xref: /freebsd/contrib/ntp/util/ntp-keygen.html (revision 2284664ef9fcb0baaf59f1ef7df877c0b0f2b187)
1<html lang="en">
2<head>
3<title>Ntp-keygen User's Manual</title>
4<meta http-equiv="Content-Type" content="text/html">
5<meta name="description" content="Ntp-keygen User's Manual">
6<meta name="generator" content="makeinfo 4.7">
7<link title="Top" rel="top" href="#Top">
8<link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage">
9<meta http-equiv="Content-Style-Type" content="text/css">
10<style type="text/css"><!--
11  pre.display { font-family:inherit }
12  pre.format  { font-family:inherit }
13  pre.smalldisplay { font-family:inherit; font-size:smaller }
14  pre.smallformat  { font-family:inherit; font-size:smaller }
15  pre.smallexample { font-size:smaller }
16  pre.smalllisp    { font-size:smaller }
17  span.sc { font-variant:small-caps }
18  span.roman { font-family: serif; font-weight: normal; }
19--></style>
20</head>
21<body>
22<h1 class="settitle">Ntp-keygen User's Manual</h1>
23  <div class="shortcontents">
24<h2>Short Contents</h2>
25<ul>
26<a href="#Top">Top</a>
27<a href="#Top">NTP Key Generation Program User Manual</a>
28</ul>
29</div>
30
31
32
33<div class="node">
34<p><hr>
35<a name="Top"></a>Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
36<br>
37</div>
38
39<h2 class="unnumbered">Top</h2>
40
41<ul class="menu">
42<li><a accesskey="1" href="#Description">Description</a>
43<li><a accesskey="2" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>: 	Invoking ntp-keygen
44<li><a accesskey="3" href="#Running-the-Program">Running the Program</a>
45<li><a accesskey="4" href="#Random-Seed-File">Random Seed File</a>
46<li><a accesskey="5" href="#Cryptographic-Data-Files">Cryptographic Data Files</a>
47</ul>
48
49<div class="node">
50<p><hr>
51<a name="Top"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#Description">Description</a>,
52Previous:&nbsp;<a rel="previous" accesskey="p" href="#dir">(dir)</a>,
53Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
54<br>
55</div>
56
57<h2 class="unnumbered">NTP Key Generation Program User Manual</h2>
58
59<p>This document describes the use of the NTP Project's <code>ntp-keygen</code>
60program, that generates cryptographic data files used by the NTPv4
61authentication and identity schemes.
62It can generate message digest keys used in symmetric key cryptography and,
63if the OpenSSL software
64library has been installed, it can generate host keys, sign keys,
65certificates, and identity keys and parameters used by the Autokey
66public key cryptography.
67The message digest keys file is generated in a
68format compatible with NTPv3.
69All other files are in PEM-encoded
70printable ASCII format so they can be embedded as MIME attachments in
71mail to other sites.
72
73  <p>This document applies to version 4.2.8p12 of <code>ntp-keygen</code>.
74
75<div class="node">
76<p><hr>
77<a name="Description"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#Running-the-Program">Running the Program</a>,
78Previous:&nbsp;<a rel="previous" accesskey="p" href="#Top">Top</a>,
79Up:&nbsp;<a rel="up" accesskey="u" href="#Top">Top</a>
80<br>
81</div>
82
83<!-- node-name,  next,  previous,  up -->
84<h3 class="section">Description</h3>
85
86<p>This program generates cryptographic data files used by the NTPv4
87authentication and identity schemes. It can generate message digest
88keys used in symmetric key cryptography and, if the OpenSSL software
89library has been installed, it can generate host keys, sign keys,
90certificates, and identity keys and parameters used by the Autokey
91public key cryptography. The message digest keys file is generated in a
92format compatible with NTPv3. All other files are in PEM-encoded
93printable ASCII format so they can be embedded as MIME attachments in
94mail to other sites.
95
96  <p>When used to generate message digest keys, the program produces a file
97containing ten pseudo-random printable ASCII strings suitable for the
98MD5 message digest algorithm included in the distribution.
99If the
100OpenSSL library is installed, it produces an additional ten hex-encoded
101random bit strings suitable for the SHA1 and other message digest
102algorithms.
103The message digest keys file must be distributed and stored
104using secure means beyond the scope of NTP itself.
105Besides the keys
106used for ordinary NTP associations, additional keys can be defined as
107passwords for the ntpq and ntpdc utility programs.
108
109  <p>The remaining generated files are compatible with other OpenSSL
110applications and other Public Key Infrastructure (PKI) resources.
111Certificates generated by this program are compatible with extant
112industry practice, although some users might find the interpretation of
113X509v3 extension fields somewhat liberal.
114However, the identity keys
115are probably not compatible with anything other than Autokey.
116
117  <p>Some files used by this program are encrypted using a private password.
118The <code>-p</code> option specifies the password for local encrypted files and the
119<code>-q</code> option the password for encrypted files sent to remote sites.
120If no password is specified, the host name returned by the Unix
121<code>gethostname()</code> function, normally the DNS name of the host, is used.
122
123  <p>The <kbd>pw</kbd> option of the <code>crypto</code> configuration command
124specifies the read password for previously encrypted local files.
125This must match the local password used by this program.
126If not specified, the host name is used.
127Thus, if files are generated by this program without password,
128they can be read back by ntpd without password, but only on the same
129host.
130
131  <p>Normally, encrypted files for each host are generated by that host and
132used only by that host, although exceptions exist as noted later on
133this page.
134The symmetric keys file, normally called <code>ntp.keys</code>, is
135usually installed in <code>/etc</code>.
136Other files and links are usually installed
137in <code>/usr/local/etc</code>, which is normally in a shared filesystem in
138NFS-mounted networks and cannot be changed by shared clients.
139The location of the keys directory can be changed by the keysdir
140configuration command in such cases.
141Normally, this is in <code>/etc</code>.
142
143  <p>This program directs commentary and error messages to the standard
144error stream <code>stderr</code> and remote files to the standard output stream
145<code>stdout</code> where they can be piped to other applications or redirected to
146files.
147The names used for generated files and links all begin with the
148string <code>ntpkey</code> and include the file type,
149generating host and filestamp,
150as described in the <a href="#Cryptographic-Data-Files">Cryptographic Data Files</a> section below.
151
152<div class="node">
153<p><hr>
154<a name="Running-the-Program"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#Random-Seed-File">Random Seed File</a>,
155Previous:&nbsp;<a rel="previous" accesskey="p" href="#Description">Description</a>,
156Up:&nbsp;<a rel="up" accesskey="u" href="#Top">Top</a>
157<br>
158</div>
159
160<!-- node-name,  next,  previous,  up -->
161<h3 class="section">Running the Program</h3>
162
163<p>To test and gain experience with Autokey concepts, log in as root and
164change to the keys directory, usually <code>/usr/local/etc</code>.
165When run for the
166first time, or if all files with names beginning <code>ntpkey</code>] have been
167removed, use the <code>ntp-keygen</code> command without arguments to generate a
168default RSA host key and matching RSA-MD5 certificate with expiration
169date one year hence.
170If run again without options, the program uses the
171existing keys and parameters and generates only a new certificate with
172new expiration date one year hence.
173
174  <p>Run the command on as many hosts as necessary.
175Designate one of them as the trusted host (TH) using <code>ntp-keygen</code>
176with the <code>-T</code> option and configure
177it to synchronize from reliable Internet servers.
178Then configure the other hosts to synchronize to the TH directly or indirectly.
179A certificate trail is created when Autokey asks the immediately
180ascendant host towards the TH to sign its certificate, which is then
181provided to the immediately descendant host on request.
182All group hosts should have acyclic certificate trails ending on the TH.
183
184  <p>The host key is used to encrypt the cookie when required and so must be
185RSA type.
186By default, the host key is also the sign key used to encrypt signatures.
187A different sign key can be assigned using the <code>-S</code> option
188and this can be either RSA or DSA type.
189By default, the signature
190message digest type is MD5, but any combination of sign key type and
191message digest type supported by the OpenSSL library can be specified
192using the <code>-c</code> option.
193
194  <p>The rules say cryptographic media should be generated with proventic
195filestamps, which means the host should already be synchronized before
196this program is run.
197This of course creates a chicken-and-egg problem
198when the host is started for the first time.
199Accordingly, the host time
200should be set by some other means, such as eyeball-and-wristwatch, at
201least so that the certificate lifetime is within the current year.
202After that and when the host is synchronized to a proventic source, the
203certificate should be re-generated.
204
205  <p>Additional information on trusted groups and identity schemes is on the
206Autokey Public-Key Authentication page.
207
208<div class="node">
209<p><hr>
210<a name="ntp_002dkeygen-Invocation"></a>
211<br>
212</div>
213
214<h3 class="section">Invoking ntp-keygen</h3>
215
216<p><a name="index-ntp_002dkeygen-1"></a><a name="index-Create-a-NTP-host-key-2"></a>
217
218  <p>This program generates cryptographic data files used by the NTPv4
219authentication and identification schemes.
220It can generate message digest keys used in symmetric key cryptography and,
221if the OpenSSL software library has been installed, it can generate host keys,
222signing keys, certificates, and identity keys and parameters used in Autokey
223public key cryptography.
224These files are used for cookie encryption,
225digital signature, and challenge/response identification algorithms
226compatible with the Internet standard security infrastructure.
227
228  <p>The message digest symmetric keys file is generated in a format
229compatible with NTPv3.
230All other files are in PEM-encoded printable ASCII format,
231so they can be embedded as MIME attachments in email to other sites
232and certificate authorities.
233By default, files are not encrypted.
234
235  <p>When used to generate message digest symmetric keys, the program
236produces a file containing ten pseudo-random printable ASCII strings
237suitable for the MD5 message digest algorithm included in the
238distribution.
239If the OpenSSL library is installed, it produces an additional ten
240hex-encoded random bit strings suitable for SHA1, AES-128-CMAC, and
241other message digest algorithms.
242The message digest symmetric keys file must be distributed and stored
243using secure means beyond the scope of NTP itself.
