1<html lang="en"> 2<head> 3<title>Ntp-keygen User's Manual</title> 4<meta http-equiv="Content-Type" content="text/html"> 5<meta name="description" content="Ntp-keygen User's Manual"> 6<meta name="generator" content="makeinfo 4.7"> 7<link title="Top" rel="top" href="#Top"> 8<link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage"> 9<meta http-equiv="Content-Style-Type" content="text/css"> 10<style type="text/css"><!-- 11 pre.display { font-family:inherit } 12 pre.format { font-family:inherit } 13 pre.smalldisplay { font-family:inherit; font-size:smaller } 14 pre.smallformat { font-family:inherit; font-size:smaller } 15 pre.smallexample { font-size:smaller } 16 pre.smalllisp { font-size:smaller } 17 span.sc { font-variant:small-caps } 18 span.roman { font-family: serif; font-weight: normal; } 19--></style> 20</head> 21<body> 22<h1 class="settitle">Ntp-keygen User's Manual</h1> 23 <div class="shortcontents"> 24<h2>Short Contents</h2> 25<ul> 26<a href="#Top">Top</a> 27<a href="#Top">NTP Key Generation Program User Manual</a> 28</ul> 29</div> 30 31 32 33<div class="node"> 34<p><hr> 35<a name="Top"></a>Up: <a rel="up" accesskey="u" href="#dir">(dir)</a> 36<br> 37</div> 38 39<h2 class="unnumbered">Top</h2> 40 41<ul class="menu"> 42<li><a accesskey="1" href="#Description">Description</a> 43<li><a accesskey="2" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>: Invoking ntp-keygen 44<li><a accesskey="3" href="#Running-the-Program">Running the Program</a> 45<li><a accesskey="4" href="#Random-Seed-File">Random Seed File</a> 46<li><a accesskey="5" href="#Cryptographic-Data-Files">Cryptographic Data Files</a> 47</ul> 48 49<div class="node"> 50<p><hr> 51<a name="Top"></a>Next: <a rel="next" accesskey="n" href="#Description">Description</a>, 52Previous: <a rel="previous" accesskey="p" href="#dir">(dir)</a>, 53Up: <a rel="up" accesskey="u" href="#dir">(dir)</a> 54<br> 55</div> 56 57<h2 class="unnumbered">NTP Key Generation Program User Manual</h2> 58 59<p>This document describes the use of the NTP Project's <code>ntp-keygen</code> 60program, that generates cryptographic data files used by the NTPv4 61authentication and identity schemes. 62It can generate message digest keys used in symmetric key cryptography and, 63if the OpenSSL software 64library has been installed, it can generate host keys, sign keys, 65certificates, and identity keys and parameters used by the Autokey 66public key cryptography. 67The message digest keys file is generated in a 68format compatible with NTPv3. 69All other files are in PEM-encoded 70printable ASCII format so they can be embedded as MIME attachments in 71mail to other sites. 72 73 <p>This document applies to version 4.2.8p11 of <code>ntp-keygen</code>. 74 75<div class="node"> 76<p><hr> 77<a name="Description"></a>Next: <a rel="next" accesskey="n" href="#Running-the-Program">Running the Program</a>, 78Previous: <a rel="previous" accesskey="p" href="#Top">Top</a>, 79Up: <a rel="up" accesskey="u" href="#Top">Top</a> 80<br> 81</div> 82 83<!-- node-name, next, previous, up --> 84<h3 class="section">Description</h3> 85 86<p>This program generates cryptographic data files used by the NTPv4 87authentication and identity schemes. It can generate message digest 88keys used in symmetric key cryptography and, if the OpenSSL software 89library has been installed, it can generate host keys, sign keys, 90certificates, and identity keys and parameters used by the Autokey 91public key cryptography. The message digest keys file is generated in a 92format compatible with NTPv3. All other files are in PEM-encoded 93printable ASCII format so they can be embedded as MIME attachments in 94mail to other sites. 95 96 <p>When used to generate message digest keys, the program produces a file 97containing ten pseudo-random printable ASCII strings suitable for the 98MD5 message digest algorithm included in the distribution. 99If the 100OpenSSL library is installed, it produces an additional ten hex-encoded 101random bit strings suitable for the SHA1 and other message digest 102algorithms. 103The message digest keys file must be distributed and stored 104using secure means beyond the scope of NTP itself. 105Besides the keys 106used for ordinary NTP associations, additional keys can be defined as 107passwords for the ntpq and ntpdc utility programs. 108 109 <p>The remaining generated files are compatible with other OpenSSL 110applications and other Public Key Infrastructure (PKI) resources. 111Certificates generated by this program are compatible with extant 112industry practice, although some users might find the interpretation of 113X509v3 extension fields somewhat liberal. 114However, the identity keys 115are probably not compatible with anything other than Autokey. 116 117 <p>Some files used by this program are encrypted using a private password. 118The <code>-p</code> option specifies the password for local encrypted files and the 119<code>-q</code> option the password for encrypted files sent to remote sites. 120If no password is specified, the host name returned by the Unix 121<code>gethostname()</code> function, normally the DNS name of the host, is used. 122 123 <p>The <kbd>pw</kbd> option of the <code>crypto</code> configuration command 124specifies the read password for previously encrypted local files. 125This must match the local password used by this program. 126If not specified, the host name is used. 127Thus, if files are generated by this program without password, 128they can be read back by ntpd without password, but only on the same 129host. 130 131 <p>Normally, encrypted files for each host are generated by that host and 132used only by that host, although exceptions exist as noted later on 133this page. 134The symmetric keys file, normally called <code>ntp.keys</code>, is 135usually installed in <code>/etc</code>. 136Other files and links are usually installed 137in <code>/usr/local/etc</code>, which is normally in a shared filesystem in 138NFS-mounted networks and cannot be changed by shared clients. 139The location of the keys directory can be changed by the keysdir 140configuration command in such cases. 141Normally, this is in <code>/etc</code>. 142 143 <p>This program directs commentary and error messages to the standard 144error stream <code>stderr</code> and remote files to the standard output stream 145<code>stdout</code> where they can be piped to other applications or redirected to 146files. 147The names used for generated files and links all begin with the 148string <code>ntpkey</code> and include the file type, 149generating host and filestamp, 150as described in the <a href="#Cryptographic-Data-Files">Cryptographic Data Files</a> section below. 151 152<div class="node"> 153<p><hr> 154<a name="Running-the-Program"></a>Next: <a rel="next" accesskey="n" href="#Random-Seed-File">Random Seed File</a>, 155Previous: <a rel="previous" accesskey="p" href="#Description">Description</a>, 156Up: <a rel="up" accesskey="u" href="#Top">Top</a> 157<br> 158</div> 159 160<!-- node-name, next, previous, up --> 161<h3 class="section">Running the Program</h3> 162 163<p>To test and gain experience with Autokey concepts, log in as root and 164change to the keys directory, usually <code>/usr/local/etc</code>. 165When run for the 166first time, or if all files with names beginning <code>ntpkey</code>] have been 167removed, use the <code>ntp-keygen</code> command without arguments to generate a 168default RSA host key and matching RSA-MD5 certificate with expiration 169date one year hence. 170If run again without options, the program uses the 171existing keys and parameters and generates only a new certificate with 172new expiration date one year hence. 173 174 <p>Run the command on as many hosts as necessary. 175Designate one of them as the trusted host (TH) using <code>ntp-keygen</code> 176with the <code>-T</code> option and configure 177it to synchronize from reliable Internet servers. 178Then configure the other hosts to synchronize to the TH directly or indirectly. 179A certificate trail is created when Autokey asks the immediately 180ascendant host towards the TH to sign its certificate, which is then 181provided to the immediately descendant host on request. 182All group hosts should have acyclic certificate trails ending on the TH. 183 184 <p>The host key is used to encrypt the cookie when required and so must be 185RSA type. 186By default, the host key is also the sign key used to encrypt signatures. 