1*052d159aSCy Schubert<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 2*052d159aSCy Schubert<html> 3*052d159aSCy Schubert<!-- Created by GNU Texinfo 6.5, http://www.gnu.org/software/texinfo/ --> 42b15cb3dSCy Schubert<head> 5*052d159aSCy Schubert<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 62b15cb3dSCy Schubert<title>NTP Symmetric Key</title> 7*052d159aSCy Schubert 82b15cb3dSCy Schubert<meta name="description" content="NTP Symmetric Key"> 9*052d159aSCy Schubert<meta name="keywords" content="NTP Symmetric Key"> 10*052d159aSCy Schubert<meta name="resource-type" content="document"> 11*052d159aSCy Schubert<meta name="distribution" content="global"> 12*052d159aSCy Schubert<meta name="Generator" content="makeinfo"> 13*052d159aSCy Schubert<link href="#Top" rel="start" title="Top"> 14*052d159aSCy Schubert<link href="dir.html#Top" rel="up" title="(dir)"> 15*052d159aSCy Schubert<style type="text/css"> 16*052d159aSCy Schubert<!-- 17*052d159aSCy Schuberta.summary-letter {text-decoration: none} 18*052d159aSCy Schubertblockquote.indentedblock {margin-right: 0em} 19*052d159aSCy Schubertblockquote.smallindentedblock {margin-right: 0em; font-size: smaller} 20*052d159aSCy Schubertblockquote.smallquotation {font-size: smaller} 21*052d159aSCy Schubertdiv.display {margin-left: 3.2em} 22*052d159aSCy Schubertdiv.example {margin-left: 3.2em} 23*052d159aSCy Schubertdiv.lisp {margin-left: 3.2em} 24*052d159aSCy Schubertdiv.smalldisplay {margin-left: 3.2em} 25*052d159aSCy Schubertdiv.smallexample {margin-left: 3.2em} 26*052d159aSCy Schubertdiv.smalllisp {margin-left: 3.2em} 27*052d159aSCy Schubertkbd {font-style: oblique} 282b15cb3dSCy Schubertpre.display {font-family: inherit} 292b15cb3dSCy Schubertpre.format {font-family: inherit} 30*052d159aSCy Schubertpre.menu-comment {font-family: serif} 31*052d159aSCy Schubertpre.menu-preformatted {font-family: serif} 322b15cb3dSCy Schubertpre.smalldisplay {font-family: inherit; font-size: smaller} 332b15cb3dSCy Schubertpre.smallexample {font-size: smaller} 34*052d159aSCy Schubertpre.smallformat {font-family: inherit; font-size: smaller} 352b15cb3dSCy Schubertpre.smalllisp {font-size: smaller} 36*052d159aSCy Schubertspan.nolinebreak {white-space: nowrap} 37*052d159aSCy Schubertspan.roman {font-family: initial; font-weight: normal} 38*052d159aSCy Schubertspan.sansserif {font-family: sans-serif; font-weight: normal} 39*052d159aSCy Schubertul.no-bullet {list-style: none} 40*052d159aSCy Schubert--> 41*052d159aSCy Schubert</style> 42*052d159aSCy Schubert 43*052d159aSCy Schubert 442b15cb3dSCy Schubert</head> 45*052d159aSCy Schubert 46*052d159aSCy Schubert<body lang="en"> 47*052d159aSCy Schubert<h1 class="settitle" align="center">NTP Symmetric Key</h1> 48*052d159aSCy Schubert 49*052d159aSCy Schubert 50*052d159aSCy Schubert 51*052d159aSCy Schubert 52*052d159aSCy Schubert 53*052d159aSCy Schubert<a name="Top"></a> 54*052d159aSCy Schubert<div class="header"> 55*052d159aSCy Schubert<p> 56*052d159aSCy SchubertNext: <a href="#ntp_002ekeys-Description" accesskey="n" rel="next">ntp.keys Description</a>, Previous: <a href="dir.html#Top" accesskey="p" rel="prev">(dir)</a>, Up: <a href="dir.html#Top" accesskey="u" rel="up">(dir)</a> </p> 572b15cb3dSCy Schubert</div> 58*052d159aSCy Schubert<a name="NTP_0027s-Symmetric-Key-File-User-Manual"></a> 59*052d159aSCy Schubert<h1 class="top">NTP’s Symmetric Key File User Manual</h1> 602b15cb3dSCy Schubert 61*052d159aSCy Schubert<p>This document describes the symmetric key file for the NTP Project’s 622b15cb3dSCy Schubert<code>ntpd</code> program. 