244Besides the keys used for ordinary NTP associations, additional keys
245can be defined as passwords for the
246<code>ntpq(1ntpqmdoc)</code>
247and
248<code>ntpdc(1ntpdcmdoc)</code>
249utility programs.
250
251  <p>The remaining generated files are compatible with other OpenSSL
252applications and other Public Key Infrastructure (PKI) resources.
253Certificates generated by this program are compatible with extant
254industry practice, although some users might find the interpretation of
255X509v3 extension fields somewhat liberal.
256However, the identity keys are probably not compatible with anything
257other than Autokey.
258
259  <p>Some files used by this program are encrypted using a private password.
260The
261<code>-p</code>
262option specifies the read password for local encrypted files and the
263<code>-q</code>
264option the write password for encrypted files sent to remote sites.
265If no password is specified, the host name returned by the Unix
266<code>hostname(1)</code>
267command, normally the DNS name of the host, is used as the the default read
268password, for convenience.
269The
270<code>ntp-keygen</code>
271program prompts for the password if it reads an encrypted file
272and the password is missing or incorrect.
273If an encrypted file is read successfully and
274no write password is specified, the read password is used
275as the write password by default.
276
277  <p>The
278<code>pw</code>
279option of the
280<code>crypto</code>
281<code>ntpd(1ntpdmdoc)</code>
282configuration command specifies the read
283password for previously encrypted local files.
284This must match the local read password used by this program.
285If not specified, the host name is used.
286Thus, if files are generated by this program without an explicit password,
287they can be read back by
288<code>ntpd(1ntpdmdoc)</code>
289without specifying an explicit password but only on the same host.
290If the write password used for encryption is specified as the host name,
291these files can be read by that host with no explicit password.
292
293  <p>Normally, encrypted files for each host are generated by that host and
294used only by that host, although exceptions exist as noted later on
295this page.
296The symmetric keys file, normally called
297<span class="file">ntp.keys</span>,
298is usually installed in
299<span class="file">/etc</span>.
300Other files and links are usually installed in
301<span class="file">/usr/local/etc</span>,
302which is normally in a shared filesystem in
303NFS-mounted networks and cannot be changed by shared clients.
304In these cases, NFS clients can specify the files in another
305directory such as
306<span class="file">/etc</span>
307using the
308<code>keysdir</code>
309<code>ntpd(1ntpdmdoc)</code>
310configuration file command.
311
312  <p>This program directs commentary and error messages to the standard
313error stream
314<span class="file">stderr</span>
315and remote files to the standard output stream
316<span class="file">stdout</span>
317where they can be piped to other applications or redirected to files.
318The names used for generated files and links all begin with the
319string
320<span class="file">ntpkey*</span>
321and include the file type, generating host and filestamp,
322as described in the
323<a href="#Cryptographic-Data-Files">Cryptographic Data Files</a>
324section below.
325
326<h5 class="subsubsection">Running the Program</h5>
327
328<p>The safest way to run the
329<code>ntp-keygen</code>
330program is logged in directly as root.
331The recommended procedure is change to the
332<kbd>keys</kbd>
333directory, usually
334<span class="file">/usr/local/etc</span>,
335then run the program.
336
337  <p>To test and gain experience with Autokey concepts, log in as root and
338change to the
339<kbd>keys</kbd>
340directory, usually
341<span class="file">/usr/local/etc</span>.
342When run for the first time, or if all files with names beginning with
343<span class="file">ntpkey*</span>
344have been removed, use the
345<code>ntp-keygen</code>
346command without arguments to generate a default
347<code>RSA</code>
348host key and matching
349<code>RSA-MD5</code>
350certificate file with expiration date one year hence,
351which is all that is necessary in many cases.
352The program also generates soft links from the generic names
353to the respective files.
354If run again without options, the program uses the
355existing keys and parameters and generates a new certificate file with
356new expiration date one year hence, and soft link.
357
358  <p>The host key is used to encrypt the cookie when required and so must be
359<code>RSA</code>
360type.
361By default, the host key is also the sign key used to encrypt signatures.
362When necessary, a different sign key can be specified and this can be
363either
364<code>RSA</code>
365or
366<code>DSA</code>
367type.
368By default, the message digest type is
369<code>MD5</code>,
370but any combination
371of sign key type and message digest type supported by the OpenSSL library
372can be specified, including those using the
373<code>AES128CMAC</code>, <code>MD2</code>, <code>MD5</code>, <code>MDC2</code>, <code>SHA</code>, <code>SHA1</code>
374and
375<code>RIPE160</code>
376message digest algorithms.
377However, the scheme specified in the certificate must be compatible
378with the sign key.
379Certificates using any digest algorithm are compatible with
380<code>RSA</code>
381sign keys;
382however, only
383<code>SHA</code>
384and
385<code>SHA1</code>
386certificates are compatible with
387<code>DSA</code>
388sign keys.
389
390  <p>Private/public key files and certificates are compatible with
391other OpenSSL applications and very likely other libraries as well.
392Certificates or certificate requests derived from them should be compatible
393with extant industry practice, although some users might find
394the interpretation of X509v3 extension fields somewhat liberal.
395However, the identification parameter files, although encoded
396as the other files, are probably not compatible with anything other than Autokey.
397
398  <p>Running the program as other than root and using the Unix
399<code>su(1)</code>
400command
401to assume root may not work properly, since by default the OpenSSL library
402looks for the random seed file
403<span class="file">.rnd</span>
404in the user home directory.
405However, there should be only one
406<span class="file">.rnd</span>,
407most conveniently
408in the root directory, so it is convenient to define the
409.Ev RANDFILE
410environment variable used by the OpenSSL library as the path to
411<span class="file">.rnd</span>.
412
413  <p>Installing the keys as root might not work in NFS-mounted
414shared file systems, as NFS clients may not be able to write
415to the shared keys directory, even as root.
416In this case, NFS clients can specify the files in another
417directory such as
418<span class="file">/etc</span>
419using the
420<code>keysdir</code>
421<code>ntpd(1ntpdmdoc)</code>
422configuration file command.
423There is no need for one client to read the keys and certificates
424of other clients or servers, as these data are obtained automatically
425by the Autokey protocol.
426
427  <p>Ordinarily, cryptographic files are generated by the host that uses them,
428but it is possible for a trusted agent (TA) to generate these files
429for other hosts; however, in such cases files should always be encrypted.
430The subject name and trusted name default to the hostname
431of the host generating the files, but can be changed by command line options.
432It is convenient to designate the owner name and trusted name
433as the subject and issuer fields, respectively, of the certificate.
434The owner name is also used for the host and sign key files,
435while the trusted name is used for the identity files.
436
437  <p>All files are installed by default in the keys directory
438<span class="file">/usr/local/etc</span>,
439which is normally in a shared filesystem
440in NFS-mounted networks.
441The actual location of the keys directory
442and each file can be overridden by configuration commands,
443but this is not recommended.
444Normally, the files for each host are generated by that host
445and used only by that host, although exceptions exist
446as noted later on this page.
447
448  <p>Normally, files containing private values,
449including the host key, sign key and identification parameters,
450are permitted root read/write-only;
451while others containing public values are permitted world readable.
452Alternatively, files containing private values can be encrypted
453and these files permitted world readable,
454which simplifies maintenance in shared file systems.
455Since uniqueness is insured by the
456<kbd>hostname</kbd>
457and
458<kbd>filestamp</kbd>
459file name extensions, the files for an NTP server and
460dependent clients can all be installed in the same shared directory.
461
462  <p>The recommended practice is to keep the file name extensions
463when installing a file and to install a soft link
464from the generic names specified elsewhere on this page
465to the generated files.
466This allows new file generations to be activated simply
467by changing the link.
468If a link is present,
469<code>ntpd(1ntpdmdoc)</code>
470follows it to the file name to extract the
471<kbd>filestamp</kbd>.
472If a link is not present,
473<code>ntpd(1ntpdmdoc)</code>
474extracts the
475<kbd>filestamp</kbd>
476from the file itself.
477This allows clients to verify that the file and generation times
478are always current.
479The
480<code>ntp-keygen</code>
481program uses the same
482<kbd>filestamp</kbd>
483extension for all files generated
484at one time, so each generation is distinct and can be readily
485recognized in monitoring data.
486
487  <p>Run the command on as many hosts as necessary.
488Designate one of them as the trusted host (TH) using
489<code>ntp-keygen</code>
490with the
491<code>-T</code>
492option and configure it to synchronize from reliable Internet servers.
493Then configure the other hosts to synchronize to the TH directly or
494indirectly.
495A certificate trail is created when Autokey asks the immediately
496ascendant host towards the TH to sign its certificate, which is then
497provided to the immediately descendant host on request.
498All group hosts should have acyclic certificate trails ending on the TH.
499
500  <p>The host key is used to encrypt the cookie when required and so must be
501RSA type.
502By default, the host key is also the sign key used to encrypt
503signatures.
504A different sign key can be assigned using the
505<code>-S</code>
506option and this can be either
507<code>RSA</code>
508or
509<code>DSA</code>
510type.
511By default, the signature
512message digest type is
513<code>MD5</code>,
514but any combination of sign key type and
515message digest type supported by the OpenSSL library can be specified
516using the
517<code>-c</code>
518option.
519
520  <p>The rules say cryptographic media should be generated with proventic
521filestamps, which means the host should already be synchronized before
522this program is run.
523This of course creates a chicken-and-egg problem
524when the host is started for the first time.
525Accordingly, the host time
526should be set by some other means, such as eyeball-and-wristwatch, at
527least so that the certificate lifetime is within the current year.
528After that and when the host is synchronized to a proventic source, the
529certificate should be re-generated.
530
531  <p>Additional information on trusted groups and identity schemes is on the
532Autokey Public-Key Authentication
533page.
534
535  <p>File names begin with the prefix
536<span class="file">ntpkey</span>_
537and end with the suffix
538<span class="file">_</span><kbd>hostname</kbd>. <kbd>filestamp</kbd>,
539where
540<kbd>hostname</kbd>
541is the owner name, usually the string returned
542by the Unix
543<code>hostname(1)</code>
544command, and
545<kbd>filestamp</kbd>
546is the NTP seconds when the file was generated, in decimal digits.