187A different sign key can be assigned using the <code>-S</code> option 188and this can be either RSA or DSA type. 189By default, the signature 190message digest type is MD5, but any combination of sign key type and 191message digest type supported by the OpenSSL library can be specified 192using the <code>-c</code> option. 193 194 <p>The rules say cryptographic media should be generated with proventic 195filestamps, which means the host should already be synchronized before 196this program is run. 197This of course creates a chicken-and-egg problem 198when the host is started for the first time. 199Accordingly, the host time 200should be set by some other means, such as eyeball-and-wristwatch, at 201least so that the certificate lifetime is within the current year. 202After that and when the host is synchronized to a proventic source, the 203certificate should be re-generated. 204 205 <p>Additional information on trusted groups and identity schemes is on the 206Autokey Public-Key Authentication page. 207 208<div class="node"> 209<p><hr> 210<a name="ntp_002dkeygen-Invocation"></a> 211<br> 212</div> 213 214<h3 class="section">Invoking ntp-keygen</h3> 215 216<p><a name="index-ntp_002dkeygen-1"></a><a name="index-Create-a-NTP-host-key-2"></a> 217 218 <p>This program generates cryptographic data files used by the NTPv4 219authentication and identification schemes. 220It can generate message digest keys used in symmetric key cryptography and, 221if the OpenSSL software library has been installed, it can generate host keys, 222signing keys, certificates, and identity keys and parameters used in Autokey 223public key cryptography. 224These files are used for cookie encryption, 225digital signature, and challenge/response identification algorithms 226compatible with the Internet standard security infrastructure. 227 228 <p>The message digest symmetric keys file is generated in a format 229compatible with NTPv3. 230All other files are in PEM-encoded printable ASCII format, 231so they can be embedded as MIME attachments in email to other sites 232and certificate authorities. 233By default, files are not encrypted. 234 235 <p>When used to generate message digest symmetric keys, the program 236produces a file containing ten pseudo-random printable ASCII strings 237suitable for the MD5 message digest algorithm included in the 238distribution. 239If the OpenSSL library is installed, it produces an additional ten 240hex-encoded random bit strings suitable for SHA1, AES-128-CMAC, and 241other message digest algorithms. 242The message digest symmetric keys file must be distributed and stored 243using secure means beyond the scope of NTP itself. 244Besides the keys used for ordinary NTP associations, additional keys 245can be defined as passwords for the 246<code>ntpq(1ntpqmdoc)</code> 247and 248<code>ntpdc(1ntpdcmdoc)</code> 249utility programs. 250 251 <p>The remaining generated files are compatible with other OpenSSL 252applications and other Public Key Infrastructure (PKI) resources. 253Certificates generated by this program are compatible with extant 254industry practice, although some users might find the interpretation of 255X509v3 extension fields somewhat liberal. 256However, the identity keys are probably not compatible with anything 257other than Autokey. 258 259 <p>Some files used by this program are encrypted using a private password. 260The 261<code>-p</code> 262option specifies the read password for local encrypted files and the 263<code>-q</code> 264option the write password for encrypted files sent to remote sites. 265If no password is specified, the host name returned by the Unix 266<code>hostname(1)</code> 267command, normally the DNS name of the host, is used as the the default read 268password, for convenience. 269The 270<code>ntp-keygen</code> 271program prompts for the password if it reads an encrypted file 272and the password is missing or incorrect. 273If an encrypted file is read successfully and 274no write password is specified, the read password is used 275as the write password by default. 276 277 <p>The 278<code>pw</code> 279option of the 280<code>crypto</code> 281<code>ntpd(1ntpdmdoc)</code> 282configuration command specifies the read 283password for previously encrypted local files. 284This must match the local read password used by this program. 285If not specified, the host name is used. 286Thus, if files are generated by this program without an explicit password, 287they can be read back by 288<code>ntpd(1ntpdmdoc)</code> 289without specifying an explicit password but only on the same host. 290If the write password used for encryption is specified as the host name, 291these files can be read by that host with no explicit password. 292 293 <p>Normally, encrypted files for each host are generated by that host and 294used only by that host, although exceptions exist as noted later on 295this page. 296The symmetric keys file, normally called 297<span class="file">ntp.keys</span>, 298is usually installed in 299<span class="file">/etc</span>. 300Other files and links are usually installed in 301<span class="file">/usr/local/etc</span>, 302which is normally in a shared filesystem in 303NFS-mounted networks and cannot be changed by shared clients. 304In these cases, NFS clients can specify the files in another 305directory such as 306<span class="file">/etc</span> 307using the 308<code>keysdir</code> 309<code>ntpd(1ntpdmdoc)</code> 310configuration file command. 311 312 <p>This program directs commentary and error messages to the standard 313error stream 314<span class="file">stderr</span> 315and remote files to the standard output stream 316<span class="file">stdout</span> 317where they can be piped to other applications or redirected to files. 318The names used for generated files and links all begin with the 319string 320<span class="file">ntpkey*</span> 321and include the file type, generating host and filestamp, 322as described in the 323<a href="#Cryptographic-Data-Files">Cryptographic Data Files</a> 324section below. 325 326<h5 class="subsubsection">Running the Program</h5> 327 328<p>The safest way to run the 329<code>ntp-keygen</code> 330program is logged in directly as root. 331The recommended procedure is change to the 332<kbd>keys</kbd> 333directory, usually 334<span class="file">/usr/local/etc</span>, 335then run the program. 336 337 <p>To test and gain experience with Autokey concepts, log in as root and 338change to the 339<kbd>keys</kbd> 340directory, usually 341<span class="file">/usr/local/etc</span>. 342When run for the first time, or if all files with names beginning with 343<span class="file">ntpkey*</span> 344have been removed, use the 345<code>ntp-keygen</code> 346command without arguments to generate a default 347<code>RSA</code> 348host key and matching 349<code>RSA-MD5</code> 350certificate file with expiration date one year hence, 351which is all that is necessary in many cases. 352The program also generates soft links from the generic names 353to the respective files. 354If run again without options, the program uses the 355existing keys and parameters and generates a new certificate file with 356new expiration date one year hence, and soft link. 357 358 <p>The host key is used to encrypt the cookie when required and so must be 359<code>RSA</code> 360type. 361By default, the host key is also the sign key used to encrypt signatures. 362When necessary, a different sign key can be specified and this can be 363either 364<code>RSA</code> 365or 366<code>DSA</code> 367type. 368By default, the message digest type is 369<code>MD5</code>, 370but any combination 371of sign key type and message digest type supported by the OpenSSL library 372can be specified, including those using the 373<code>AES128CMAC</code>, <code>MD2</code>, <code>MD5</code>, <code>MDC2</code>, <code>SHA</code>, <code>SHA1</code> 374and 375<code>RIPE160</code> 376message digest algorithms. 377However, the scheme specified in the certificate must be compatible 378with the sign key. 379Certificates using any digest algorithm are compatible with 380<code>RSA</code> 381sign keys; 382however, only 383<code>SHA</code> 384and 385<code>SHA1</code> 386certificates are compatible with 387<code>DSA</code> 388sign keys. 389 390 <p>Private/public key files and certificates are compatible with 391other OpenSSL applications and very likely other libraries as well. 392Certificates or certificate requests derived from them should be compatible 393with extant industry practice, although some users might find 394the interpretation of X509v3 extension fields somewhat liberal. 395However, the identification parameter files, although encoded 396as the other files, are probably not compatible with anything other than Autokey. 