63*052d159aSCy Schubert</p> 64*052d159aSCy Schubert<p>This document applies to version 4.2.8p13 of <code>ntp.keys</code>. 65*052d159aSCy Schubert</p> 66*052d159aSCy Schubert<a name="SEC_Overview"></a> 67*052d159aSCy Schubert<h2 class="shortcontents-heading">Short Table of Contents</h2> 682b15cb3dSCy Schubert 692b15cb3dSCy Schubert<div class="shortcontents"> 70*052d159aSCy Schubert<ul class="no-bullet"> 71*052d159aSCy Schubert<li><a name="stoc-Description" href="#toc-Description">1 Description</a></li> 722b15cb3dSCy Schubert</ul> 732b15cb3dSCy Schubert</div> 742b15cb3dSCy Schubert 752b15cb3dSCy Schubert 76*052d159aSCy Schubert<table class="menu" border="0" cellspacing="0"> 77*052d159aSCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Description" accesskey="1">ntp.keys Description</a>:</td><td> </td><td align="left" valign="top"> 78*052d159aSCy Schubert</td></tr> 79*052d159aSCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="2">ntp.keys Notes</a>:</td><td> </td><td align="left" valign="top"> 80*052d159aSCy Schubert</td></tr> 81*052d159aSCy Schubert</table> 82*052d159aSCy Schubert 83*052d159aSCy Schubert<hr> 84*052d159aSCy Schubert<a name="ntp_002ekeys-Description"></a> 85*052d159aSCy Schubert<div class="header"> 86*052d159aSCy Schubert<p> 87*052d159aSCy SchubertPrevious: <a href="#Top" accesskey="p" rel="prev">Top</a>, Up: <a href="#Top" accesskey="u" rel="up">Top</a> </p> 882b15cb3dSCy Schubert</div> 89*052d159aSCy Schubert<a name="Description"></a> 90*052d159aSCy Schubert<h2 class="chapter">1 Description</h2> 912b15cb3dSCy Schubert 922b15cb3dSCy Schubert<p>The name and location of the symmetric key file for <code>ntpd</code> can 932b15cb3dSCy Schubertbe specified in a configuration file, by default <code>/etc/ntp.keys</code>. 94*052d159aSCy Schubert</p> 95*052d159aSCy Schubert<table class="menu" border="0" cellspacing="0"> 96*052d159aSCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="1">ntp.keys Notes</a>:</td><td> </td><td align="left" valign="top"> 97*052d159aSCy Schubert</td></tr> 98*052d159aSCy Schubert</table> 992b15cb3dSCy Schubert 100*052d159aSCy Schubert<hr> 1012b15cb3dSCy Schubert<a name="ntp_002ekeys-Notes"></a> 102*052d159aSCy Schubert<div class="header"> 103*052d159aSCy Schubert<p> 104*052d159aSCy SchubertPrevious: <a href="#ntp_002ekeys-See-Also" accesskey="p" rel="prev">ntp.keys See Also</a>, Up: <a href="#ntp_002ekeys-Description" accesskey="u" rel="up">ntp.keys Description</a> </p> 1052b15cb3dSCy Schubert</div> 106*052d159aSCy Schubert<a name="Notes-about-ntp_002ekeys"></a> 107*052d159aSCy Schubert<h3 class="section">1.1 Notes about ntp.keys</h3> 108*052d159aSCy Schubert<a name="index-ntp_002ekeys"></a> 109*052d159aSCy Schubert<a name="index-NTP-symmetric-key-file-format"></a> 1102b15cb3dSCy Schubert 1112b15cb3dSCy Schubert 1122b15cb3dSCy Schubert 1132b15cb3dSCy Schubert<p>This document describes the format of an NTP symmetric key file. 1142b15cb3dSCy SchubertFor a description of the use of this type of file, see the 115*052d159aSCy Schubert"Authentication Support" 1162b15cb3dSCy Schubertsection of the 1172b15cb3dSCy Schubert<code>ntp.conf(5)</code> 1182b15cb3dSCy Schubertpage. 