547This both guarantees uniqueness and simplifies maintenance
548procedures, since all files can be quickly removed
549by a
550<code>rm</code> <span class="file">ntpkey*</span>
551command or all files generated
552at a specific time can be removed by a
553<code>rm</code> <span class="file">*</span><kbd>filestamp</kbd>
554command.
555To further reduce the risk of misconfiguration,
556the first two lines of a file contain the file name
557and generation date and time as comments.
558
559<h5 class="subsubsection">Trusted Hosts and Groups</h5>
560
561<p>Each cryptographic configuration involves selection of a signature scheme
562and identification scheme, called a cryptotype,
563as explained in the
564<a href="#Authentication-Options">Authentication Options</a>
565section of
566<code>ntp.conf(5)</code>.
567The default cryptotype uses
568<code>RSA</code>
569encryption,
570<code>MD5</code>
571message digest
572and
573<code>TC</code>
574identification.
575First, configure a NTP subnet including one or more low-stratum
576trusted hosts from which all other hosts derive synchronization
577directly or indirectly.
578Trusted hosts have trusted certificates;
579all other hosts have nontrusted certificates.
580These hosts will automatically and dynamically build authoritative
581certificate trails to one or more trusted hosts.
582A trusted group is the set of all hosts that have, directly or indirectly,
583a certificate trail ending at a trusted host.
584The trail is defined by static configuration file entries
585or dynamic means described on the
586<a href="#Automatic-NTP-Configuration-Options">Automatic NTP Configuration Options</a>
587section of
588<code>ntp.conf(5)</code>.
589
590  <p>On each trusted host as root, change to the keys directory.
591To insure a fresh fileset, remove all
592<span class="file">ntpkey</span>
593files.
594Then run
595<code>ntp-keygen</code>
596<code>-T</code>
597to generate keys and a trusted certificate.
598On all other hosts do the same, but leave off the
599<code>-T</code>
600flag to generate keys and nontrusted certificates.
601When complete, start the NTP daemons beginning at the lowest stratum
602and working up the tree.
603It may take some time for Autokey to instantiate the certificate trails
604throughout the subnet, but setting up the environment is completely automatic.
605
606  <p>If it is necessary to use a different sign key or different digest/signature
607scheme than the default, run
608<code>ntp-keygen</code>
609with the
610<code>-S</code> <kbd>type</kbd>
611option, where
612<kbd>type</kbd>
613is either
614<code>RSA</code>
615or
616<code>DSA</code>.
617The most frequent need to do this is when a
618<code>DSA</code>-signed
619certificate is used.
620If it is necessary to use a different certificate scheme than the default,
621run
622<code>ntp-keygen</code>
623with the
624<code>-c</code> <kbd>scheme</kbd>
625option and selected
626<kbd>scheme</kbd>
627as needed.
628If
629<code>ntp-keygen</code>
630is run again without these options, it generates a new certificate
631using the same scheme and sign key, and soft link.
632
633  <p>After setting up the environment it is advisable to update certificates
634from time to time, if only to extend the validity interval.
635Simply run
636<code>ntp-keygen</code>
637with the same flags as before to generate new certificates
638using existing keys, and soft links.
639However, if the host or sign key is changed,
640<code>ntpd(1ntpdmdoc)</code>
641should be restarted.
642When
643<code>ntpd(1ntpdmdoc)</code>
644is restarted, it loads any new files and restarts the protocol.
645Other dependent hosts will continue as usual until signatures are refreshed,
646at which time the protocol is restarted.
647
648<h5 class="subsubsection">Identity Schemes</h5>
649
650<p>As mentioned on the Autonomous Authentication page,
651the default
652<code>TC</code>
653identity scheme is vulnerable to a middleman attack.
654However, there are more secure identity schemes available,
655including
656<code>PC</code>, <code>IFF</code>, <code>GQ</code>
657and
658<code>MV</code>
659schemes described below.
660These schemes are based on a TA, one or more trusted hosts
661and some number of nontrusted hosts.
662Trusted hosts prove identity using values provided by the TA,
663while the remaining hosts prove identity using values provided
664by a trusted host and certificate trails that end on that host.
665The name of a trusted host is also the name of its sugroup
666and also the subject and issuer name on its trusted certificate.
667The TA is not necessarily a trusted host in this sense, but often is.
668
669  <p>In some schemes there are separate keys for servers and clients.
670A server can also be a client of another server,
671but a client can never be a server for another client.
672In general, trusted hosts and nontrusted hosts that operate
673as both server and client have parameter files that contain
674both server and client keys.
675Hosts that operate
676only as clients have key files that contain only client keys.
677
678  <p>The PC scheme supports only one trusted host in the group.
679On trusted host alice run
680<code>ntp-keygen</code>
681<code>-P</code>
682<code>-p</code> <kbd>password</kbd>
683to generate the host key file
684<span class="file">ntpkey</span>_ <code>RSA</code> <span class="file">key_alice.</span> <kbd>filestamp</kbd>
685and trusted private certificate file
686<span class="file">ntpkey</span>_ <code>RSA-MD5</code> <code>_</code> <span class="file">cert_alice.</span> <kbd>filestamp</kbd>,
687and soft links.
688Copy both files to all group hosts;
689they replace the files which would be generated in other schemes.
690On each host
691<kbd>bob</kbd>
692install a soft link from the generic name
693<span class="file">ntpkey_host_</span><kbd>bob</kbd>
694to the host key file and soft link
695<span class="file">ntpkey_cert_</span><kbd>bob</kbd>
696to the private certificate file.
697Note the generic links are on bob, but point to files generated
698by trusted host alice.
699In this scheme it is not possible to refresh
700either the keys or certificates without copying them
701to all other hosts in the group, and recreating the soft links.
702
703  <p>For the
704<code>IFF</code>
705scheme proceed as in the
706<code>TC</code>
707scheme to generate keys
708and certificates for all group hosts, then for every trusted host in the group,
709generate the
710<code>IFF</code>
711parameter file.
712On trusted host alice run
713<code>ntp-keygen</code>
714<code>-T</code>
715<code>-I</code>
716<code>-p</code> <kbd>password</kbd>
717to produce her parameter file
718<span class="file">ntpkey_IFFpar_alice.</span><kbd>filestamp</kbd>,
719which includes both server and client keys.
720Copy this file to all group hosts that operate as both servers
721and clients and install a soft link from the generic
722<span class="file">ntpkey_iff_alice</span>
723to this file.
724If there are no hosts restricted to operate only as clients,
725there is nothing further to do.
726As the
727<code>IFF</code>
728scheme is independent
729of keys and certificates, these files can be refreshed as needed.
730
731  <p>If a rogue client has the parameter file, it could masquerade
732as a legitimate server and present a middleman threat.
733To eliminate this threat, the client keys can be extracted
734from the parameter file and distributed to all restricted clients.
735After generating the parameter file, on alice run
736<code>ntp-keygen</code>
737<code>-e</code>
738and pipe the output to a file or email program.
739Copy or email this file to all restricted clients.
740On these clients install a soft link from the generic
741<span class="file">ntpkey_iff_alice</span>
742to this file.
743To further protect the integrity of the keys,
744each file can be encrypted with a secret password.
745
746  <p>For the
747<code>GQ</code>
748scheme proceed as in the
749<code>TC</code>
750scheme to generate keys
751and certificates for all group hosts, then for every trusted host
752in the group, generate the
753<code>IFF</code>
754parameter file.
755On trusted host alice run
756<code>ntp-keygen</code>
757<code>-T</code>
758<code>-G</code>
759<code>-p</code> <kbd>password</kbd>
760to produce her parameter file
761<span class="file">ntpkey_GQpar_alice.</span><kbd>filestamp</kbd>,
762which includes both server and client keys.
763Copy this file to all group hosts and install a soft link
764from the generic
765<span class="file">ntpkey_gq_alice</span>
766to this file.
767In addition, on each host
768<kbd>bob</kbd>
769install a soft link
770from generic
771<span class="file">ntpkey_gq_</span><kbd>bob</kbd>
772to this file.
773As the
774<code>GQ</code>
775scheme updates the
776<code>GQ</code>
777parameters file and certificate
778at the same time, keys and certificates can be regenerated as needed.
779
780  <p>For the
781<code>MV</code>
782scheme, proceed as in the
783<code>TC</code>
784scheme to generate keys
785and certificates for all group hosts.
786For illustration assume trish is the TA, alice one of several trusted hosts
787and bob one of her clients.
788On TA trish run
789<code>ntp-keygen</code>
790<code>-V</code> <kbd>n</kbd>
791<code>-p</code> <kbd>password</kbd>,
792where
793<kbd>n</kbd>
794is the number of revokable keys (typically 5) to produce
795the parameter file
796<span class="file">ntpkeys_MVpar_trish.</span><kbd>filestamp</kbd>
797and client key files
798<span class="file">ntpkeys_MVkey</span><kbd>d</kbd> <kbd>_</kbd> <span class="file">trish.</span> <kbd>filestamp</kbd>
799where
800<kbd>d</kbd>
801is the key number (0 &lt;
802<kbd>d</kbd>
803&lt;
804<kbd>n</kbd>).
805Copy the parameter file to alice and install a soft link
806from the generic
807<span class="file">ntpkey_mv_alice</span>
808to this file.
809Copy one of the client key files to alice for later distribution
810to her clients.
811It does not matter which client key file goes to alice,
812since they all work the same way.
813Alice copies the client key file to all of her clients.
814On client bob install a soft link from generic
815<span class="file">ntpkey_mvkey_bob</span>
816to the client key file.
817As the
818<code>MV</code>
819scheme is independent of keys and certificates,
820these files can be refreshed as needed.
821
822<h5 class="subsubsection">Command Line Options</h5>
823
824     <dl>
825<dt><code>-b</code> <code>--imbits</code>= <kbd>modulus</kbd><dd>Set the number of bits in the identity modulus for generating identity keys to
826<kbd>modulus</kbd>
827bits.
828The number of bits in the identity modulus defaults to 256, but can be set to
829values from 256 to 2048 (32 to 256 octets).
830Use the larger moduli with caution, as this can consume considerable computing
831resources and increases the size of authenticated packets.