397 398 <p>Running the program as other than root and using the Unix 399<code>su(1)</code> 400command 401to assume root may not work properly, since by default the OpenSSL library 402looks for the random seed file 403<span class="file">.rnd</span> 404in the user home directory. 405However, there should be only one 406<span class="file">.rnd</span>, 407most conveniently 408in the root directory, so it is convenient to define the 409.Ev RANDFILE 410environment variable used by the OpenSSL library as the path to 411<span class="file">.rnd</span>. 412 413 <p>Installing the keys as root might not work in NFS-mounted 414shared file systems, as NFS clients may not be able to write 415to the shared keys directory, even as root. 416In this case, NFS clients can specify the files in another 417directory such as 418<span class="file">/etc</span> 419using the 420<code>keysdir</code> 421<code>ntpd(1ntpdmdoc)</code> 422configuration file command. 423There is no need for one client to read the keys and certificates 424of other clients or servers, as these data are obtained automatically 425by the Autokey protocol. 426 427 <p>Ordinarily, cryptographic files are generated by the host that uses them, 428but it is possible for a trusted agent (TA) to generate these files 429for other hosts; however, in such cases files should always be encrypted. 430The subject name and trusted name default to the hostname 431of the host generating the files, but can be changed by command line options. 432It is convenient to designate the owner name and trusted name 433as the subject and issuer fields, respectively, of the certificate. 434The owner name is also used for the host and sign key files, 435while the trusted name is used for the identity files. 436 437 <p>All files are installed by default in the keys directory 438<span class="file">/usr/local/etc</span>, 439which is normally in a shared filesystem 440in NFS-mounted networks. 441The actual location of the keys directory 442and each file can be overridden by configuration commands, 443but this is not recommended. 444Normally, the files for each host are generated by that host 445and used only by that host, although exceptions exist 446as noted later on this page. 447 448 <p>Normally, files containing private values, 449including the host key, sign key and identification parameters, 450are permitted root read/write-only; 451while others containing public values are permitted world readable. 452Alternatively, files containing private values can be encrypted 453and these files permitted world readable, 454which simplifies maintenance in shared file systems. 455Since uniqueness is insured by the 456<kbd>hostname</kbd> 457and 458<kbd>filestamp</kbd> 459file name extensions, the files for an NTP server and 460dependent clients can all be installed in the same shared directory. 461 462 <p>The recommended practice is to keep the file name extensions 463when installing a file and to install a soft link 464from the generic names specified elsewhere on this page 465to the generated files. 466This allows new file generations to be activated simply 467by changing the link. 468If a link is present, 469<code>ntpd(1ntpdmdoc)</code> 470follows it to the file name to extract the 471<kbd>filestamp</kbd>. 472If a link is not present, 473<code>ntpd(1ntpdmdoc)</code> 474extracts the 475<kbd>filestamp</kbd> 476from the file itself. 477This allows clients to verify that the file and generation times 478are always current. 479The 480<code>ntp-keygen</code> 481program uses the same 482<kbd>filestamp</kbd> 483extension for all files generated 484at one time, so each generation is distinct and can be readily 485recognized in monitoring data. 486 487 <p>Run the command on as many hosts as necessary. 488Designate one of them as the trusted host (TH) using 489<code>ntp-keygen</code> 490with the 491<code>-T</code> 492option and configure it to synchronize from reliable Internet servers. 493Then configure the other hosts to synchronize to the TH directly or 494indirectly. 495A certificate trail is created when Autokey asks the immediately 496ascendant host towards the TH to sign its certificate, which is then 497provided to the immediately descendant host on request. 498All group hosts should have acyclic certificate trails ending on the TH. 499 500 <p>The host key is used to encrypt the cookie when required and so must be 501RSA type. 502By default, the host key is also the sign key used to encrypt 503signatures. 504A different sign key can be assigned using the 505<code>-S</code> 506option and this can be either 507<code>RSA</code> 508or 509<code>DSA</code> 510type. 511By default, the signature 512message digest type is 513<code>MD5</code>, 514but any combination of sign key type and 515message digest type supported by the OpenSSL library can be specified 516using the 517<code>-c</code> 518option. 519 520 <p>The rules say cryptographic media should be generated with proventic 521filestamps, which means the host should already be synchronized before 522this program is run. 523This of course creates a chicken-and-egg problem 524when the host is started for the first time. 525Accordingly, the host time 526should be set by some other means, such as eyeball-and-wristwatch, at 527least so that the certificate lifetime is within the current year. 528After that and when the host is synchronized to a proventic source, the 529certificate should be re-generated. 530 531 <p>Additional information on trusted groups and identity schemes is on the 532Autokey Public-Key Authentication 533page. 534 535 <p>File names begin with the prefix 536<span class="file">ntpkey</span>_ 537and end with the suffix 538<span class="file">_</span><kbd>hostname</kbd>. <kbd>filestamp</kbd>, 539where 540<kbd>hostname</kbd> 541is the owner name, usually the string returned 542by the Unix 543<code>hostname(1)</code> 544command, and 545<kbd>filestamp</kbd> 546is the NTP seconds when the file was generated, in decimal digits. 547This both guarantees uniqueness and simplifies maintenance 548procedures, since all files can be quickly removed 549by a 550<code>rm</code> <span class="file">ntpkey*</span> 551command or all files generated 552at a specific time can be removed by a 553<code>rm</code> <span class="file">*</span><kbd>filestamp</kbd> 554command. 555To further reduce the risk of misconfiguration, 556the first two lines of a file contain the file name 557and generation date and time as comments. 558 559<h5 class="subsubsection">Trusted Hosts and Groups</h5> 560 561<p>Each cryptographic configuration involves selection of a signature scheme 562and identification scheme, called a cryptotype, 563as explained in the 564<a href="#Authentication-Options">Authentication Options</a> 565section of 566<code>ntp.conf(5)</code>. 567The default cryptotype uses 568<code>RSA</code> 569encryption, 570<code>MD5</code> 571message digest 572and 573<code>TC</code> 574identification. 575First, configure a NTP subnet including one or more low-stratum 576trusted hosts from which all other hosts derive synchronization 577directly or indirectly. 578Trusted hosts have trusted certificates; 579all other hosts have nontrusted certificates. 580These hosts will automatically and dynamically build authoritative 581certificate trails to one or more trusted hosts. 582A trusted group is the set of all hosts that have, directly or indirectly, 583a certificate trail ending at a trusted host. 584The trail is defined by static configuration file entries 585or dynamic means described on the 586<a href="#Automatic-NTP-Configuration-Options">Automatic NTP Configuration Options</a> 587section of 588<code>ntp.conf(5)</code>. 589 590 <p>On each trusted host as root, change to the keys directory. 591To insure a fresh fileset, remove all 592<span class="file">ntpkey</span> 593files. 594Then run 595<code>ntp-keygen</code> 596<code>-T</code> 597to generate keys and a trusted certificate. 598On all other hosts do the same, but leave off the 599<code>-T</code> 600flag to generate keys and nontrusted certificates. 601When complete, start the NTP daemons beginning at the lowest stratum 602and working up the tree. 603It may take some time for Autokey to instantiate the certificate trails 604throughout the subnet, but setting up the environment is completely automatic. 605 606 <p>If it is necessary to use a different sign key or different digest/signature 607scheme than the default, run 608<code>ntp-keygen</code> 609with the 610<code>-S</code> <kbd>type</kbd> 611option, where 612<kbd>type</kbd> 613is either 614<code>RSA</code> 615or 616<code>DSA</code>. 