119*052d159aSCy Schubert</p> 1202b15cb3dSCy Schubert<p><code>ntpd(8)</code> 1212b15cb3dSCy Schubertreads its keys from a file specified using the 1222b15cb3dSCy Schubert<code>-k</code> 1232b15cb3dSCy Schubertcommand line option or the 1242b15cb3dSCy Schubert<code>keys</code> 1252b15cb3dSCy Schubertstatement in the configuration file. 1262b15cb3dSCy SchubertWhile key number 0 is fixed by the NTP standard 1272b15cb3dSCy Schubert(as 56 zero bits) 1282b15cb3dSCy Schubertand may not be changed, 1294e1ef62aSXin LIone or more keys numbered between 1 and 65535 1302b15cb3dSCy Schubertmay be arbitrarily set in the keys file. 131*052d159aSCy Schubert</p> 1322b15cb3dSCy Schubert<p>The key file uses the same comment conventions 1332b15cb3dSCy Schubertas the configuration file. 1342b15cb3dSCy SchubertKey entries use a fixed format of the form 135*052d159aSCy Schubert</p> 136*052d159aSCy Schubert<div class="example"> 13768ba7e87SXin LI<pre class="example"><kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd> 138*052d159aSCy Schubert</pre></div> 139*052d159aSCy Schubert 1402b15cb3dSCy Schubert<p>where 1412b15cb3dSCy Schubert<kbd>keyno</kbd> 1424e1ef62aSXin LIis a positive integer (between 1 and 65535), 1432b15cb3dSCy Schubert<kbd>type</kbd> 1442b15cb3dSCy Schubertis the message digest algorithm, 1452b15cb3dSCy Schubert<kbd>key</kbd> 14668ba7e87SXin LIis the key itself, and 14768ba7e87SXin LI<kbd>opt_IP_list</kbd> 14868ba7e87SXin LIis an optional comma-separated list of IPs 14909100258SXin LIwhere the 15009100258SXin LI<kbd>keyno</kbd> 15109100258SXin LIshould be trusted. 15268ba7e87SXin LIthat are allowed to serve time. 15309100258SXin LIEach IP in 15409100258SXin LI<kbd>opt_IP_list</kbd> 15509100258SXin LImay contain an optional 15609100258SXin LI<code>/subnetbits</code> 15709100258SXin LIspecification which identifies the number of bits for 15809100258SXin LIthe desired subnet of trust. 15968ba7e87SXin LIIf 16068ba7e87SXin LI<kbd>opt_IP_list</kbd> 16168ba7e87SXin LIis empty, 16209100258SXin LIany properly-authenticated message will be 16368ba7e87SXin LIaccepted. 164*052d159aSCy Schubert</p> 1652b15cb3dSCy Schubert<p>The 1662b15cb3dSCy Schubert<kbd>key</kbd> 1672b15cb3dSCy Schubertmay be given in a format 1682b15cb3dSCy Schubertcontrolled by the 1692b15cb3dSCy Schubert<kbd>type</kbd> 1702b15cb3dSCy Schubertfield. 1712b15cb3dSCy SchubertThe 1722b15cb3dSCy Schubert<kbd>type</kbd> 1732b15cb3dSCy Schubert<code>MD5</code> 1742b15cb3dSCy Schubertis always supported. 1752b15cb3dSCy SchubertIf 1762b15cb3dSCy Schubert<code>ntpd</code> 1772b15cb3dSCy Schubertwas built with the OpenSSL library 1782b15cb3dSCy Schubertthen any digest library supported by that library may be specified. 1792b15cb3dSCy SchubertHowever, if compliance with FIPS 140-2 is required the 1802b15cb3dSCy Schubert<kbd>type</kbd> 1812b15cb3dSCy Schubertmust be either 1822b15cb3dSCy Schubert<code>SHA</code> 1832b15cb3dSCy Schubertor 1842b15cb3dSCy Schubert<code>SHA1</code>. 185*052d159aSCy Schubert</p> 1862b15cb3dSCy Schubert<p>What follows are some key types, and corresponding formats: 187*052d159aSCy Schubert</p> 188*052d159aSCy Schubert<dl compact="compact"> 189*052d159aSCy Schubert<dt><code>MD5</code></dt> 190*052d159aSCy Schubert<dd><p>The key is 1 to 16 printable characters terminated by 1912b15cb3dSCy Schubertan EOL, 1922b15cb3dSCy Schubertwhitespace, 1932b15cb3dSCy Schubertor 1942b15cb3dSCy Schuberta 1952b15cb3dSCy Schubert<code>#</code> 196*052d159aSCy Schubert(which is the "start of comment" character). 197*052d159aSCy Schubert</p> 198*052d159aSCy Schubert</dd> 199*052d159aSCy Schubert<dt><code>SHA</code></dt> 200*052d159aSCy Schubert<dt><code>SHA1</code></dt> 201*052d159aSCy Schubert<dt><code>RMD160</code></dt> 202*052d159aSCy Schubert<dd><p>The key is a hex-encoded ASCII string of 40 characters, 2032b15cb3dSCy Schubertwhich is truncated as necessary. 