832<br><dt><code>-c</code> <code>--certificate</code>= <kbd>scheme</kbd><dd>Select certificate signature encryption/message digest scheme.
833The
834<kbd>scheme</kbd>
835can be one of the following:
836<code>RSA-MD2</code>, <code>RSA-MD5</code>, <code>RSA-MDC2</code>, <code>RSA-SHA</code>, <code>RSA-SHA1</code>, <code>RSA-RIPEMD160</code>, <code>DSA-SHA</code>,
837or
838<code>DSA-SHA1</code>.
839Note that
840<code>RSA</code>
841schemes must be used with an
842<code>RSA</code>
843sign key and
844<code>DSA</code>
845schemes must be used with a
846<code>DSA</code>
847sign key.
848The default without this option is
849<code>RSA-MD5</code>.
850If compatibility with FIPS 140-2 is required, either the
851<code>DSA-SHA</code>
852or
853<code>DSA-SHA1</code>
854scheme must be used.
855<br><dt><code>-C</code> <code>--cipher</code>= <kbd>cipher</kbd><dd>Select the OpenSSL cipher to encrypt the files containing private keys.
856The default without this option is three-key triple DES in CBC mode,
857<code>des-ede3-cbc</code>.
858The
859<code>openssl</code> <code>-h</code>
860command provided with OpenSSL displays available ciphers.
861<br><dt><code>-d</code> <code>--debug-level</code><dd>Increase debugging verbosity level.
862This option displays the cryptographic data produced in eye-friendly billboards.
863<br><dt><code>-D</code> <code>--set-debug-level</code>= <kbd>level</kbd><dd>Set the debugging verbosity to
864<kbd>level</kbd>.
865This option displays the cryptographic data produced in eye-friendly billboards.
866<br><dt><code>-e</code> <code>--id-key</code><dd>Write the
867<code>IFF</code>
868or
869<code>GQ</code>
870public parameters from the
871<kbd>IFFkey</kbd> <kbd>or</kbd> <kbd>GQkey</kbd>
872client keys file previously specified
873as unencrypted data to the standard output stream
874<span class="file">stdout</span>.
875This is intended for automatic key distribution by email.
876<br><dt><code>-G</code> <code>--gq-params</code><dd>Generate a new encrypted
877<code>GQ</code>
878parameters and key file for the Guillou-Quisquater (GQ) identity scheme.
879This option is mutually exclusive with the
880<code>-I</code>
881and
882<code>-V</code>
883options.
884<br><dt><code>-H</code> <code>--host-key</code><dd>Generate a new encrypted
885<code>RSA</code>
886public/private host key file.
887<br><dt><code>-I</code> <code>--iffkey</code><dd>Generate a new encrypted
888<code>IFF</code>
889key file for the Schnorr (IFF) identity scheme.
890This option is mutually exclusive with the
891<code>-G</code>
892and
893Fl V
894options.
895<br><dt><code>-i</code> <code>--ident</code>= <kbd>group</kbd><dd>Set the optional Autokey group name to
896<kbd>group</kbd>.
897This is used in the identity scheme parameter file names of
898<code>IFF</code>, <code>GQ</code>,
899and
900<code>MV</code>
901client parameters files.
902In that role, the default is the host name if no group is provided.
903The group name, if specified using
904<code>-i</code>
905or
906<code>-s</code>
907following an
908@
909character, is also used in certificate subject and issuer names in the form
910<kbd>host</kbd> <kbd>@</kbd> <kbd>group</kbd>
911and should match the group specified via
912<code>crypto</code> <code>ident</code>
913or
914<code>server</code> <code>ident</code>
915in the ntpd configuration file.
916<br><dt><code>-l</code> <code>--lifetime</code>= <kbd>days</kbd><dd>Set the lifetime for certificate expiration to
917<kbd>days</kbd>.
918The default lifetime is one year (365 days).
919<br><dt><code>-m</code> <code>--modulus</code>= <kbd>bits</kbd><dd>Set the number of bits in the prime modulus for generating files to
920<kbd>bits</kbd>.
921The modulus defaults to 512, but can be set from 256 to 2048 (32 to 256 octets).
922Use the larger moduli with caution, as this can consume considerable computing
923resources and increases the size of authenticated packets.
924<br><dt><code>-M</code> <code>--md5key</code><dd>Generate a new symmetric keys file containing 10
925<code>MD5</code>
926keys, and if OpenSSL is available, 10
927<code>SHA</code>
928keys.
929An
930<code>MD5</code>
931key is a string of 20 random printable ASCII characters, while a
932<code>SHA</code>
933key is a string of 40 random hex digits.
934The file can be edited using a text editor to change the key type or key content.
935This option is mutually exclusive with all other options.
936<br><dt><code>-p</code> <code>--password</code>= <kbd>passwd</kbd><dd>Set the password for reading and writing encrypted files to
937<kbd>passwd</kbd>.
938These include the host, sign and identify key files.
939By default, the password is the string returned by the Unix
940<code>hostname</code>
941command.
942<br><dt><code>-P</code> <code>--pvt-cert</code><dd>Generate a new private certificate used by the
943<code>PC</code>
944identity scheme.
945By default, the program generates public certificates.
946Note: the PC identity scheme is not recommended for new installations.
947<br><dt><code>-q</code> <code>--export-passwd</code>= <kbd>passwd</kbd><dd>Set the password for writing encrypted
948<code>IFF</code>, <code>GQ</code> <code>and</code> <code>MV</code>
949identity files redirected to
950<span class="file">stdout</span>
951to
952<kbd>passwd</kbd>.
953In effect, these files are decrypted with the
954<code>-p</code>
955password, then encrypted with the
956<code>-q</code>
957password.
958By default, the password is the string returned by the Unix
959<code>hostname</code>
960command.
961<br><dt><code>-s</code> <code>--subject-key</code>= <code>[host]</code> <code>[@ </code><kbd>group</kbd><code>]</code><dd>Specify the Autokey host name, where
962<kbd>host</kbd>
963is the optional host name and
964<kbd>group</kbd>
965is the optional group name.
966The host name, and if provided, group name are used in
967<kbd>host</kbd> <kbd>@</kbd> <kbd>group</kbd>
968form as certificate subject and issuer.
969Specifying
970<code>-s</code> <code>-@</code> <kbd>group</kbd>
971is allowed, and results in leaving the host name unchanged, as with
972<code>-i</code> <kbd>group</kbd>.
973The group name, or if no group is provided, the host name are also used in the
974file names of
975<code>IFF</code>, <code>GQ</code>,
976and
977<code>MV</code>
978identity scheme client parameter files.
979If
980<kbd>host</kbd>
981is not specified, the default host name is the string returned by the Unix
982<code>hostname</code>
983command.
984<br><dt><code>-S</code> <code>--sign-key</code>= <code>[RSA | DSA]</code><dd>Generate a new encrypted public/private sign key file of the specified type.
985By default, the sign key is the host key and has the same type.
986If compatibility with FIPS 140-2 is required, the sign key type must be
987<code>DSA</code>.
988<br><dt><code>-T</code> <code>--trusted-cert</code><dd>Generate a trusted certificate.
989By default, the program generates a non-trusted certificate.
990<br><dt><code>-V</code> <code>--mv-params</code> <kbd>nkeys</kbd><dd>Generate
991<kbd>nkeys</kbd>
992encrypted server keys and parameters for the Mu-Varadharajan (MV)
993identity scheme.
994This option is mutually exclusive with the
995<code>-I</code>
996and
997<code>-G</code>
998options.
999Note: support for this option should be considered a work in progress.
1000</dl>
1001
1002<h5 class="subsubsection">Random Seed File</h5>
1003
1004<p>All cryptographically sound key generation schemes must have means
1005to randomize the entropy seed used to initialize
1006the internal pseudo-random number generator used
1007by the library routines.
1008The OpenSSL library uses a designated random seed file for this purpose.
1009The file must be available when starting the NTP daemon and
1010<code>ntp-keygen</code>
1011program.
1012If a site supports OpenSSL or its companion OpenSSH,
1013it is very likely that means to do this are already available.
1014
1015  <p>It is important to understand that entropy must be evolved
1016for each generation, for otherwise the random number sequence
1017would be predictable.
1018Various means dependent on external events, such as keystroke intervals,
1019can be used to do this and some systems have built-in entropy sources.
1020Suitable means are described in the OpenSSL software documentation,
1021but are outside the scope of this page.
1022
1023  <p>The entropy seed used by the OpenSSL library is contained in a file,
1024usually called
1025<span class="file">.rnd</span>,
1026which must be available when starting the NTP daemon
1027or the
1028<code>ntp-keygen</code>
1029program.
1030The NTP daemon will first look for the file
1031using the path specified by the
1032<code>randfile</code>
1033subcommand of the
1034<code>crypto</code>
1035configuration command.
1036If not specified in this way, or when starting the
1037<code>ntp-keygen</code>
1038program,
1039the OpenSSL library will look for the file using the path specified
1040by the
1041.Ev RANDFILE
1042environment variable in the user home directory,
1043whether root or some other user.
1044If the
1045.Ev RANDFILE
1046environment variable is not present,
1047the library will look for the
1048<span class="file">.rnd</span>
1049file in the user home directory.
1050Since both the
1051<code>ntp-keygen</code>
1052program and
1053<code>ntpd(1ntpdmdoc)</code>
1054daemon must run as root, the logical place to put this file is in
1055<span class="file">/.rnd</span>
1056or
1057<span class="file">/root/.rnd</span>.
1058If the file is not available or cannot be written,
1059the daemon exits with a message to the system log and the program
1060exits with a suitable error message.
1061
1062<h5 class="subsubsection">Cryptographic Data Files</h5>
1063
1064<p>All file formats begin with two nonencrypted lines.
1065The first line contains the file name, including the generated host name
1066and filestamp, in the format
1067<span class="file">ntpkey_</span><kbd>key</kbd> <kbd>_</kbd> <kbd>name</kbd>. <kbd>filestamp</kbd>,
1068where
1069<kbd>key</kbd>
1070is the key or parameter type,
1071<kbd>name</kbd>
1072is the host or group name and
1073<kbd>filestamp</kbd>
1074is the filestamp (NTP seconds) when the file was created.