617The most frequent need to do this is when a 618<code>DSA</code>-signed 619certificate is used. 620If it is necessary to use a different certificate scheme than the default, 621run 622<code>ntp-keygen</code> 623with the 624<code>-c</code> <kbd>scheme</kbd> 625option and selected 626<kbd>scheme</kbd> 627as needed. 628If 629<code>ntp-keygen</code> 630is run again without these options, it generates a new certificate 631using the same scheme and sign key, and soft link. 632 633 <p>After setting up the environment it is advisable to update certificates 634from time to time, if only to extend the validity interval. 635Simply run 636<code>ntp-keygen</code> 637with the same flags as before to generate new certificates 638using existing keys, and soft links. 639However, if the host or sign key is changed, 640<code>ntpd(1ntpdmdoc)</code> 641should be restarted. 642When 643<code>ntpd(1ntpdmdoc)</code> 644is restarted, it loads any new files and restarts the protocol. 645Other dependent hosts will continue as usual until signatures are refreshed, 646at which time the protocol is restarted. 647 648<h5 class="subsubsection">Identity Schemes</h5> 649 650<p>As mentioned on the Autonomous Authentication page, 651the default 652<code>TC</code> 653identity scheme is vulnerable to a middleman attack. 654However, there are more secure identity schemes available, 655including 656<code>PC</code>, <code>IFF</code>, <code>GQ</code> 657and 658<code>MV</code> 659schemes described below. 660These schemes are based on a TA, one or more trusted hosts 661and some number of nontrusted hosts. 662Trusted hosts prove identity using values provided by the TA, 663while the remaining hosts prove identity using values provided 664by a trusted host and certificate trails that end on that host. 665The name of a trusted host is also the name of its sugroup 666and also the subject and issuer name on its trusted certificate. 667The TA is not necessarily a trusted host in this sense, but often is. 668 669 <p>In some schemes there are separate keys for servers and clients. 670A server can also be a client of another server, 671but a client can never be a server for another client. 672In general, trusted hosts and nontrusted hosts that operate 673as both server and client have parameter files that contain 674both server and client keys. 675Hosts that operate 676only as clients have key files that contain only client keys. 677 678 <p>The PC scheme supports only one trusted host in the group. 679On trusted host alice run 680<code>ntp-keygen</code> 681<code>-P</code> 682<code>-p</code> <kbd>password</kbd> 683to generate the host key file 684<span class="file">ntpkey</span>_ <code>RSA</code> <span class="file">key_alice.</span> <kbd>filestamp</kbd> 685and trusted private certificate file 686<span class="file">ntpkey</span>_ <code>RSA-MD5</code> <code>_</code> <span class="file">cert_alice.</span> <kbd>filestamp</kbd>, 687and soft links. 688Copy both files to all group hosts; 689they replace the files which would be generated in other schemes. 690On each host 691<kbd>bob</kbd> 692install a soft link from the generic name 693<span class="file">ntpkey_host_</span><kbd>bob</kbd> 694to the host key file and soft link 695<span class="file">ntpkey_cert_</span><kbd>bob</kbd> 696to the private certificate file. 697Note the generic links are on bob, but point to files generated 698by trusted host alice. 699In this scheme it is not possible to refresh 700either the keys or certificates without copying them 701to all other hosts in the group, and recreating the soft links. 702 703 <p>For the 704<code>IFF</code> 705scheme proceed as in the 706<code>TC</code> 707scheme to generate keys 708and certificates for all group hosts, then for every trusted host in the group, 709generate the 710<code>IFF</code> 711parameter file. 712On trusted host alice run 713<code>ntp-keygen</code> 714<code>-T</code> 715<code>-I</code> 716<code>-p</code> <kbd>password</kbd> 717to produce her parameter file 718<span class="file">ntpkey_IFFpar_alice.</span><kbd>filestamp</kbd>, 719which includes both server and client keys. 720Copy this file to all group hosts that operate as both servers 721and clients and install a soft link from the generic 722<span class="file">ntpkey_iff_alice</span> 723to this file. 724If there are no hosts restricted to operate only as clients, 725there is nothing further to do. 726As the 727<code>IFF</code> 728scheme is independent 729of keys and certificates, these files can be refreshed as needed. 730 731 <p>If a rogue client has the parameter file, it could masquerade 732as a legitimate server and present a middleman threat. 733To eliminate this threat, the client keys can be extracted 734from the parameter file and distributed to all restricted clients. 735After generating the parameter file, on alice run 736<code>ntp-keygen</code> 737<code>-e</code> 738and pipe the output to a file or email program. 739Copy or email this file to all restricted clients. 740On these clients install a soft link from the generic 741<span class="file">ntpkey_iff_alice</span> 742to this file. 743To further protect the integrity of the keys, 744each file can be encrypted with a secret password. 745 746 <p>For the 747<code>GQ</code> 748scheme proceed as in the 749<code>TC</code> 750scheme to generate keys 751and certificates for all group hosts, then for every trusted host 752in the group, generate the 753<code>IFF</code> 754parameter file. 755On trusted host alice run 756<code>ntp-keygen</code> 757<code>-T</code> 758<code>-G</code> 759<code>-p</code> <kbd>password</kbd> 760to produce her parameter file 761<span class="file">ntpkey_GQpar_alice.</span><kbd>filestamp</kbd>, 762which includes both server and client keys. 763Copy this file to all group hosts and install a soft link 764from the generic 765<span class="file">ntpkey_gq_alice</span> 766to this file. 767In addition, on each host 768<kbd>bob</kbd> 769install a soft link 770from generic 771<span class="file">ntpkey_gq_</span><kbd>bob</kbd> 772to this file. 773As the 774<code>GQ</code> 775scheme updates the 776<code>GQ</code> 777parameters file and certificate 778at the same time, keys and certificates can be regenerated as needed. 779 780 <p>For the 781<code>MV</code> 782scheme, proceed as in the 783<code>TC</code> 784scheme to generate keys 785and certificates for all group hosts. 786For illustration assume trish is the TA, alice one of several trusted hosts 787and bob one of her clients. 788On TA trish run 789<code>ntp-keygen</code> 790<code>-V</code> <kbd>n</kbd> 791<code>-p</code> <kbd>password</kbd>, 792where 793<kbd>n</kbd> 794is the number of revokable keys (typically 5) to produce 795the parameter file 796<span class="file">ntpkeys_MVpar_trish.</span><kbd>filestamp</kbd> 797and client key files 798<span class="file">ntpkeys_MVkey</span><kbd>d</kbd> <kbd>_</kbd> <span class="file">trish.</span> <kbd>filestamp</kbd> 799where 800<kbd>d</kbd> 801is the key number (0 < 802<kbd>d</kbd> 803< 804<kbd>n</kbd>). 805Copy the parameter file to alice and install a soft link 806from the generic 807<span class="file">ntpkey_mv_alice</span> 808to this file. 809Copy one of the client key files to alice for later distribution 810to her clients. 811It does not matter which client key file goes to alice, 812since they all work the same way. 813Alice copies the client key file to all of her clients. 814On client bob install a soft link from generic 815<span class="file">ntpkey_mvkey_bob</span> 816to the client key file. 817As the 818<code>MV</code> 819scheme is independent of keys and certificates, 820these files can be refreshed as needed. 821 822<h5 class="subsubsection">Command Line Options</h5> 823 824 <dl> 825<dt><code>-b</code> <code>--imbits</code>= <kbd>modulus</kbd><dd>Set the number of bits in the identity modulus for generating identity keys to 826<kbd>modulus</kbd> 827bits. 828The number of bits in the identity modulus defaults to 256, but can be set to 829values from 256 to 2048 (32 to 256 octets). 830Use the larger moduli with caution, as this can consume considerable computing 831resources and increases the size of authenticated packets. 832<br><dt><code>-c</code> <code>--certificate</code>= <kbd>scheme</kbd><dd>Select certificate signature encryption/message digest scheme. 833The 834<kbd>scheme</kbd> 835can be one of the following: 836<code>RSA-MD2</code>, <code>RSA-MD5</code>, <code>RSA-MDC2</code>, <code>RSA-SHA</code>, <code>RSA-SHA1</code>, <code>RSA-RIPEMD160</code>, <code>DSA-SHA</code>, 837or 838<code>DSA-SHA1</code>. 