204*052d159aSCy Schubert</p></dd> 2052b15cb3dSCy Schubert</dl> 2062b15cb3dSCy Schubert 2072b15cb3dSCy Schubert<p>Note that the keys used by the 2082b15cb3dSCy Schubert<code>ntpq(8)</code> 2092b15cb3dSCy Schubertand 2102b15cb3dSCy Schubert<code>ntpdc(8)</code> 2112b15cb3dSCy Schubertprograms are checked against passwords 2122b15cb3dSCy Schubertrequested by the programs and entered by hand, 2132b15cb3dSCy Schubertso it is generally appropriate to specify these keys in ASCII format. 214*052d159aSCy Schubert</p> 2152b15cb3dSCy Schubert<p>This section was generated by <strong>AutoGen</strong>, 2162b15cb3dSCy Schubertusing the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.keys</code> program. 2172b15cb3dSCy SchubertThis software is released under the NTP license, <http://ntp.org/license>. 218*052d159aSCy Schubert</p> 219*052d159aSCy Schubert<table class="menu" border="0" cellspacing="0"> 220*052d159aSCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Files" accesskey="1">ntp.keys Files</a>:</td><td> </td><td align="left" valign="top">Files 221*052d159aSCy Schubert</td></tr> 222*052d159aSCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-See-Also" accesskey="2">ntp.keys See Also</a>:</td><td> </td><td align="left" valign="top">See Also 223*052d159aSCy Schubert</td></tr> 224*052d159aSCy Schubert<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="3">ntp.keys Notes</a>:</td><td> </td><td align="left" valign="top">Notes 225*052d159aSCy Schubert</td></tr> 226*052d159aSCy Schubert</table> 2272b15cb3dSCy Schubert 228*052d159aSCy Schubert<hr> 229*052d159aSCy Schubert<a name="ntp_002ekeys-Files"></a> 230*052d159aSCy Schubert<div class="header"> 231*052d159aSCy Schubert<p> 232*052d159aSCy SchubertNext: <a href="#ntp_002ekeys-See-Also" accesskey="n" rel="next">ntp.keys See Also</a>, Up: <a href="#ntp_002ekeys-Notes" accesskey="u" rel="up">ntp.keys Notes</a> </p> 2332b15cb3dSCy Schubert</div> 234*052d159aSCy Schubert<a name="ntp_002ekeys-Files-1"></a> 235*052d159aSCy Schubert<h4 class="subsection">1.1.1 ntp.keys Files</h4> 236*052d159aSCy Schubert<dl compact="compact"> 237*052d159aSCy Schubert<dt><samp>/etc/ntp.keys</samp></dt> 238*052d159aSCy Schubert<dd><p>the default name of the configuration file 239*052d159aSCy Schubert</p></dd> 2402b15cb3dSCy Schubert</dl> 241*052d159aSCy Schubert<hr> 242*052d159aSCy Schubert<a name="ntp_002ekeys-See-Also"></a> 243*052d159aSCy Schubert<div class="header"> 244*052d159aSCy Schubert<p> 245*052d159aSCy SchubertPrevious: <a href="#ntp_002ekeys-Files" accesskey="p" rel="prev">ntp.keys Files</a>, Up: <a href="#ntp_002ekeys-Notes" accesskey="u" rel="up">ntp.keys Notes</a> </p> 2462b15cb3dSCy Schubert</div> 247*052d159aSCy Schubert<a name="ntp_002ekeys-See-Also-1"></a> 248*052d159aSCy Schubert<h4 class="subsection">1.1.2 ntp.keys See Also</h4> 2492b15cb3dSCy Schubert<p><code>ntp.conf(5)</code>, 2502b15cb3dSCy Schubert<code>ntpd(1ntpdmdoc)</code>, 2512b15cb3dSCy Schubert<code>ntpdate(1ntpdatemdoc)</code>, 2522b15cb3dSCy Schubert<code>ntpdc(1ntpdcmdoc)</code>, 2532b15cb3dSCy Schubert<code>sntp(1sntpmdoc)</code> 254*052d159aSCy Schubert</p><hr> 255*052d159aSCy Schubert<div class="header"> 256*052d159aSCy Schubert<p> 257*052d159aSCy Schubert </p> 2582b15cb3dSCy Schubert</div> 259*052d159aSCy Schubert<a name="ntp_002ekeys-Notes-1"></a> 260*052d159aSCy Schubert<h4 class="subsection">1.1.3 ntp.keys Notes</h4> 2612b15cb3dSCy Schubert<p>This document was derived from FreeBSD. 262*052d159aSCy Schubert</p><hr> 2632b15cb3dSCy Schubert 2642b15cb3dSCy Schubert 265*052d159aSCy Schubert 266*052d159aSCy Schubert</body> 267*052d159aSCy Schubert</html> 268