1075By convention,
1076<kbd>key</kbd>
1077names in generated file names include both upper and lower case
1078characters, while
1079<kbd>key</kbd>
1080names in generated link names include only lower case characters.
1081The filestamp is not used in generated link names.
1082The second line contains the datestamp in conventional Unix
1083<span class="file">date</span>
1084format.
1085Lines beginning with
1086#
1087are considered comments and ignored by the
1088<code>ntp-keygen</code>
1089program and
1090<code>ntpd(1ntpdmdoc)</code>
1091daemon.
1092
1093  <p>The remainder of the file contains cryptographic data, encoded first using ASN.1
1094rules, then encrypted if necessary, and finally written in PEM-encoded
1095printable ASCII text, preceded and followed by MIME content identifier lines.
1096
1097  <p>The format of the symmetric keys file, ordinarily named
1098<span class="file">ntp.keys</span>,
1099is somewhat different than the other files in the interest of backward compatibility.
1100Ordinarily, the file is generated by this program, but it can be constructed
1101and edited using an ordinary text editor.
1102<pre class="verbatim">
1103# ntpkey_MD5key_bk.ntp.org.3595864945
1104# Thu Dec 12 19:22:25 2013
1105
11061  MD5 L";Nw&lt;\`.I&lt;f4U0)247"i  # MD5 key
11072  MD5 &amp;>l0%XXK9O'51VwV&lt;xq~  # MD5 key
11083  MD5 lb4zLW~d^!K:]RsD'qb6  # MD5 key
11094  MD5 Yue:tL[+vR)M\`n~bY,'?  # MD5 key
11105  MD5 B;fx'Kgr/&amp;4ZTbL6=RxA  # MD5 key
11116  MD5 4eYwa\`o@}3i@@@@V@@..R9!l  # MD5 key
11127  MD5 \`A.([h+;wTQ|xfi%Sn_!  # MD5 key
11138  MD5 45:V,r4]l6y^JH6"Sh?F  # MD5 key
11149  MD5 3-5vcn*6l29DS?Xdsg)*  # MD5 key
111510 MD5 2late4Me              # MD5 key
111611 SHA1 a27872d3030a9025b8446c751b4551a7629af65c  # SHA1 key
111712 SHA1 21bc3b4865dbb9e920902abdccb3e04ff97a5e74  # SHA1 key
111813 SHA1 2b7736fe24fef5ba85ae11594132ab5d6f6daba9  # SHA1 key
111914 SHA  a5332809c8878dd3a5b918819108a111509aeceb  # SHA  key
112015 MD2  2fe16c88c760ff2f16d4267e36c1aa6c926e6964  # MD2  key
112116 MD4  b2691811dc19cfc0e2f9bcacd74213f29812183d  # MD4  key
112217 MD5  e4d6735b8bdad58ec5ffcb087300a17f7fef1f7c  # MD5  key
112318 MDC2 a8d5e2315c025bf3a79174c87fbd10477de2eabc  # MDC2 key
112419 RIPEMD160 77ca332cafb30e3cafb174dcd5b80ded7ba9b3d2  # RIPEMD160 key
112520 AES128CMAC f92ff73eee86c1e7dc638d6489a04e4e555af878  # AES128CMAC key
1126</pre>
1127<pre class="example">     Figure 1. Typical Symmetric Key File
1128</pre>
1129  <p>Figure 1 shows a typical symmetric keys file used by the reference
1130implementation.
1131Following the header the keys are entered one per line in the format
1132<pre class="example">     <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd>
1133</pre>
1134  <p>where
1135<kbd>keyno</kbd>
1136is a positive integer in the range 1-65535;
1137<kbd>type</kbd>
1138is the key type for the message digest algorithm, which in the absence of the
1139OpenSSL library must be
1140<code>MD5</code>
1141to designate the MD5 message digest algorithm;
1142if the OpenSSL library is installed, the key type can be any
1143message digest algorithm supported by that library;
1144however, if compatibility with FIPS 140-2 is required,
1145the key type must be either
1146<code>SHA</code>
1147or
1148<code>SHA1</code>;
1149<kbd>key</kbd>
1150is the key itself,
1151which is a printable ASCII string 20 characters or less in length:
1152each character is chosen from the 93 printable characters
1153in the range 0x21 through 0x7e (
1154!
1155through
1156~
1157) excluding space and the
1158#
1159character, and terminated by whitespace or a
1160#
1161character.
1162An OpenSSL key consists of a hex-encoded ASCII string of 40 characters, which
1163is truncated as necessary.
1164
1165  <p>Note that the keys used by the
1166<code>ntpq(1ntpqmdoc)</code>
1167and
1168<code>ntpdc(1ntpdcmdoc)</code>
1169programs
1170are checked against passwords requested by the programs
1171and entered by hand, so it is generally appropriate to specify these keys
1172in human readable ASCII format.
1173
1174  <p>The
1175<code>ntp-keygen</code>
1176program generates a symmetric keys file
1177<span class="file">ntpkey_MD5key_</span><kbd>hostname</kbd>. <kbd>filestamp</kbd>.
1178Since the file contains private shared keys,
1179it should be visible only to root and distributed by secure means
1180to other subnet hosts.
1181The NTP daemon loads the file
1182<span class="file">ntp.keys</span>,
1183so
1184<code>ntp-keygen</code>
1185installs a soft link from this name to the generated file.
1186Subsequently, similar soft links must be installed by manual
1187or automated means on the other subnet hosts.
1188While this file is not used with the Autokey Version 2 protocol,
1189it is needed to authenticate some remote configuration commands
1190used by the
1191<code>ntpq(1ntpqmdoc)</code>
1192and
1193<code>ntpdc(1ntpdcmdoc)</code>
1194utilities.
1195
1196  <p>This section was generated by <strong>AutoGen</strong>,
1197using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp-keygen</code> program.
1198This software is released under the NTP license, &lt;http://ntp.org/license&gt;.
1199
1200<ul class="menu">
1201<li><a accesskey="1" href="#ntp_002dkeygen-usage">ntp-keygen usage</a>:                   ntp-keygen help/usage (<span class="option">--help</span>)
1202<li><a accesskey="2" href="#ntp_002dkeygen-imbits">ntp-keygen imbits</a>:                  imbits option (-b)
1203<li><a accesskey="3" href="#ntp_002dkeygen-certificate">ntp-keygen certificate</a>:             certificate option (-c)
1204<li><a accesskey="4" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>:                  cipher option (-C)
1205<li><a accesskey="5" href="#ntp_002dkeygen-id_002dkey">ntp-keygen id-key</a>:                  id-key option (-e)
1206<li><a accesskey="6" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>:               gq-params option (-G)
1207<li><a accesskey="7" href="#ntp_002dkeygen-host_002dkey">ntp-keygen host-key</a>:                host-key option (-H)
1208<li><a accesskey="8" href="#ntp_002dkeygen-iffkey">ntp-keygen iffkey</a>:                  iffkey option (-I)
1209<li><a accesskey="9" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>:                   ident option (-i)
1210<li><a href="#ntp_002dkeygen-lifetime">ntp-keygen lifetime</a>:                lifetime option (-l)
1211<li><a href="#ntp_002dkeygen-modulus">ntp-keygen modulus</a>:                 modulus option (-m)
1212<li><a href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>:                  md5key option (-M)
1213<li><a href="#ntp_002dkeygen-pvt_002dcert">ntp-keygen pvt-cert</a>:                pvt-cert option (-P)
1214<li><a href="#ntp_002dkeygen-password">ntp-keygen password</a>:                password option (-p)
1215<li><a href="#ntp_002dkeygen-export_002dpasswd">ntp-keygen export-passwd</a>:           export-passwd option (-q)
1216<li><a href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>:            subject-name option (-s)
1217<li><a href="#ntp_002dkeygen-sign_002dkey">ntp-keygen sign-key</a>:                sign-key option (-S)
1218<li><a href="#ntp_002dkeygen-trusted_002dcert">ntp-keygen trusted-cert</a>:            trusted-cert option (-T)
1219<li><a href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>:               mv-params option (-V)
1220<li><a href="#ntp_002dkeygen-mv_002dkeys">ntp-keygen mv-keys</a>:                 mv-keys option (-v)
1221<li><a href="#ntp_002dkeygen-config">ntp-keygen config</a>:                  presetting/configuring ntp-keygen
1222<li><a href="#ntp_002dkeygen-exit-status">ntp-keygen exit status</a>:             exit status
1223<li><a href="#ntp_002dkeygen-Usage">ntp-keygen Usage</a>:                   Usage
1224<li><a href="#ntp_002dkeygen-Notes">ntp-keygen Notes</a>:                   Notes
1225<li><a href="#ntp_002dkeygen-Bugs">ntp-keygen Bugs</a>:                    Bugs
1226</ul>
1227
1228<div class="node">
1229<p><hr>
1230<a name="ntp_002dkeygen-usage"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-imbits">ntp-keygen imbits</a>,
1231Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1232<br>
1233</div>
1234
1235<h4 class="subsection">ntp-keygen help/usage (<span class="option">--help</span>)</h4>
1236
1237<p><a name="index-ntp_002dkeygen-help-3"></a>
1238This is the automatically generated usage text for ntp-keygen.
1239
1240  <p>The text printed is the same whether selected with the <code>help</code> option
1241(<span class="option">--help</span>) or the <code>more-help</code> option (<span class="option">--more-help</span>).  <code>more-help</code> will print
1242the usage text by passing it through a pager program.
1243<code>more-help</code> is disabled on platforms without a working
1244<code>fork(2)</code> function.  The <code>PAGER</code> environment variable is
1245used to select the program, defaulting to <span class="file">more</span>.  Both will exit
1246with a status code of 0.
1247
1248<pre class="example">ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p11
1249Usage:  ntp-keygen [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]...
