1<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 2<html> 3<!-- Created by GNU Texinfo 6.5, http://www.gnu.org/software/texinfo/ --> 4<head> 5<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 6<title>NTP Symmetric Key</title> 7 8<meta name="description" content="NTP Symmetric Key"> 9<meta name="keywords" content="NTP Symmetric Key"> 10<meta name="resource-type" content="document"> 11<meta name="distribution" content="global"> 12<meta name="Generator" content="makeinfo"> 13<link href="#Top" rel="start" title="Top"> 14<link href="dir.html#Top" rel="up" title="(dir)"> 15<style type="text/css"> 16<!-- 17a.summary-letter {text-decoration: none} 18blockquote.indentedblock {margin-right: 0em} 19blockquote.smallindentedblock {margin-right: 0em; font-size: smaller} 20blockquote.smallquotation {font-size: smaller} 21div.display {margin-left: 3.2em} 22div.example {margin-left: 3.2em} 23div.lisp {margin-left: 3.2em} 24div.smalldisplay {margin-left: 3.2em} 25div.smallexample {margin-left: 3.2em} 26div.smalllisp {margin-left: 3.2em} 27kbd {font-style: oblique} 28pre.display {font-family: inherit} 29pre.format {font-family: inherit} 30pre.menu-comment {font-family: serif} 31pre.menu-preformatted {font-family: serif} 32pre.smalldisplay {font-family: inherit; font-size: smaller} 33pre.smallexample {font-size: smaller} 34pre.smallformat {font-family: inherit; font-size: smaller} 35pre.smalllisp {font-size: smaller} 36span.nolinebreak {white-space: nowrap} 37span.roman {font-family: initial; font-weight: normal} 38span.sansserif {font-family: sans-serif; font-weight: normal} 39ul.no-bullet {list-style: none} 40--> 41</style> 42 43 44</head> 45 46<body lang="en"> 47<h1 class="settitle" align="center">NTP Symmetric Key</h1> 48 49 50 51 52 53<a name="Top"></a> 54<div class="header"> 55<p> 56Next: <a href="#ntp_002ekeys-Description" accesskey="n" rel="next">ntp.keys Description</a>, Previous: <a href="dir.html#Top" accesskey="p" rel="prev">(dir)</a>, Up: <a href="dir.html#Top" accesskey="u" rel="up">(dir)</a> </p> 57</div> 58<a name="NTP_0027s-Symmetric-Key-File-User-Manual"></a> 59<h1 class="top">NTP’s Symmetric Key File User Manual</h1> 60 61<p>This document describes the symmetric key file for the NTP Project’s 62<code>ntpd</code> program. 63</p> 64<p>This document applies to version 4.2.8p15 of <code>ntp.keys</code>. 65</p> 66<a name="SEC_Overview"></a> 67<h2 class="shortcontents-heading">Short Table of Contents</h2> 68 69<div class="shortcontents"> 70<ul class="no-bullet"> 71<li><a name="stoc-Description" href="#toc-Description">1 Description</a></li> 72</ul> 73</div> 74 75 76<table class="menu" border="0" cellspacing="0"> 77<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Description" accesskey="1">ntp.keys Description</a>:</td><td> </td><td align="left" valign="top"> 78</td></tr> 79<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="2">ntp.keys Notes</a>:</td><td> </td><td align="left" valign="top"> 80</td></tr> 81</table> 82 83<hr> 84<a name="ntp_002ekeys-Description"></a> 85<div class="header"> 86<p> 87Previous: <a href="#Top" accesskey="p" rel="prev">Top</a>, Up: <a href="#Top" accesskey="u" rel="up">Top</a> </p> 88</div> 89<a name="Description"></a> 90<h2 class="chapter">1 Description</h2> 91 92<p>The name and location of the symmetric key file for <code>ntpd</code> can 93be specified in a configuration file, by default <code>/etc/ntp.keys</code>. 94</p> 95<table class="menu" border="0" cellspacing="0"> 96<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="1">ntp.keys Notes</a>:</td><td> </td><td align="left" valign="top"> 97</td></tr> 98</table> 99 100<hr> 101<a name="ntp_002ekeys-Notes"></a> 102<div class="header"> 103<p> 104Previous: <a href="#ntp_002ekeys-See-Also" accesskey="p" rel="prev">ntp.keys See Also</a>, Up: <a href="#ntp_002ekeys-Description" accesskey="u" rel="up">ntp.keys Description</a> </p> 105</div> 106<a name="Notes-about-ntp_002ekeys"></a> 107<h3 class="section">1.1 Notes about ntp.keys</h3> 108<a name="index-ntp_002ekeys"></a> 109<a name="index-NTP-symmetric-key-file-format"></a> 110 111 112 113<p>This document describes the format of an NTP symmetric key file. 114For a description of the use of this type of file, see the 115"Authentication Support" 116section of the 117<code>ntp.conf(5)</code> 118page. 119</p> 120<p><code>ntpd(8)</code> 121reads its keys from a file specified using the 122<code>-k</code> 123command line option or the 124<code>keys</code> 