839Note that 840<code>RSA</code> 841schemes must be used with an 842<code>RSA</code> 843sign key and 844<code>DSA</code> 845schemes must be used with a 846<code>DSA</code> 847sign key. 848The default without this option is 849<code>RSA-MD5</code>. 850If compatibility with FIPS 140-2 is required, either the 851<code>DSA-SHA</code> 852or 853<code>DSA-SHA1</code> 854scheme must be used. 855<br><dt><code>-C</code> <code>--cipher</code>= <kbd>cipher</kbd><dd>Select the OpenSSL cipher to encrypt the files containing private keys. 856The default without this option is three-key triple DES in CBC mode, 857<code>des-ede3-cbc</code>. 858The 859<code>openssl</code> <code>-h</code> 860command provided with OpenSSL displays available ciphers. 861<br><dt><code>-d</code> <code>--debug-level</code><dd>Increase debugging verbosity level. 862This option displays the cryptographic data produced in eye-friendly billboards. 863<br><dt><code>-D</code> <code>--set-debug-level</code>= <kbd>level</kbd><dd>Set the debugging verbosity to 864<kbd>level</kbd>. 865This option displays the cryptographic data produced in eye-friendly billboards. 866<br><dt><code>-e</code> <code>--id-key</code><dd>Write the 867<code>IFF</code> 868or 869<code>GQ</code> 870public parameters from the 871<kbd>IFFkey</kbd> <kbd>or</kbd> <kbd>GQkey</kbd> 872client keys file previously specified 873as unencrypted data to the standard output stream 874<span class="file">stdout</span>. 875This is intended for automatic key distribution by email. 876<br><dt><code>-G</code> <code>--gq-params</code><dd>Generate a new encrypted 877<code>GQ</code> 878parameters and key file for the Guillou-Quisquater (GQ) identity scheme. 879This option is mutually exclusive with the 880<code>-I</code> 881and 882<code>-V</code> 883options. 884<br><dt><code>-H</code> <code>--host-key</code><dd>Generate a new encrypted 885<code>RSA</code> 886public/private host key file. 887<br><dt><code>-I</code> <code>--iffkey</code><dd>Generate a new encrypted 888<code>IFF</code> 889key file for the Schnorr (IFF) identity scheme. 890This option is mutually exclusive with the 891<code>-G</code> 892and 893Fl V 894options. 895<br><dt><code>-i</code> <code>--ident</code>= <kbd>group</kbd><dd>Set the optional Autokey group name to 896<kbd>group</kbd>. 897This is used in the identity scheme parameter file names of 898<code>IFF</code>, <code>GQ</code>, 899and 900<code>MV</code> 901client parameters files. 902In that role, the default is the host name if no group is provided. 903The group name, if specified using 904<code>-i</code> 905or 906<code>-s</code> 907following an 908@ 909character, is also used in certificate subject and issuer names in the form 910<kbd>host</kbd> <kbd>@</kbd> <kbd>group</kbd> 911and should match the group specified via 912<code>crypto</code> <code>ident</code> 913or 914<code>server</code> <code>ident</code> 915in the ntpd configuration file. 916<br><dt><code>-l</code> <code>--lifetime</code>= <kbd>days</kbd><dd>Set the lifetime for certificate expiration to 917<kbd>days</kbd>. 918The default lifetime is one year (365 days). 919<br><dt><code>-m</code> <code>--modulus</code>= <kbd>bits</kbd><dd>Set the number of bits in the prime modulus for generating files to 920<kbd>bits</kbd>. 921The modulus defaults to 512, but can be set from 256 to 2048 (32 to 256 octets). 922Use the larger moduli with caution, as this can consume considerable computing 923resources and increases the size of authenticated packets. 924<br><dt><code>-M</code> <code>--md5key</code><dd>Generate a new symmetric keys file containing 10 925<code>MD5</code> 926keys, and if OpenSSL is available, 10 927<code>SHA</code> 928keys. 929An 930<code>MD5</code> 931key is a string of 20 random printable ASCII characters, while a 932<code>SHA</code> 933key is a string of 40 random hex digits. 934The file can be edited using a text editor to change the key type or key content. 935This option is mutually exclusive with all other options. 936<br><dt><code>-p</code> <code>--password</code>= <kbd>passwd</kbd><dd>Set the password for reading and writing encrypted files to 937<kbd>passwd</kbd>. 938These include the host, sign and identify key files. 939By default, the password is the string returned by the Unix 940<code>hostname</code> 941command. 942<br><dt><code>-P</code> <code>--pvt-cert</code><dd>Generate a new private certificate used by the 943<code>PC</code> 944identity scheme. 945By default, the program generates public certificates. 946Note: the PC identity scheme is not recommended for new installations. 947<br><dt><code>-q</code> <code>--export-passwd</code>= <kbd>passwd</kbd><dd>Set the password for writing encrypted 948<code>IFF</code>, <code>GQ</code> <code>and</code> <code>MV</code> 949identity files redirected to 950<span class="file">stdout</span> 951to 952<kbd>passwd</kbd>. 953In effect, these files are decrypted with the 954<code>-p</code> 955password, then encrypted with the 956<code>-q</code> 957password. 958By default, the password is the string returned by the Unix 959<code>hostname</code> 960command. 961<br><dt><code>-s</code> <code>--subject-key</code>= <code>[host]</code> <code>[@ </code><kbd>group</kbd><code>]</code><dd>Specify the Autokey host name, where 962<kbd>host</kbd> 963is the optional host name and 964<kbd>group</kbd> 965is the optional group name. 966The host name, and if provided, group name are used in 967<kbd>host</kbd> <kbd>@</kbd> <kbd>group</kbd> 968form as certificate subject and issuer. 969Specifying 970<code>-s</code> <code>-@</code> <kbd>group</kbd> 971is allowed, and results in leaving the host name unchanged, as with 972<code>-i</code> <kbd>group</kbd>. 973The group name, or if no group is provided, the host name are also used in the 974file names of 975<code>IFF</code>, <code>GQ</code>, 976and 977<code>MV</code> 978identity scheme client parameter files. 979If 980<kbd>host</kbd> 981is not specified, the default host name is the string returned by the Unix 982<code>hostname</code> 983command. 984<br><dt><code>-S</code> <code>--sign-key</code>= <code>[RSA | DSA]</code><dd>Generate a new encrypted public/private sign key file of the specified type. 985By default, the sign key is the host key and has the same type. 986If compatibility with FIPS 140-2 is required, the sign key type must be 987<code>DSA</code>. 988<br><dt><code>-T</code> <code>--trusted-cert</code><dd>Generate a trusted certificate. 989By default, the program generates a non-trusted certificate. 990<br><dt><code>-V</code> <code>--mv-params</code> <kbd>nkeys</kbd><dd>Generate 991<kbd>nkeys</kbd> 992encrypted server keys and parameters for the Mu-Varadharajan (MV) 993identity scheme. 994This option is mutually exclusive with the 995<code>-I</code> 996and 997<code>-G</code> 998options. 999Note: support for this option should be considered a work in progress. 1000</dl> 1001 1002<h5 class="subsubsection">Random Seed File</h5> 1003 1004<p>All cryptographically sound key generation schemes must have means 1005to randomize the entropy seed used to initialize 1006the internal pseudo-random number generator used 1007by the library routines. 1008The OpenSSL library uses a designated random seed file for this purpose. 1009The file must be available when starting the NTP daemon and 1010<code>ntp-keygen</code> 1011program. 1012If a site supports OpenSSL or its companion OpenSSH, 1013it is very likely that means to do this are already available. 1014 1015 <p>It is important to understand that entropy must be evolved 1016for each generation, for otherwise the random number sequence 1017would be predictable. 1018Various means dependent on external events, such as keystroke intervals, 1019can be used to do this and some systems have built-in entropy sources. 1020Suitable means are described in the OpenSSL software documentation, 1021but are outside the scope of this page. 1022 1023 <p>The entropy seed used by the OpenSSL library is contained in a file, 1024usually called 1025<span class="file">.rnd</span>, 1026which must be available when starting the NTP daemon 1027or the 1028<code>ntp-keygen</code> 1029program. 1030The NTP daemon will first look for the file 1031using the path specified by the 1032<code>randfile</code> 1033subcommand of the 1034<code>crypto</code> 1035configuration command. 1036If not specified in this way, or when starting the 1037<code>ntp-keygen</code> 1038program, 1039the OpenSSL library will look for the file using the path specified 1040by the 1041.Ev RANDFILE 1042environment variable in the user home directory, 1043whether root or some other user. 1044If the 1045.Ev RANDFILE 1046environment variable is not present, 1047the library will look for the 1048<span class="file">.rnd</span> 1049file in the user home directory. 