1250  Flg Arg Option-Name    Description
1251   -b Num imbits         identity modulus bits
1252                                - it must be in the range:
1253                                  256 to 2048
1254   -c Str certificate    certificate scheme
1255   -C Str cipher         privatekey cipher
1256   -d no  debug-level    Increase debug verbosity level
1257                                - may appear multiple times
1258   -D Num set-debug-level Set the debug verbosity level
1259                                - may appear multiple times
1260   -e no  id-key         Write IFF or GQ identity keys
1261   -G no  gq-params      Generate GQ parameters and keys
1262   -H no  host-key       generate RSA host key
1263   -I no  iffkey         generate IFF parameters
1264   -i Str ident          set Autokey group name
1265   -l Num lifetime       set certificate lifetime
1266   -m Num modulus        prime modulus
1267                                - it must be in the range:
1268                                  256 to 2048
1269   -M no  md5key         generate symmetric keys
1270   -P no  pvt-cert       generate PC private certificate
1271   -p Str password       local private password
1272   -q Str export-passwd  export IFF or GQ group keys with password
1273   -s Str subject-name   set host and optionally group name
1274   -S Str sign-key       generate sign key (RSA or DSA)
1275   -T no  trusted-cert   trusted certificate (TC scheme)
1276   -V Num mv-params      generate &lt;num&gt; MV parameters
1277   -v Num mv-keys        update &lt;num&gt; MV keys
1278      opt version        output version information and exit
1279   -? no  help           display extended usage information and exit
1280   -! no  more-help      extended usage information passed thru pager
1281   -&gt; opt save-opts      save the option state to a config file
1282   -&lt; Str load-opts      load options from a config file
1283                                - disabled as '--no-load-opts'
1284                                - may appear multiple times
1285
1286Options are specified by doubled hyphens and their name or by a single
1287hyphen and the flag character.
1288
1289
1290The following option preset mechanisms are supported:
1291 - reading file $HOME/.ntprc
1292 - reading file ./.ntprc
1293 - examining environment variables named NTP_KEYGEN_*
1294
1295Please send bug reports to:  &lt;http://bugs.ntp.org, bugs@ntp.org&gt;
1296</pre>
1297  <div class="node">
1298<p><hr>
1299<a name="ntp_002dkeygen-imbits"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-certificate">ntp-keygen certificate</a>,
1300Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-usage">ntp-keygen usage</a>,
1301Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1302<br>
1303</div>
1304
1305<h4 class="subsection">imbits option (-b)</h4>
1306
1307<p><a name="index-ntp_002dkeygen_002dimbits-4"></a>
1308This is the &ldquo;identity modulus bits&rdquo; option.
1309This option takes a number argument <span class="file">imbits</span>.
1310
1311<p class="noindent">This option has some usage constraints.  It:
1312     <ul>
1313<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1314</ul>
1315
1316  <p>The number of bits in the identity modulus.  The default is 256.
1317<div class="node">
1318<p><hr>
1319<a name="ntp_002dkeygen-certificate"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>,
1320Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-imbits">ntp-keygen imbits</a>,
1321Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1322<br>
1323</div>
1324
1325<h4 class="subsection">certificate option (-c)</h4>
1326
1327<p><a name="index-ntp_002dkeygen_002dcertificate-5"></a>
1328This is the &ldquo;certificate scheme&rdquo; option.
1329This option takes a string argument <span class="file">scheme</span>.
1330
1331<p class="noindent">This option has some usage constraints.  It:
1332     <ul>
1333<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1334</ul>
1335
1336  <p>scheme is one of
1337RSA-MD2, RSA-MD5, RSA-MDC2, RSA-SHA, RSA-SHA1, RSA-RIPEMD160,
1338DSA-SHA, or DSA-SHA1.
1339
1340  <p>Select the certificate signature encryption/message digest scheme.
1341Note that RSA schemes must be used with a RSA sign key and DSA
1342schemes must be used with a DSA sign key.  The default without
1343this option is RSA-MD5.
1344<div class="node">
1345<p><hr>
1346<a name="ntp_002dkeygen-cipher"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-id_002dkey">ntp-keygen id-key</a>,
1347Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-certificate">ntp-keygen certificate</a>,
1348Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1349<br>
1350</div>
1351
1352<h4 class="subsection">cipher option (-C)</h4>
1353
1354<p><a name="index-ntp_002dkeygen_002dcipher-6"></a>
1355This is the &ldquo;privatekey cipher&rdquo; option.
1356This option takes a string argument <span class="file">cipher</span>.
1357
1358<p class="noindent">This option has some usage constraints.  It:
1359     <ul>
1360<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1361</ul>
1362
1363  <p>Select the cipher which is used to encrypt the files containing
1364private keys.  The default is three-key triple DES in CBC mode,
1365equivalent to "<code>-C des-ede3-cbc</code>".  The openssl tool lists ciphers
1366available in "<code>openssl -h</code>" output.
1367<div class="node">
1368<p><hr>
1369<a name="ntp_002dkeygen-id_002dkey"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>,
1370Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>,
1371Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1372<br>
1373</div>
1374
1375<h4 class="subsection">id-key option (-e)</h4>
1376
1377<p><a name="index-ntp_002dkeygen_002did_002dkey-7"></a>
1378This is the &ldquo;write iff or gq identity keys&rdquo; option.
1379
1380<p class="noindent">This option has some usage constraints.  It:
1381     <ul>
1382<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1383</ul>
1384
1385  <p>Write the public parameters from the IFF or GQ client keys to
1386the standard output.
1387This is intended for automatic key distribution by email.
1388<div class="node">
1389<p><hr>
1390<a name="ntp_002dkeygen-gq_002dparams"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-host_002dkey">ntp-keygen host-key</a>,
1391Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-id_002dkey">ntp-keygen id-key</a>,
1392Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1393<br>
1394</div>
1395
1396<h4 class="subsection">gq-params option (-G)</h4>
1397
1398<p><a name="index-ntp_002dkeygen_002dgq_002dparams-8"></a>
1399This is the &ldquo;generate gq parameters and keys&rdquo; option.
1400
1401<p class="noindent">This option has some usage constraints.  It:
1402     <ul>
1403<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1404</ul>
1405
1406  <p>Generate parameters and keys for the GQ identification scheme,
1407obsoleting any that may exist.
1408<div class="node">
1409<p><hr>
1410<a name="ntp_002dkeygen-host_002dkey"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-iffkey">ntp-keygen iffkey</a>,
1411Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>,
1412Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1413<br>
1414</div>
1415
1416<h4 class="subsection">host-key option (-H)</h4>
1417
1418<p><a name="index-ntp_002dkeygen_002dhost_002dkey-9"></a>
1419This is the &ldquo;generate rsa host key&rdquo; option.
1420
1421<p class="noindent">This option has some usage constraints.  It:
1422     <ul>
1423<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1424</ul>
1425
1426  <p>Generate new host keys, obsoleting any that may exist.
1427<div class="node">
1428<p><hr>
1429<a name="ntp_002dkeygen-iffkey"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>,
1430Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-host_002dkey">ntp-keygen host-key</a>,
1431Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1432<br>
1433</div>
1434
1435<h4 class="subsection">iffkey option (-I)</h4>
1436
1437<p><a name="index-ntp_002dkeygen_002diffkey-10"></a>
1438This is the &ldquo;generate iff parameters&rdquo; option.
1439
1440<p class="noindent">This option has some usage constraints.  It:
1441     <ul>
1442<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1443</ul>
1444
1445  <p>Generate parameters for the IFF identification scheme, obsoleting
1446any that may exist.
1447<div class="node">
1448<p><hr>
1449<a name="ntp_002dkeygen-ident"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-lifetime">ntp-keygen lifetime</a>,
1450Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-iffkey">ntp-keygen iffkey</a>,
1451Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1452<br>
1453</div>
1454
1455<h4 class="subsection">ident option (-i)</h4>
1456
1457<p><a name="index-ntp_002dkeygen_002dident-11"></a>
1458This is the &ldquo;set autokey group name&rdquo; option.
1459This option takes a string argument <span class="file">group</span>.
1460
1461<p class="noindent">This option has some usage constraints.  It:
1462     <ul>
1463<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1464</ul>
1465
1466  <p>Set the optional Autokey group name to name.  This is used in
1467the file name of IFF, GQ, and MV client parameters files.  In
1468that role, the default is the host name if this option is not
1469provided.  The group name, if specified using <code>-i/--ident</code> or
1470using <code>-s/--subject-name</code> following an '<code>@</code>' character,
1471is also a part of the self-signed host certificate subject and
1472issuer names in the form <code>host@group</code> and should match the
1473'<code>crypto ident</code>' or '<code>server ident</code>' configuration in the
1474<code>ntpd</code> configuration file.
1475<div class="node">
1476<p><hr>
1477<a name="ntp_002dkeygen-lifetime"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-modulus">ntp-keygen modulus</a>,
1478Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>,
1479Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1480<br>
1481</div>
1482
1483<h4 class="subsection">lifetime option (-l)</h4>
1484
1485<p><a name="index-ntp_002dkeygen_002dlifetime-12"></a>
1486This is the &ldquo;set certificate lifetime&rdquo; option.
1487This option takes a number argument <span class="file">lifetime</span>.
1488
1489<p class="noindent">This option has some usage constraints.  It:
1490     <ul>
1491<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1492</ul>
1493
1494  <p>Set the certificate expiration to lifetime days from now.
1495<div class="node">
1496<p><hr>
1497<a name="ntp_002dkeygen-modulus"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>,
1498Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-lifetime">ntp-keygen lifetime</a>,
1499Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1500<br>
1501</div>
1502
1503<h4 class="subsection">modulus option (-m)</h4>
1504
1505<p><a name="index-ntp_002dkeygen_002dmodulus-13"></a>
1506This is the &ldquo;prime modulus&rdquo; option.
1507This option takes a number argument <span class="file">modulus</span>.
1508
1509<p class="noindent">This option has some usage constraints.  It:
1510     <ul>
1511<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1512</ul>
1513
1514  <p>The number of bits in the prime modulus.  The default is 512.
1515<div class="node">
1516<p><hr>
1517<a name="ntp_002dkeygen-md5key"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-pvt_002dcert">ntp-keygen pvt-cert</a>,
1518Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-modulus">ntp-keygen modulus</a>,
1519Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1520<br>
1521</div>
1522
1523<h4 class="subsection">md5key option (-M)</h4>
1524
1525<p><a name="index-ntp_002dkeygen_002dmd5key-14"></a>
1526This is the &ldquo;generate symmetric keys&rdquo; option.
