1<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 2<html> 3<!-- Created by GNU Texinfo 6.6, http://www.gnu.org/software/texinfo/ --> 4<head> 5<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 6<title>NTP Symmetric Key</title> 7 8<meta name="description" content="NTP Symmetric Key"> 9<meta name="keywords" content="NTP Symmetric Key"> 10<meta name="resource-type" content="document"> 11<meta name="distribution" content="global"> 12<meta name="Generator" content="makeinfo"> 13<link href="#Top" rel="start" title="Top"> 14<link href="dir.html#Top" rel="up" title="(dir)"> 15<style type="text/css"> 16<!-- 17a.summary-letter {text-decoration: none} 18blockquote.indentedblock {margin-right: 0em} 19div.display {margin-left: 3.2em} 20div.example {margin-left: 3.2em} 21div.lisp {margin-left: 3.2em} 22kbd {font-style: oblique} 23pre.display {font-family: inherit} 24pre.format {font-family: inherit} 25pre.menu-comment {font-family: serif} 26pre.menu-preformatted {font-family: serif} 27span.nolinebreak {white-space: nowrap} 28span.roman {font-family: initial; font-weight: normal} 29span.sansserif {font-family: sans-serif; font-weight: normal} 30ul.no-bullet {list-style: none} 31--> 32</style> 33 34 35</head> 36 37<body lang="en"> 38<h1 class="settitle" align="center">NTP Symmetric Key</h1> 39 40 41 42 43 44<span id="Top"></span><div class="header"> 45<p> 46Next: <a href="#ntp_002ekeys-Description" accesskey="n" rel="next">ntp.keys Description</a>, Previous: <a href="dir.html#Top" accesskey="p" rel="prev">(dir)</a>, Up: <a href="dir.html#Top" accesskey="u" rel="up">(dir)</a> </p> 47</div> 48<span id="NTP_0027s-Symmetric-Key-File-User-Manual"></span><h1 class="top">NTP’s Symmetric Key File User Manual</h1> 49 50<p>This document describes the symmetric key file for the NTP Project’s 51<code>ntpd</code> program. 52</p> 53<p>This document applies to version 4.2.8p18 of <code>ntp.keys</code>. 54</p> 55<span id="SEC_Overview"></span> 56<h2 class="shortcontents-heading">Short Table of Contents</h2> 57 58<div class="shortcontents"> 59<ul class="no-bullet"> 60<li><a id="stoc-Description" href="#toc-Description">1 Description</a></li> 61</ul> 62</div> 63 64 65<table class="menu" border="0" cellspacing="0"> 66<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Description" accesskey="1">ntp.keys Description</a></td><td> </td><td align="left" valign="top"> 67</td></tr> 68<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="2">ntp.keys Notes</a></td><td> </td><td align="left" valign="top"> 69</td></tr> 70</table> 71 72<hr> 73<span id="ntp_002ekeys-Description"></span><div class="header"> 74<p> 75Previous: <a href="#Top" accesskey="p" rel="prev">Top</a>, Up: <a href="#Top" accesskey="u" rel="up">Top</a> </p> 76</div> 77<span id="Description"></span><h2 class="chapter">1 Description</h2> 78 79<p>The name and location of the symmetric key file for <code>ntpd</code> can 80be specified in a configuration file, by default <code>/etc/ntp.keys</code>. 81</p> 82<table class="menu" border="0" cellspacing="0"> 83<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="1">Notes about ntp.keys</a></td><td> </td><td align="left" valign="top"> 84</td></tr> 85</table> 86 87<hr> 88<span id="ntp_002ekeys-Notes"></span><div class="header"> 89<p> 90Previous: <a href="#ntp_002ekeys-See-Also" accesskey="p" rel="prev">ntp.keys See Also</a>, Up: <a href="#ntp_002ekeys-Description" accesskey="u" rel="up">ntp.keys Description</a> </p> 91</div> 92<span id="Notes-about-ntp_002ekeys"></span><h3 class="section">1.1 Notes about ntp.keys</h3> 93<span id="index-ntp_002ekeys"></span> 94<span id="index-NTP-symmetric-key-file-format"></span> 95 96 97 98<p>This document describes the format of an NTP symmetric key file. 99For a description of the use of this type of file, see the 100"Authentication Support" 101section of the 102<code>ntp.conf(5)</code> 103page. 104</p> 105<p><code>ntpd(8)</code> 106reads its keys from a file specified using the 107<code>-k</code> 108command line option or the 109<code>keys</code> 110statement in the configuration file. 111While key number 0 is fixed by the NTP standard 112(as 56 zero bits) 113and may not be changed, 114one or more keys numbered between 1 and 65535 115may be arbitrarily set in the keys file. 116</p> 117<p>The key file uses the same comment conventions 118as the configuration file. 119Key entries use a fixed format of the form 120</p> 121<div class="example"> 122<pre class="example"><kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd> 123</pre></div> 124 125<p>where 126<kbd>keyno</kbd> 127is a positive integer (between 1 and 65535), 128<kbd>type</kbd> 129is the message digest algorithm, 130<kbd>key</kbd> 131is the key itself, and 132<kbd>opt_IP_list</kbd> 133is an optional comma-separated list of IPs 134where the 135<kbd>keyno</kbd> 136should be trusted. 