1<html lang="en"> 2<head> 3<title>NTP Symmetric Key</title> 4<meta http-equiv="Content-Type" content="text/html"> 5<meta name="description" content="NTP Symmetric Key"> 6<meta name="generator" content="makeinfo 4.7"> 7<link title="Top" rel="top" href="#Top"> 8<link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage"> 9<meta http-equiv="Content-Style-Type" content="text/css"> 10<style type="text/css"><!-- 11 pre.display { font-family:inherit } 12 pre.format { font-family:inherit } 13 pre.smalldisplay { font-family:inherit; font-size:smaller } 14 pre.smallformat { font-family:inherit; font-size:smaller } 15 pre.smallexample { font-size:smaller } 16 pre.smalllisp { font-size:smaller } 17 span.sc { font-variant:small-caps } 18 span.roman { font-family: serif; font-weight: normal; } 19--></style> 20</head> 21<body> 22<h1 class="settitle">NTP Symmetric Key</h1> 23<div class="node"> 24<p><hr> 25<a name="Top"></a>Next: <a rel="next" accesskey="n" href="#ntp_002ekeys-Description">ntp.keys Description</a>, 26Previous: <a rel="previous" accesskey="p" href="#dir">(dir)</a>, 27Up: <a rel="up" accesskey="u" href="#dir">(dir)</a> 28<br> 29</div> 30 31<h2 class="unnumbered">NTP's Symmetric Key File User Manual</h2> 32 33<p>This document describes the symmetric key file for the NTP Project's 34<code>ntpd</code> program. 35 36 <p>This document applies to version 4.2.8p11 of <code>ntp.keys</code>. 37 38 <div class="shortcontents"> 39<h2>Short Contents</h2> 40<ul> 41<a href="#Top">NTP's Symmetric Key File User Manual</a> 42</ul> 43</div> 44 45<ul class="menu"> 46<li><a accesskey="1" href="#ntp_002ekeys-Description">ntp.keys Description</a> 47<li><a accesskey="2" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> 48</ul> 49 50<div class="node"> 51<p><hr> 52<a name="ntp_002ekeys-Description"></a>Previous: <a rel="previous" accesskey="p" href="#Top">Top</a>, 53Up: <a rel="up" accesskey="u" href="#Top">Top</a> 54<br> 55</div> 56 57<!-- node-name, next, previous, up --> 58<h3 class="section">Description</h3> 59 60<p>The name and location of the symmetric key file for <code>ntpd</code> can 61be specified in a configuration file, by default <code>/etc/ntp.keys</code>. 62 63<div class="node"> 64<p><hr> 65<a name="ntp_002ekeys-Notes"></a> 66<br> 67</div> 68 69<h3 class="section">Notes about ntp.keys</h3> 70 71<p><a name="index-ntp_002ekeys-1"></a><a name="index-NTP-symmetric-key-file-format-2"></a> 72 73 <p>This document describes the format of an NTP symmetric key file. 74For a description of the use of this type of file, see the 75"Authentication Support" 76section of the 77<code>ntp.conf(5)</code> 78page. 79 80 <p><code>ntpd(8)</code> 81reads its keys from a file specified using the 82<code>-k</code> 83command line option or the 84<code>keys</code> 85statement in the configuration file. 86While key number 0 is fixed by the NTP standard 87(as 56 zero bits) 88and may not be changed, 89one or more keys numbered between 1 and 65534 90may be arbitrarily set in the keys file. 91 92 <p>The key file uses the same comment conventions 93as the configuration file. 94Key entries use a fixed format of the form 95 96<pre class="example"> <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd> 97</pre> 98 <p>where 99<kbd>keyno</kbd> 100is a positive integer (between 1 and 65534), 101<kbd>type</kbd> 102is the message digest algorithm, 103<kbd>key</kbd> 104is the key itself, and 105<kbd>opt_IP_list</kbd> 106is an optional comma-separated list of IPs 107where the 108<kbd>keyno</kbd> 109should be trusted. 110that are allowed to serve time. 111Each IP in 112<kbd>opt_IP_list</kbd> 113may contain an optional 114<code>/subnetbits</code> 115specification which identifies the number of bits for 116the desired subnet of trust. 117If 118<kbd>opt_IP_list</kbd> 119is empty, 120any properly-authenticated message will be 121accepted. 122 123 <p>The 124<kbd>key</kbd> 125may be given in a format 126controlled by the 127<kbd>type</kbd> 128field. 129The 130<kbd>type</kbd> 131<code>MD5</code> 132is always supported. 133If 134<code>ntpd</code> 135was built with the OpenSSL library 136then any digest library supported by that library may be specified. 137However, if compliance with FIPS 140-2 is required the 138<kbd>type</kbd> 139must be either 140<code>SHA</code> 141or 142<code>SHA1</code>. 143 144 <p>What follows are some key types, and corresponding formats: 145 146 <dl> 147<dt><code>MD5</code><dd>The key is 1 to 16 printable characters terminated by 148an EOL, 149whitespace, 150or 151a 152<code>#</code> 153(which is the "start of comment" character). 154 155 <br><dt><code>SHA</code><br><dt><code>SHA1</code><br><dt><code>RMD160</code><dd>The key is a hex-encoded ASCII string of 40 characters, 156which is truncated as necessary. 157</dl> 158 159 <p>Note that the keys used by the 160<code>ntpq(8)</code> 161and 162<code>ntpdc(8)</code> 163programs are checked against passwords 164requested by the programs and entered by hand, 165so it is generally appropriate to specify these keys in ASCII format. 166 167 <p>This section was generated by <strong>AutoGen</strong>, 168using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.keys</code> program. 169This software is released under the NTP license, <http://ntp.org/license>. 170 171<ul class="menu"> 172<li><a accesskey="1" href="#ntp_002ekeys-Files">ntp.keys Files</a>: Files 173<li><a accesskey="2" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>: See Also 174<li><a accesskey="3" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>: Notes 175</ul> 176 177<div class="node"> 178<p><hr> 179<a name="ntp_002ekeys-Files"></a>Next: <a rel="next" accesskey="n" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>, 180Up: <a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> 181<br> 182</div> 183 184<h4 class="subsection">ntp.keys Files</h4> 185 186 <dl> 187<dt><span class="file">/etc/ntp.keys</span><dd>the default name of the configuration file 188</dl> 189<div class="node"> 190<p><hr> 191<a name="ntp_002ekeys-See-Also"></a>Next: <a rel="next" accesskey="n" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>, 192Previous: <a rel="previous" accesskey="p" href="#ntp_002ekeys-Files">ntp.keys Files</a>, 193Up: <a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> 194<br> 195</div> 196 197<h4 class="subsection">ntp.keys See Also</h4> 198 199<p><code>ntp.conf(5)</code>, 200<code>ntpd(1ntpdmdoc)</code>, 201<code>ntpdate(1ntpdatemdoc)</code>, 202<code>ntpdc(1ntpdcmdoc)</code>, 203<code>sntp(1sntpmdoc)</code> 204<div class="node"> 205<p><hr> 206<a name="ntp_002ekeys-Notes"></a>Previous: <a rel="previous" accesskey="p" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>, 207Up: <a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> 208<br> 209</div> 210 211<h4 class="subsection">ntp.keys Notes</h4> 212 213<p>This document was derived from FreeBSD. 214 215</body></html> 216 217