1527Generate symmetric keys, obsoleting any that may exist.
1528<div class="node">
1529<p><hr>
1530<a name="ntp_002dkeygen-pvt_002dcert"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-password">ntp-keygen password</a>,
1531Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>,
1532Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1533<br>
1534</div>
1535
1536<h4 class="subsection">pvt-cert option (-P)</h4>
1537
1538<p><a name="index-ntp_002dkeygen_002dpvt_002dcert-15"></a>
1539This is the &ldquo;generate pc private certificate&rdquo; option.
1540
1541<p class="noindent">This option has some usage constraints.  It:
1542     <ul>
1543<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1544</ul>
1545
1546  <p>Generate a private certificate.  By default, the program generates
1547public certificates.
1548<div class="node">
1549<p><hr>
1550<a name="ntp_002dkeygen-password"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-export_002dpasswd">ntp-keygen export-passwd</a>,
1551Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-pvt_002dcert">ntp-keygen pvt-cert</a>,
1552Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1553<br>
1554</div>
1555
1556<h4 class="subsection">password option (-p)</h4>
1557
1558<p><a name="index-ntp_002dkeygen_002dpassword-16"></a>
1559This is the &ldquo;local private password&rdquo; option.
1560This option takes a string argument <span class="file">passwd</span>.
1561
1562<p class="noindent">This option has some usage constraints.  It:
1563     <ul>
1564<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1565</ul>
1566
1567  <p>Local files containing private data are encrypted with the
1568DES-CBC algorithm and the specified password.  The same password
1569must be specified to the local ntpd via the "crypto pw password"
1570configuration command.  The default password is the local
1571hostname.
1572<div class="node">
1573<p><hr>
1574<a name="ntp_002dkeygen-export_002dpasswd"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>,
1575Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-password">ntp-keygen password</a>,
1576Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1577<br>
1578</div>
1579
1580<h4 class="subsection">export-passwd option (-q)</h4>
1581
1582<p><a name="index-ntp_002dkeygen_002dexport_002dpasswd-17"></a>
1583This is the &ldquo;export iff or gq group keys with password&rdquo; option.
1584This option takes a string argument <span class="file">passwd</span>.
1585
1586<p class="noindent">This option has some usage constraints.  It:
1587     <ul>
1588<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1589</ul>
1590
1591  <p>Export IFF or GQ identity group keys to the standard output,
1592encrypted with the DES-CBC algorithm and the specified password.
1593The same password must be specified to the remote ntpd via the
1594"crypto pw password" configuration command.  See also the option
1595&ndash;id-key (-e) for unencrypted exports.
1596<div class="node">
1597<p><hr>
1598<a name="ntp_002dkeygen-subject_002dname"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-sign_002dkey">ntp-keygen sign-key</a>,
1599Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-export_002dpasswd">ntp-keygen export-passwd</a>,
1600Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1601<br>
1602</div>
1603
1604<h4 class="subsection">subject-name option (-s)</h4>
1605
1606<p><a name="index-ntp_002dkeygen_002dsubject_002dname-18"></a>
1607This is the &ldquo;set host and optionally group name&rdquo; option.
1608This option takes a string argument <span class="file">host@group</span>.
1609
1610<p class="noindent">This option has some usage constraints.  It:
1611     <ul>
1612<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1613</ul>
1614
1615  <p>Set the Autokey host name, and optionally, group name specified
1616following an '<code>@</code>' character.  The host name is used in the file
1617name of generated host and signing certificates, without the
1618group name.  The host name, and if provided, group name are used
1619in <code>host@group</code> form for the host certificate subject and issuer
1620fields.  Specifying '<code>-s @group</code>' is allowed, and results in
1621leaving the host name unchanged while appending <code>@group</code> to the
1622subject and issuer fields, as with <code>-i group</code>.  The group name, or
1623if not provided, the host name are also used in the file names
1624of IFF, GQ, and MV client parameter files.
1625<div class="node">
1626<p><hr>
1627<a name="ntp_002dkeygen-sign_002dkey"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-trusted_002dcert">ntp-keygen trusted-cert</a>,
1628Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>,
1629Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1630<br>
1631</div>
1632
1633<h4 class="subsection">sign-key option (-S)</h4>
1634
1635<p><a name="index-ntp_002dkeygen_002dsign_002dkey-19"></a>
1636This is the &ldquo;generate sign key (rsa or dsa)&rdquo; option.
1637This option takes a string argument <span class="file">sign</span>.
1638
1639<p class="noindent">This option has some usage constraints.  It:
1640     <ul>
1641<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1642</ul>
1643
1644  <p>Generate a new sign key of the designated type, obsoleting any
1645that may exist.  By default, the program uses the host key as the
1646sign key.
1647<div class="node">
1648<p><hr>
1649<a name="ntp_002dkeygen-trusted_002dcert"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>,
1650Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-sign_002dkey">ntp-keygen sign-key</a>,
1651Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1652<br>
1653</div>
1654
1655<h4 class="subsection">trusted-cert option (-T)</h4>
1656
1657<p><a name="index-ntp_002dkeygen_002dtrusted_002dcert-20"></a>
1658This is the &ldquo;trusted certificate (tc scheme)&rdquo; option.
1659
1660<p class="noindent">This option has some usage constraints.  It:
1661     <ul>
1662<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1663</ul>
1664
1665  <p>Generate a trusted certificate.  By default, the program generates
1666a non-trusted certificate.
1667<div class="node">
1668<p><hr>
1669<a name="ntp_002dkeygen-mv_002dparams"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-mv_002dkeys">ntp-keygen mv-keys</a>,
1670Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-trusted_002dcert">ntp-keygen trusted-cert</a>,
1671Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1672<br>
1673</div>
1674
1675<h4 class="subsection">mv-params option (-V)</h4>
1676
1677<p><a name="index-ntp_002dkeygen_002dmv_002dparams-21"></a>
1678This is the &ldquo;generate &lt;num&gt; mv parameters&rdquo; option.
1679This option takes a number argument <span class="file">num</span>.
1680
1681<p class="noindent">This option has some usage constraints.  It:
1682     <ul>
1683<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1684</ul>
1685
1686  <p>Generate parameters and keys for the Mu-Varadharajan (MV)
1687identification scheme.
1688<div class="node">
1689<p><hr>
1690<a name="ntp_002dkeygen-mv_002dkeys"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-config">ntp-keygen config</a>,
1691Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>,
1692Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1693<br>
1694</div>
1695
1696<h4 class="subsection">mv-keys option (-v)</h4>
1697
1698<p><a name="index-ntp_002dkeygen_002dmv_002dkeys-22"></a>
1699This is the &ldquo;update &lt;num&gt; mv keys&rdquo; option.
1700This option takes a number argument <span class="file">num</span>.
1701
1702<p class="noindent">This option has some usage constraints.  It:
1703     <ul>
1704<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
1705</ul>
1706
1707  <p>This option has no <span class="samp">doc</span> documentation.
1708
1709<div class="node">
1710<p><hr>
1711<a name="ntp_002dkeygen-config"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-exit-status">ntp-keygen exit status</a>,
1712Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-mv_002dkeys">ntp-keygen mv-keys</a>,
1713Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1714<br>
1715</div>
1716
1717<h4 class="subsection">presetting/configuring ntp-keygen</h4>
1718
1719<p>Any option that is not marked as <i>not presettable</i> may be preset by
1720loading values from configuration ("rc" or "ini") files, and values from environment variables named <code>NTP-KEYGEN</code> and <code>NTP-KEYGEN_&lt;OPTION_NAME&gt;</code>.  <code>&lt;OPTION_NAME&gt;</code> must be one of
1721the options listed above in upper case and segmented with underscores.
1722The <code>NTP-KEYGEN</code> variable will be tokenized and parsed like
1723the command line.  The remaining variables are tested for existence and their
1724values are treated like option arguments.
1725
1726<p class="noindent"><code>libopts</code> will search in 2 places for configuration files:
1727     <ul>
1728<li>$HOME
1729<li>$PWD
1730</ul>
1731  The environment variables <code>HOME</code>, and <code>PWD</code>
1732are expanded and replaced when <span class="file">ntp-keygen</span> runs.
1733For any of these that are plain files, they are simply processed.
1734For any that are directories, then a file named <span class="file">.ntprc</span> is searched for
1735within that directory and processed.
1736
1737  <p>Configuration files may be in a wide variety of formats.
1738The basic format is an option name followed by a value (argument) on the
1739same line.  Values may be separated from the option name with a colon,
1740equal sign or simply white space.  Values may be continued across multiple
1741lines by escaping the newline with a backslash.
1742
1743  <p>Multiple programs may also share the same initialization file.
1744Common options are collected at the top, followed by program specific
1745segments.  The segments are separated by lines like:
1746<pre class="example">    [NTP-KEYGEN]
1747</pre>
1748  <p class="noindent">or by
1749<pre class="example">    &lt;?program ntp-keygen&gt;
1750</pre>
1751  <p class="noindent">Do not mix these styles within one configuration file.
1752
1753  <p>Compound values and carefully constructed string values may also be
1754specified using XML syntax:
1755<pre class="example">    &lt;option-name&gt;
1756       &lt;sub-opt&gt;...&amp;lt;...&amp;gt;...&lt;/sub-opt&gt;
1757    &lt;/option-name&gt;
1758</pre>
1759  <p class="noindent">yielding an <code>option-name.sub-opt</code> string value of
1760<pre class="example">    "...&lt;...&gt;..."
1761</pre>
1762  <p><code>AutoOpts</code> does not track suboptions.  You simply note that it is a
1763hierarchicly valued option.  <code>AutoOpts</code> does provide a means for searching
1764the associated name/value pair list (see: optionFindValue).
1765
1766  <p>The command line options relating to configuration and/or usage help are:
1767
1768<h5 class="subsubheading">version (-)</h5>
1769
1770<p>Print the program version to standard out, optionally with licensing
1771information, then exit 0.  The optional argument specifies how much licensing
1772detail to provide.  The default is to print just the version.  The licensing infomation may be selected with an option argument.