125statement in the configuration file. 126While key number 0 is fixed by the NTP standard 127(as 56 zero bits) 128and may not be changed, 129one or more keys numbered between 1 and 65535 130may be arbitrarily set in the keys file. 131</p> 132<p>The key file uses the same comment conventions 133as the configuration file. 134Key entries use a fixed format of the form 135</p> 136<div class="example"> 137<pre class="example"><kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd> 138</pre></div> 139 140<p>where 141<kbd>keyno</kbd> 142is a positive integer (between 1 and 65535), 143<kbd>type</kbd> 144is the message digest algorithm, 145<kbd>key</kbd> 146is the key itself, and 147<kbd>opt_IP_list</kbd> 148is an optional comma-separated list of IPs 149where the 150<kbd>keyno</kbd> 151should be trusted. 152that are allowed to serve time. 153Each IP in 154<kbd>opt_IP_list</kbd> 155may contain an optional 156<code>/subnetbits</code> 157specification which identifies the number of bits for 158the desired subnet of trust. 159If 160<kbd>opt_IP_list</kbd> 161is empty, 162any properly-authenticated message will be 163accepted. 164</p> 165<p>The 166<kbd>key</kbd> 167may be given in a format 168controlled by the 169<kbd>type</kbd> 170field. 171The 172<kbd>type</kbd> 173<code>MD5</code> 174is always supported. 175If 176<code>ntpd</code> 177was built with the OpenSSL library 178then any digest library supported by that library may be specified. 179However, if compliance with FIPS 140-2 is required the 180<kbd>type</kbd> 181must be either 182<code>SHA</code> 183or 184<code>SHA1</code>. 185</p> 186<p>What follows are some key types, and corresponding formats: 187</p> 188<dl compact="compact"> 189<dt><code>MD5</code></dt> 190<dd><p>The key is 1 to 16 printable characters terminated by 191an EOL, 192whitespace, 193or 194a 195<code>#</code> 196(which is the "start of comment" character). 197</p> 198</dd> 199<dt><code>SHA</code></dt> 200<dt><code>SHA1</code></dt> 201<dt><code>RMD160</code></dt> 202<dd><p>The key is a hex-encoded ASCII string of 40 characters, 203which is truncated as necessary. 204</p></dd> 205</dl> 206 207<p>Note that the keys used by the 208<code>ntpq(8)</code> 209and 210<code>ntpdc(8)</code> 211programs are checked against passwords 212requested by the programs and entered by hand, 213so it is generally appropriate to specify these keys in ASCII format. 214</p> 215<p>This section was generated by <strong>AutoGen</strong>, 216using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.keys</code> program. 217This software is released under the NTP license, <http://ntp.org/license>. 218</p> 219<table class="menu" border="0" cellspacing="0"> 220<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Files" accesskey="1">ntp.keys Files</a>:</td><td> </td><td align="left" valign="top">Files 221</td></tr> 222<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-See-Also" accesskey="2">ntp.keys See Also</a>:</td><td> </td><td align="left" valign="top">See Also 223</td></tr> 224<tr><td align="left" valign="top">• <a href="#ntp_002ekeys-Notes" accesskey="3">ntp.keys Notes</a>:</td><td> </td><td align="left" valign="top">Notes 225</td></tr> 226</table> 227 228<hr> 229<a name="ntp_002ekeys-Files"></a> 230<div class="header"> 231<p> 232Next: <a href="#ntp_002ekeys-See-Also" accesskey="n" rel="next">ntp.keys See Also</a>, Up: <a href="#ntp_002ekeys-Notes" accesskey="u" rel="up">ntp.keys Notes</a> </p> 233</div> 234<a name="ntp_002ekeys-Files-1"></a> 235<h4 class="subsection">1.1.1 ntp.keys Files</h4> 236<dl compact="compact"> 237<dt><samp>/etc/ntp.keys</samp></dt> 238<dd><p>the default name of the configuration file 239</p></dd> 240</dl> 241<hr> 242<a name="ntp_002ekeys-See-Also"></a> 243<div class="header"> 244<p> 245Previous: <a href="#ntp_002ekeys-Files" accesskey="p" rel="prev">ntp.keys Files</a>, Up: <a href="#ntp_002ekeys-Notes" accesskey="u" rel="up">ntp.keys Notes</a> </p> 246</div> 247<a name="ntp_002ekeys-See-Also-1"></a> 248<h4 class="subsection">1.1.2 ntp.keys See Also</h4> 249<p><code>ntp.conf(5)</code>, 250<code>ntpd(1ntpdmdoc)</code>, 251<code>ntpdate(1ntpdatemdoc)</code>, 252<code>ntpdc(1ntpdcmdoc)</code>, 253<code>sntp(1sntpmdoc)</code> 254</p><hr> 255<div class="header"> 256<p> 257 </p> 258</div> 259<a name="ntp_002ekeys-Notes-1"></a> 260<h4 class="subsection">1.1.3 ntp.keys Notes</h4> 261<p>This document was derived from FreeBSD. 262</p><hr> 263 264 265 266</body> 267</html> 268