1050Since both the 1051<code>ntp-keygen</code> 1052program and 1053<code>ntpd(1ntpdmdoc)</code> 1054daemon must run as root, the logical place to put this file is in 1055<span class="file">/.rnd</span> 1056or 1057<span class="file">/root/.rnd</span>. 1058If the file is not available or cannot be written, 1059the daemon exits with a message to the system log and the program 1060exits with a suitable error message. 1061 1062<h5 class="subsubsection">Cryptographic Data Files</h5> 1063 1064<p>All file formats begin with two nonencrypted lines. 1065The first line contains the file name, including the generated host name 1066and filestamp, in the format 1067<span class="file">ntpkey_</span><kbd>key</kbd> <kbd>_</kbd> <kbd>name</kbd>. <kbd>filestamp</kbd>, 1068where 1069<kbd>key</kbd> 1070is the key or parameter type, 1071<kbd>name</kbd> 1072is the host or group name and 1073<kbd>filestamp</kbd> 1074is the filestamp (NTP seconds) when the file was created. 1075By convention, 1076<kbd>key</kbd> 1077names in generated file names include both upper and lower case 1078characters, while 1079<kbd>key</kbd> 1080names in generated link names include only lower case characters. 1081The filestamp is not used in generated link names. 1082The second line contains the datestamp in conventional Unix 1083<span class="file">date</span> 1084format. 1085Lines beginning with 1086# 1087are considered comments and ignored by the 1088<code>ntp-keygen</code> 1089program and 1090<code>ntpd(1ntpdmdoc)</code> 1091daemon. 1092 1093 <p>The remainder of the file contains cryptographic data, encoded first using ASN.1 1094rules, then encrypted if necessary, and finally written in PEM-encoded 1095printable ASCII text, preceded and followed by MIME content identifier lines. 1096 1097 <p>The format of the symmetric keys file, ordinarily named 1098<span class="file">ntp.keys</span>, 1099is somewhat different than the other files in the interest of backward compatibility. 1100Ordinarily, the file is generated by this program, but it can be constructed 1101and edited using an ordinary text editor. 1102<pre class="verbatim"> 1103# ntpkey_MD5key_bk.ntp.org.3595864945 1104# Thu Dec 12 19:22:25 2013 1105 11061 MD5 L";Nw<\`.I<f4U0)247"i # MD5 key 11072 MD5 &>l0%XXK9O'51VwV<xq~ # MD5 key 11083 MD5 lb4zLW~d^!K:]RsD'qb6 # MD5 key 11094 MD5 Yue:tL[+vR)M\`n~bY,'? # MD5 key 11105 MD5 B;fx'Kgr/&4ZTbL6=RxA # MD5 key 11116 MD5 4eYwa\`o@}3i@@@@V@@..R9!l # MD5 key 11127 MD5 \`A.([h+;wTQ|xfi%Sn_! # MD5 key 11138 MD5 45:V,r4]l6y^JH6"Sh?F # MD5 key 11149 MD5 3-5vcn*6l29DS?Xdsg)* # MD5 key 111510 MD5 2late4Me # MD5 key 111611 SHA1 a27872d3030a9025b8446c751b4551a7629af65c # SHA1 key 111712 SHA1 21bc3b4865dbb9e920902abdccb3e04ff97a5e74 # SHA1 key 111813 SHA1 2b7736fe24fef5ba85ae11594132ab5d6f6daba9 # SHA1 key 111914 SHA a5332809c8878dd3a5b918819108a111509aeceb # SHA key 112015 MD2 2fe16c88c760ff2f16d4267e36c1aa6c926e6964 # MD2 key 112116 MD4 b2691811dc19cfc0e2f9bcacd74213f29812183d # MD4 key 112217 MD5 e4d6735b8bdad58ec5ffcb087300a17f7fef1f7c # MD5 key 112318 MDC2 a8d5e2315c025bf3a79174c87fbd10477de2eabc # MDC2 key 112419 RIPEMD160 77ca332cafb30e3cafb174dcd5b80ded7ba9b3d2 # RIPEMD160 key 112520 AES128CMAC f92ff73eee86c1e7dc638d6489a04e4e555af878 # AES128CMAC key 1126</pre> 1127<pre class="example"> Figure 1. Typical Symmetric Key File 1128</pre> 1129 <p>Figure 1 shows a typical symmetric keys file used by the reference 1130implementation. 1131Following the header the keys are entered one per line in the format 1132<pre class="example"> <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> 1133</pre> 1134 <p>where 1135<kbd>keyno</kbd> 1136is a positive integer in the range 1-65534; 1137<kbd>type</kbd> 1138is the key type for the message digest algorithm, which in the absence of the 1139OpenSSL library must be 1140<code>MD5</code> 1141to designate the MD5 message digest algorithm; 1142if the OpenSSL library is installed, the key type can be any 1143message digest algorithm supported by that library; 1144however, if compatibility with FIPS 140-2 is required, 1145the key type must be either 1146<code>SHA</code> 1147or 1148<code>SHA1</code>; 1149<kbd>key</kbd> 1150is the key itself, 1151which is a printable ASCII string 20 characters or less in length: 1152each character is chosen from the 93 printable characters 1153in the range 0x21 through 0x7e ( 1154! 1155through 1156~ 1157) excluding space and the 1158# 1159character, and terminated by whitespace or a 1160# 1161character. 1162An OpenSSL key consists of a hex-encoded ASCII string of 40 characters, which 1163is truncated as necessary. 1164 1165 <p>Note that the keys used by the 1166<code>ntpq(1ntpqmdoc)</code> 1167and 1168<code>ntpdc(1ntpdcmdoc)</code> 1169programs 1170are checked against passwords requested by the programs 1171and entered by hand, so it is generally appropriate to specify these keys 1172in human readable ASCII format. 1173 1174 <p>The 1175<code>ntp-keygen</code> 1176program generates a symmetric keys file 1177<span class="file">ntpkey_MD5key_</span><kbd>hostname</kbd>. <kbd>filestamp</kbd>. 1178Since the file contains private shared keys, 1179it should be visible only to root and distributed by secure means 1180to other subnet hosts. 1181The NTP daemon loads the file 1182<span class="file">ntp.keys</span>, 1183so 1184<code>ntp-keygen</code> 1185installs a soft link from this name to the generated file. 1186Subsequently, similar soft links must be installed by manual 1187or automated means on the other subnet hosts. 1188While this file is not used with the Autokey Version 2 protocol, 1189it is needed to authenticate some remote configuration commands 1190used by the 1191<code>ntpq(1ntpqmdoc)</code> 1192and 1193<code>ntpdc(1ntpdcmdoc)</code> 1194utilities. 1195 1196 <p>This section was generated by <strong>AutoGen</strong>, 1197using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp-keygen</code> program. 1198This software is released under the NTP license, <http://ntp.org/license>. 1199 1200<ul class="menu"> 1201<li><a accesskey="1" href="#ntp_002dkeygen-usage">ntp-keygen usage</a>: ntp-keygen help/usage (<span class="option">--help</span>) 1202<li><a accesskey="2" href="#ntp_002dkeygen-imbits">ntp-keygen imbits</a>: imbits option (-b) 1203<li><a accesskey="3" href="#ntp_002dkeygen-certificate">ntp-keygen certificate</a>: certificate option (-c) 1204<li><a accesskey="4" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>: cipher option (-C) 1205<li><a accesskey="5" href="#ntp_002dkeygen-id_002dkey">ntp-keygen id-key</a>: id-key option (-e) 1206<li><a accesskey="6" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>: gq-params option (-G) 1207<li><a accesskey="7" href="#ntp_002dkeygen-host_002dkey">ntp-keygen host-key</a>: host-key option (-H) 1208<li><a accesskey="8" href="#ntp_002dkeygen-iffkey">ntp-keygen iffkey</a>: iffkey option (-I) 1209<li><a accesskey="9" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>: ident option (-i) 1210<li><a href="#ntp_002dkeygen-lifetime">ntp-keygen lifetime</a>: lifetime option (-l) 1211<li><a href="#ntp_002dkeygen-modulus">ntp-keygen modulus</a>: modulus option (-m) 1212<li><a href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>: md5key option (-M) 1213<li><a href="#ntp_002dkeygen-pvt_002dcert">ntp-keygen pvt-cert</a>: pvt-cert option (-P) 1214<li><a href="#ntp_002dkeygen-password">ntp-keygen password</a>: password option (-p) 1215<li><a href="#ntp_002dkeygen-export_002dpasswd">ntp-keygen export-passwd</a>: export-passwd option (-q) 1216<li><a href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>: subject-name option (-s) 1217<li><a href="#ntp_002dkeygen-sign_002dkey">ntp-keygen sign-key</a>: sign-key option (-S) 1218<li><a href="#ntp_002dkeygen-trusted_002dcert">ntp-keygen trusted-cert</a>: trusted-cert option (-T) 1219<li><a href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>: mv-params option (-V) 1220<li><a href="#ntp_002dkeygen-mv_002dkeys">ntp-keygen mv-keys</a>: mv-keys option (-v) 1221<li><a href="#ntp_002dkeygen-config">ntp-keygen config</a>: presetting/configuring ntp-keygen 1222<li><a href="#ntp_002dkeygen-exit-status">ntp-keygen exit status</a>: exit status 1223<li><a href="#ntp_002dkeygen-Usage">ntp-keygen Usage</a>: Usage 1224<li><a href="#ntp_002dkeygen-Notes">ntp-keygen Notes</a>: Notes 1225<li><a href="#ntp_002dkeygen-Bugs">ntp-keygen Bugs</a>: Bugs 1226</ul> 1227 1228<div class="node"> 1229<p><hr> 1230<a name="ntp_002dkeygen-usage"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-imbits">ntp-keygen imbits</a>, 1231Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1232<br> 1233</div> 1234 1235<h4 class="subsection">ntp-keygen help/usage (<span class="option">--help</span>)</h4> 1236 1237<p><a name="index-ntp_002dkeygen-help-3"></a> 1238This is the automatically generated usage text for ntp-keygen. 