137that are allowed to serve time. 138Each IP in 139<kbd>opt_IP_list</kbd> 140may contain an optional 141<code>/subnetbits</code> 142specification which identifies the number of bits for 143the desired subnet of trust. 144If 145<kbd>opt_IP_list</kbd> 146is empty, 147any properly-authenticated message will be 148accepted. 149</p> 150<p>The 151<kbd>key</kbd> 152may be given in a format 153controlled by the 154<kbd>type</kbd> 155field. 156The 157<kbd>type</kbd> 158<code>MD5</code> 159is always supported. 160If 161<code>ntpd</code> 162was built with the OpenSSL library 163then any digest library supported by that library may be specified. 164However, if compliance with FIPS 140-2 is required the 165<kbd>type</kbd> 166must be either 167<code>SHA</code> 168or 169<code>SHA1</code>. 170</p> 171<p>What follows are some key types, and corresponding formats: 172</p> 173<dl compact="compact"> 174<dt><code>MD5</code></dt> 175<dd><p>The key is 1 to 16 printable characters terminated by 176an EOL, 177whitespace, 178or 179a 180<code>#</code> 181(which is the "start of comment" character). 182</p> 183</dd> 184<dt><code>SHA</code></dt> 185<dt><code>SHA1</code></dt> 186<dt><code>RMD160</code></dt> 187<dd><p>The key is a hex-encoded ASCII string of 40 characters, 188which is truncated as necessary. 189</p></dd> 190</dl> 191 192<p>Note that the keys used by the 193<code>ntpq(8)</code> 194and 195<code>ntpdc(8)</code> 196programs are checked against passwords 197requested by the programs and entered by hand, 198so it is generally appropriate to specify these keys in ASCII format. 199</p> 200<p>This section was generated by <strong>AutoGen</strong>, 201using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.keys</code> program. 202This software is released under the NTP license, <http://ntp.org/license>. 203</p> 204<table class="menu" border="0" cellspacing="0"> 205<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Files" accesskey="1">ntp.keys Files</a></td><td> </td><td align="left" valign="top">Files 206</td></tr> 207<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-See-Also" accesskey="2">ntp.keys See Also</a></td><td> </td><td align="left" valign="top">See Also 208</td></tr> 209<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="3">ntp.keys Notes</a></td><td> </td><td align="left" valign="top">Notes 210</td></tr> 211</table> 212 213<hr> 214<span id="ntp_002ekeys-Files"></span><div class="header"> 215<p> 216Next: <a href="#ntp_002ekeys-See-Also" accesskey="n" rel="next">ntp.keys See Also</a>, Up: <a href="#ntp_002ekeys-Notes" accesskey="u" rel="up">ntp.keys Notes</a> </p> 217</div> 218<span id="ntp_002ekeys-Files-1"></span><h4 class="subsection">1.1.1 ntp.keys Files</h4> 219<dl compact="compact"> 220<dt><samp>/etc/ntp.keys</samp></dt> 221<dd><p>the default name of the configuration file 222</p></dd> 223</dl> 224<hr> 225<span id="ntp_002ekeys-See-Also"></span><div class="header"> 226<p> 227Previous: <a href="#ntp_002ekeys-Files" accesskey="p" rel="prev">ntp.keys Files</a>, Up: <a href="#ntp_002ekeys-Notes" accesskey="u" rel="up">ntp.keys Notes</a> </p> 228</div> 229<span id="ntp_002ekeys-See-Also-1"></span><h4 class="subsection">1.1.2 ntp.keys See Also</h4> 230<p><code>ntp.conf(5)</code>, 231<code>ntpd(1ntpdmdoc)</code>, 232<code>ntpdate(1ntpdatemdoc)</code>, 233<code>ntpdc(1ntpdcmdoc)</code>, 234<code>sntp(1sntpmdoc)</code> 235</p><hr> 236<div class="header"> 237<p> 238 </p> 239</div> 240<span id="ntp_002ekeys-Notes-1"></span><h4 class="subsection">1.1.3 ntp.keys Notes</h4> 241<p>This document was derived from FreeBSD. 242</p><hr> 243 244 245 246</body> 247</html> 248