1773Only the first letter of the argument is examined:
1774
1775     <dl>
1776<dt><span class="samp">version</span><dd>Only print the version.  This is the default.
1777<br><dt><span class="samp">copyright</span><dd>Name the copyright usage licensing terms.
1778<br><dt><span class="samp">verbose</span><dd>Print the full copyright usage licensing terms.
1779</dl>
1780
1781<div class="node">
1782<p><hr>
1783<a name="ntp_002dkeygen-exit-status"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-Usage">ntp-keygen Usage</a>,
1784Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-config">ntp-keygen config</a>,
1785Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1786<br>
1787</div>
1788
1789<h4 class="subsection">ntp-keygen exit status</h4>
1790
1791<p>One of the following exit values will be returned:
1792     <dl>
1793<dt><span class="samp">0 (EXIT_SUCCESS)</span><dd>Successful program execution.
1794<br><dt><span class="samp">1 (EXIT_FAILURE)</span><dd>The operation failed or the command syntax was not valid.
1795<br><dt><span class="samp">66 (EX_NOINPUT)</span><dd>A specified configuration file could not be loaded.
1796<br><dt><span class="samp">70 (EX_SOFTWARE)</span><dd>libopts had an internal operational error.  Please report
1797it to autogen-users@lists.sourceforge.net.  Thank you.
1798</dl>
1799  <div class="node">
1800<p><hr>
1801<a name="ntp_002dkeygen-Usage"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-Notes">ntp-keygen Notes</a>,
1802Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-exit-status">ntp-keygen exit status</a>,
1803Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1804<br>
1805</div>
1806
1807<h4 class="subsection">ntp-keygen Usage</h4>
1808
1809<div class="node">
1810<p><hr>
1811<a name="ntp_002dkeygen-Notes"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#ntp_002dkeygen-Bugs">ntp-keygen Bugs</a>,
1812Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-Usage">ntp-keygen Usage</a>,
1813Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1814<br>
1815</div>
1816
1817<h4 class="subsection">ntp-keygen Notes</h4>
1818
1819<div class="node">
1820<p><hr>
1821<a name="ntp_002dkeygen-Bugs"></a>Previous:&nbsp;<a rel="previous" accesskey="p" href="#ntp_002dkeygen-Notes">ntp-keygen Notes</a>,
1822Up:&nbsp;<a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
1823<br>
1824</div>
1825
1826<h4 class="subsection">ntp-keygen Bugs</h4>
1827
1828<div class="node">
1829<p><hr>
1830<a name="Random-Seed-File"></a>Next:&nbsp;<a rel="next" accesskey="n" href="#Cryptographic-Data-Files">Cryptographic Data Files</a>,
1831Previous:&nbsp;<a rel="previous" accesskey="p" href="#Running-the-Program">Running the Program</a>,
1832Up:&nbsp;<a rel="up" accesskey="u" href="#Top">Top</a>
1833<br>
1834</div>
1835
1836<!-- node-name,  next,  previous,  up -->
1837<h3 class="section">Random Seed File</h3>
1838
1839<p>All cryptographically sound key generation schemes must have means to
1840randomize the entropy seed used to initialize the internal
1841pseudo-random number generator used by the OpenSSL library routines.
1842If a site supports ssh, it is very likely that means to do this are
1843already available.
1844The entropy seed used by the OpenSSL library is contained in a file,
1845usually called <code>.rnd</code>, which must be available when
1846starting the <code>ntp-keygen</code> program or <code>ntpd</code> daemon.
1847
1848  <p>The OpenSSL library looks for the file using the path specified by the
1849<code>RANDFILE</code> environment variable in the user home directory, whether root
1850or some other user.
1851If the <code>RANDFILE</code> environment variable is not
1852present, the library looks for the <code>.rnd</code> file in the user home
1853directory.
1854Since both the <code>ntp-keygen</code> program and <code>ntpd</code> daemon must run
1855as root, the logical place to put this file is in <code>/.rnd</code> or
1856<code>/root/.rnd</code>.
1857If the file is not available or cannot be written, the program exits
1858with a message to the system log.
1859
1860<div class="node">
1861<p><hr>
1862<a name="Cryptographic-Data-Files"></a>Previous:&nbsp;<a rel="previous" accesskey="p" href="#Random-Seed-File">Random Seed File</a>,
1863Up:&nbsp;<a rel="up" accesskey="u" href="#Top">Top</a>
1864<br>
1865</div>
1866
1867<!-- node-name,  next,  previous,  up -->
1868<h3 class="section">Cryptographic Data Files</h3>
1869
1870<p>File and link names are in the <code>form ntpkey_key_name.fstamp</code>,
1871where <code>key</code> is the key or parameter type,
1872<code>name</code> is the host or group name and
1873<code>fstamp</code> is the filestamp (NTP seconds) when the file was created).
1874By convention, key names in generated file names include both upper and
1875lower case characters, while key names in generated link names include
1876only lower case characters. The filestamp is not used in generated link
1877names.
1878
1879  <p>The key name is a string defining the cryptographic key type.
1880Key types include public/private keys host and sign, certificate cert
1881and several challenge/response key types.
1882By convention, client files used for
1883challenges have a par subtype, as in the IFF challenge IFFpar, while
1884server files for responses have a key subtype, as in the GQ response
1885GQkey.
1886
1887  <p>All files begin with two nonencrypted lines. The first line contains
1888the file name in the format <code>ntpkey_key_host.fstamp</code>.
1889The second line contains the datestamp in conventional Unix date format.
1890Lines beginning with <code>#</code> are ignored.
1891
1892  <p>The remainder of the file contains cryptographic data encoded first
1893using ASN.1 rules, then encrypted using the DES-CBC algorithm with
1894given password and finally written in PEM-encoded printable ASCII text
1895preceded and followed by MIME content identifier lines.
1896
1897  <p>The format of the symmetric keys file, ordinarily named <code>ntp.keys</code>,
1898is somewhat different than the other files in the interest of backward
1899compatibility.
1900Ordinarily, the file is generated by this program, but
1901it can be constructed and edited using an ordinary text editor.
1902
1903<pre class="example">    # ntpkey_MD5key_hms.local.3564038757
1904    # Sun Dec  9 02:45:57 2012
1905
1906     1 MD5 "]!ghT%O;3)WJ,/Nc:&gt;I  # MD5 key
1907     2 MD5 lu+H^tF46BKR-6~pV_5  # MD5 key
1908     3 MD5 :lnoVsE%Yz*avh%EtNC  # MD5 key
1909     4 MD5 |fdZrf0sF~^V  # MD5 key
1910     5 MD5 IyAG&gt;O"y"LmCRS!*bHC  # MD5 key
1911     6 MD5 "&gt;e\A  # MD5 key
1912     7 MD5 c9x=M'CfLxax9v)PV-si  # MD5 key
1913     8 MD5 E|=jvFVov?Bn|Ev=&amp;aK\  # MD5 key
1914     9 MD5 T!c4UT&amp;`(m$+m+B6,`Q0  # MD5 key
1915    10 MD5 JVF/1=)=IFbHbJQz..Cd  # MD5 key
1916    11 SHA1 6dea311109529e436c2b4fccae9bc753c16d1b48  # SHA1 key
1917    12 SHA1 7076f373d86c4848c59ff8046e49cb7d614ec394  # SHA1 key
1918    13 SHA1 5f48b1b60591eb01b7cf1d33b7774f08d20262d3  # SHA1 key
1919    14 SHA1 eed5ab9d9497319ec60cf3781d52607e76720178  # SHA1 key
1920    15 SHA1 f283562611a04c964da8126296f5f8e58c3f85de  # SHA1 key
1921    16 SHA1 1930da171297dd63549af50b29449de17dcf341f  # SHA1 key
1922    17 SHA1 fee892110358cd4382322b889869e750db8e8a8f  # SHA1 key
1923    18 SHA1 b5520c9fadd7ad3fd8bfa061c8821b65d029bb37  # SHA1 key
1924    19 SHA1 8c74fb440ec80f453ec6aaa62b9baed0ab723b92  # SHA1 key
1925    20 SHA1 6bc05f734306a189326000970c19b3910f403795  # SHA1 key
1926</pre>
1927  <p>Figure 1. Typical Symmetric Key File
1928
1929  <p>Figure 1 shows a typical symmetric keys file used by the reference
1930implementation.
1931Each line of the file contains three fields, first an
1932integer between 1 and 65535, inclusive, representing the key identifier
1933used in the server and peer configuration commands.
1934Next is the key type for the message digest algorithm,
1935which in the absence of the
1936OpenSSL library must be MD5 to designate the MD5 message digest
1937algorithm.
1938If the OpenSSL library is installed, the key type can be any
1939message digest algorithm supported by that library.
1940However, if
1941compatibility with FIPS 140-2 is required, the key type must be either
1942SHA or SHA1.
1943The key type can be changed using an ASCII text editor.
1944
1945  <p>An MD5 key consists of a printable ASCII string less than or equal to
194616 characters and terminated by whitespace or a # character.
1947An OpenSSL
1948key consists of a hex-encoded ASCII string of 40 characters, which is
1949truncated as necessary.
1950
1951  <p>Note that the keys used by the <code>ntpq</code> and <code>ntpdc</code> programs are
1952checked against passwords requested by the programs and entered by hand,
1953so it
1954is generally appropriate to specify these keys in human readable ASCII
1955format.
1956
1957  <p>The <code>ntp-keygen</code> program generates a MD5 symmetric keys file
1958<code>ntpkey_MD5key_hostname.filestamp</code>.
1959Since the file contains private
1960shared keys, it should be visible only to root and distributed by
1961secure means to other subnet hosts.
1962The NTP daemon loads the file <code>ntp.keys</code>, so <code>ntp-keygen</code>
1963installs a soft link from this name to the generated file.
1964Subsequently, similar soft links must be installed by
1965manual or automated means on the other subnet hosts.
1966While this file is
1967not used with the Autokey Version 2 protocol, it is needed to
1968authenticate some remote configuration commands used by the <code>ntpq</code> and
1969<code>ntpdc</code> utilities.
1970
1971</body></html>
1972
1973