1239 1240 <p>The text printed is the same whether selected with the <code>help</code> option 1241(<span class="option">--help</span>) or the <code>more-help</code> option (<span class="option">--more-help</span>). <code>more-help</code> will print 1242the usage text by passing it through a pager program. 1243<code>more-help</code> is disabled on platforms without a working 1244<code>fork(2)</code> function. The <code>PAGER</code> environment variable is 1245used to select the program, defaulting to <span class="file">more</span>. Both will exit 1246with a status code of 0. 1247 1248<pre class="example">ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p10 1249Usage: ntp-keygen [ -<flag> [<val>] | --<name>[{=| }<val>] ]... 1250 Flg Arg Option-Name Description 1251 -b Num imbits identity modulus bits 1252 - it must be in the range: 1253 256 to 2048 1254 -c Str certificate certificate scheme 1255 -C Str cipher privatekey cipher 1256 -d no debug-level Increase debug verbosity level 1257 - may appear multiple times 1258 -D Num set-debug-level Set the debug verbosity level 1259 - may appear multiple times 1260 -e no id-key Write IFF or GQ identity keys 1261 -G no gq-params Generate GQ parameters and keys 1262 -H no host-key generate RSA host key 1263 -I no iffkey generate IFF parameters 1264 -i Str ident set Autokey group name 1265 -l Num lifetime set certificate lifetime 1266 -m Num modulus prime modulus 1267 - it must be in the range: 1268 256 to 2048 1269 -M no md5key generate symmetric keys 1270 -P no pvt-cert generate PC private certificate 1271 -p Str password local private password 1272 -q Str export-passwd export IFF or GQ group keys with password 1273 -s Str subject-name set host and optionally group name 1274 -S Str sign-key generate sign key (RSA or DSA) 1275 -T no trusted-cert trusted certificate (TC scheme) 1276 -V Num mv-params generate <num> MV parameters 1277 -v Num mv-keys update <num> MV keys 1278 opt version output version information and exit 1279 -? no help display extended usage information and exit 1280 -! no more-help extended usage information passed thru pager 1281 -> opt save-opts save the option state to a config file 1282 -< Str load-opts load options from a config file 1283 - disabled as '--no-load-opts' 1284 - may appear multiple times 1285 1286Options are specified by doubled hyphens and their name or by a single 1287hyphen and the flag character. 1288 1289 1290The following option preset mechanisms are supported: 1291 - reading file $HOME/.ntprc 1292 - reading file ./.ntprc 1293 - examining environment variables named NTP_KEYGEN_* 1294 1295Please send bug reports to: <http://bugs.ntp.org, bugs@ntp.org> 1296</pre> 1297 <div class="node"> 1298<p><hr> 1299<a name="ntp_002dkeygen-imbits"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-certificate">ntp-keygen certificate</a>, 1300Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-usage">ntp-keygen usage</a>, 1301Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1302<br> 1303</div> 1304 1305<h4 class="subsection">imbits option (-b)</h4> 1306 1307<p><a name="index-ntp_002dkeygen_002dimbits-4"></a> 1308This is the “identity modulus bits” option. 1309This option takes a number argument <span class="file">imbits</span>. 1310 1311<p class="noindent">This option has some usage constraints. It: 1312 <ul> 1313<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1314</ul> 1315 1316 <p>The number of bits in the identity modulus. The default is 256. 1317<div class="node"> 1318<p><hr> 1319<a name="ntp_002dkeygen-certificate"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>, 1320Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-imbits">ntp-keygen imbits</a>, 1321Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1322<br> 1323</div> 1324 1325<h4 class="subsection">certificate option (-c)</h4> 1326 1327<p><a name="index-ntp_002dkeygen_002dcertificate-5"></a> 1328This is the “certificate scheme” option. 1329This option takes a string argument <span class="file">scheme</span>. 1330 1331<p class="noindent">This option has some usage constraints. It: 1332 <ul> 1333<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1334</ul> 1335 1336 <p>scheme is one of 1337RSA-MD2, RSA-MD5, RSA-MDC2, RSA-SHA, RSA-SHA1, RSA-RIPEMD160, 1338DSA-SHA, or DSA-SHA1. 1339 1340 <p>Select the certificate signature encryption/message digest scheme. 1341Note that RSA schemes must be used with a RSA sign key and DSA 1342schemes must be used with a DSA sign key. The default without 1343this option is RSA-MD5. 1344<div class="node"> 1345<p><hr> 1346<a name="ntp_002dkeygen-cipher"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-id_002dkey">ntp-keygen id-key</a>, 1347Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-certificate">ntp-keygen certificate</a>, 1348Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1349<br> 1350</div> 1351 1352<h4 class="subsection">cipher option (-C)</h4> 1353 1354<p><a name="index-ntp_002dkeygen_002dcipher-6"></a> 1355This is the “privatekey cipher” option. 1356This option takes a string argument <span class="file">cipher</span>. 1357 1358<p class="noindent">This option has some usage constraints. It: 1359 <ul> 1360<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1361</ul> 1362 1363 <p>Select the cipher which is used to encrypt the files containing 1364private keys. The default is three-key triple DES in CBC mode, 1365equivalent to "<code>-C des-ede3-cbc</code>". The openssl tool lists ciphers 1366available in "<code>openssl -h</code>" output. 1367<div class="node"> 1368<p><hr> 1369<a name="ntp_002dkeygen-id_002dkey"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>, 1370Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>, 1371Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1372<br> 1373</div> 1374 1375<h4 class="subsection">id-key option (-e)</h4> 1376 1377<p><a name="index-ntp_002dkeygen_002did_002dkey-7"></a> 1378This is the “write iff or gq identity keys” option. 1379 1380<p class="noindent">This option has some usage constraints. It: 1381 <ul> 1382<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1383</ul> 1384 1385 <p>Write the public parameters from the IFF or GQ client keys to 1386the standard output. 1387This is intended for automatic key distribution by email. 1388<div class="node"> 1389<p><hr> 1390<a name="ntp_002dkeygen-gq_002dparams"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-host_002dkey">ntp-keygen host-key</a>, 1391Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-id_002dkey">ntp-keygen id-key</a>, 1392Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1393<br> 1394</div> 1395 1396<h4 class="subsection">gq-params option (-G)</h4> 1397 1398<p><a name="index-ntp_002dkeygen_002dgq_002dparams-8"></a> 1399This is the “generate gq parameters and keys” option. 1400 1401<p class="noindent">This option has some usage constraints. It: 1402 <ul> 1403<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1404</ul> 1405 1406 <p>Generate parameters and keys for the GQ identification scheme, 1407obsoleting any that may exist. 1408<div class="node"> 1409<p><hr> 1410<a name="ntp_002dkeygen-host_002dkey"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-iffkey">ntp-keygen iffkey</a>, 1411Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>, 1412Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1413<br> 1414</div> 1415 1416<h4 class="subsection">host-key option (-H)</h4> 1417 1418<p><a name="index-ntp_002dkeygen_002dhost_002dkey-9"></a> 1419This is the “generate rsa host key” option. 1420 1421<p class="noindent">This option has some usage constraints. It: 1422 <ul> 1423<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1424</ul> 1425 1426 <p>Generate new host keys, obsoleting any that may exist. 1427<div class="node"> 1428<p><hr> 1429<a name="ntp_002dkeygen-iffkey"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>, 1430Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-host_002dkey">ntp-keygen host-key</a>, 1431Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1432<br> 1433</div> 1434 1435<h4 class="subsection">iffkey option (-I)</h4> 1436 1437<p><a name="index-ntp_002dkeygen_002diffkey-10"></a> 1438This is the “generate iff parameters” option. 