<div class="header"> 237052d159aSCy Schubert<p> 238052d159aSCy Schubert </p> 2392b15cb3dSCy Schubert</div> 240a466cc55SCy Schubert<span id="ntp_002ekeys-Notes-1"></span><h4 class="subsection">1.1.3 ntp.keys Notes</h4> 2412b15cb3dSCy Schubert<p>This document was derived from FreeBSD. 242052d159aSCy Schubert</p><hr> 2432b15cb3dSCy Schubert 2442b15cb3dSCy Schubert 245052d159aSCy Schubert 246052d159aSCy Schubert</body> 247052d159aSCy Schubert</html> 248