1439 1440<p class="noindent">This option has some usage constraints. It: 1441 <ul> 1442<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1443</ul> 1444 1445 <p>Generate parameters for the IFF identification scheme, obsoleting 1446any that may exist. 1447<div class="node"> 1448<p><hr> 1449<a name="ntp_002dkeygen-ident"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-lifetime">ntp-keygen lifetime</a>, 1450Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-iffkey">ntp-keygen iffkey</a>, 1451Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1452<br> 1453</div> 1454 1455<h4 class="subsection">ident option (-i)</h4> 1456 1457<p><a name="index-ntp_002dkeygen_002dident-11"></a> 1458This is the “set autokey group name” option. 1459This option takes a string argument <span class="file">group</span>. 1460 1461<p class="noindent">This option has some usage constraints. It: 1462 <ul> 1463<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1464</ul> 1465 1466 <p>Set the optional Autokey group name to name. This is used in 1467the file name of IFF, GQ, and MV client parameters files. In 1468that role, the default is the host name if this option is not 1469provided. The group name, if specified using <code>-i/--ident</code> or 1470using <code>-s/--subject-name</code> following an '<code>@</code>' character, 1471is also a part of the self-signed host certificate subject and 1472issuer names in the form <code>host@group</code> and should match the 1473'<code>crypto ident</code>' or '<code>server ident</code>' configuration in the 1474<code>ntpd</code> configuration file. 1475<div class="node"> 1476<p><hr> 1477<a name="ntp_002dkeygen-lifetime"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-modulus">ntp-keygen modulus</a>, 1478Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>, 1479Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1480<br> 1481</div> 1482 1483<h4 class="subsection">lifetime option (-l)</h4> 1484 1485<p><a name="index-ntp_002dkeygen_002dlifetime-12"></a> 1486This is the “set certificate lifetime” option. 1487This option takes a number argument <span class="file">lifetime</span>. 1488 1489<p class="noindent">This option has some usage constraints. It: 1490 <ul> 1491<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1492</ul> 1493 1494 <p>Set the certificate expiration to lifetime days from now. 1495<div class="node"> 1496<p><hr> 1497<a name="ntp_002dkeygen-modulus"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>, 1498Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-lifetime">ntp-keygen lifetime</a>, 1499Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1500<br> 1501</div> 1502 1503<h4 class="subsection">modulus option (-m)</h4> 1504 1505<p><a name="index-ntp_002dkeygen_002dmodulus-13"></a> 1506This is the “prime modulus” option. 1507This option takes a number argument <span class="file">modulus</span>. 1508 1509<p class="noindent">This option has some usage constraints. It: 1510 <ul> 1511<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1512</ul> 1513 1514 <p>The number of bits in the prime modulus. The default is 512. 1515<div class="node"> 1516<p><hr> 1517<a name="ntp_002dkeygen-md5key"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-pvt_002dcert">ntp-keygen pvt-cert</a>, 1518Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-modulus">ntp-keygen modulus</a>, 1519Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1520<br> 1521</div> 1522 1523<h4 class="subsection">md5key option (-M)</h4> 1524 1525<p><a name="index-ntp_002dkeygen_002dmd5key-14"></a> 1526This is the “generate symmetric keys” option. 1527Generate symmetric keys, obsoleting any that may exist. 1528<div class="node"> 1529<p><hr> 1530<a name="ntp_002dkeygen-pvt_002dcert"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-password">ntp-keygen password</a>, 1531Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>, 1532Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1533<br> 1534</div> 1535 1536<h4 class="subsection">pvt-cert option (-P)</h4> 1537 1538<p><a name="index-ntp_002dkeygen_002dpvt_002dcert-15"></a> 1539This is the “generate pc private certificate” option. 1540 1541<p class="noindent">This option has some usage constraints. It: 1542 <ul> 1543<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1544</ul> 1545 1546 <p>Generate a private certificate. By default, the program generates 1547public certificates. 1548<div class="node"> 1549<p><hr> 1550<a name="ntp_002dkeygen-password"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-export_002dpasswd">ntp-keygen export-passwd</a>, 1551Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-pvt_002dcert">ntp-keygen pvt-cert</a>, 1552Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1553<br> 1554</div> 1555 1556<h4 class="subsection">password option (-p)</h4> 1557 1558<p><a name="index-ntp_002dkeygen_002dpassword-16"></a> 1559This is the “local private password” option. 1560This option takes a string argument <span class="file">passwd</span>. 1561 1562<p class="noindent">This option has some usage constraints. It: 1563 <ul> 1564<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1565</ul> 1566 1567 <p>Local files containing private data are encrypted with the 1568DES-CBC algorithm and the specified password. The same password 1569must be specified to the local ntpd via the "crypto pw password" 1570configuration command. The default password is the local 1571hostname. 1572<div class="node"> 1573<p><hr> 1574<a name="ntp_002dkeygen-export_002dpasswd"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>, 1575Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-password">ntp-keygen password</a>, 1576Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1577<br> 1578</div> 1579 1580<h4 class="subsection">export-passwd option (-q)</h4> 1581 1582<p><a name="index-ntp_002dkeygen_002dexport_002dpasswd-17"></a> 1583This is the “export iff or gq group keys with password” option. 1584This option takes a string argument <span class="file">passwd</span>. 1585 1586<p class="noindent">This option has some usage constraints. It: 1587 <ul> 1588<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1589</ul> 1590 1591 <p>Export IFF or GQ identity group keys to the standard output, 1592encrypted with the DES-CBC algorithm and the specified password. 1593The same password must be specified to the remote ntpd via the 1594"crypto pw password" configuration command. See also the option 1595–id-key (-e) for unencrypted exports. 1596<div class="node"> 1597<p><hr> 1598<a name="ntp_002dkeygen-subject_002dname"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-sign_002dkey">ntp-keygen sign-key</a>, 1599Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-export_002dpasswd">ntp-keygen export-passwd</a>, 1600Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1601<br> 1602</div> 1603 1604<h4 class="subsection">subject-name option (-s)</h4> 1605 1606<p><a name="index-ntp_002dkeygen_002dsubject_002dname-18"></a> 1607This is the “set host and optionally group name” option. 1608This option takes a string argument <span class="file">host@group</span>. 1609 1610<p class="noindent">This option has some usage constraints. It: 1611 <ul> 1612<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1613</ul> 1614 1615 <p>Set the Autokey host name, and optionally, group name specified 1616following an '<code>@</code>' character. The host name is used in the file 1617name of generated host and signing certificates, without the 1618group name. The host name, and if provided, group name are used 1619in <code>host@group</code> form for the host certificate subject and issuer 1620fields. Specifying '<code>-s @group</code>' is allowed, and results in 1621leaving the host name unchanged while appending <code>@group</code> to the 1622subject and issuer fields, as with <code>-i group</code>. The group name, or 1623if not provided, the host name are also used in the file names 1624of IFF, GQ, and MV client parameter files. 1625<div class="node"> 1626<p><hr> 1627<a name="ntp_002dkeygen-sign_002dkey"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-trusted_002dcert">ntp-keygen trusted-cert</a>, 1628Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>, 1629Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1630<br> 1631</div> 1632 1633<h4 class="subsection">sign-key option (-S)</h4> 1634 1635<p><a name="index-ntp_002dkeygen_002dsign_002dkey-19"></a> 1636This is the “generate sign key (rsa or dsa)” option. 1637This option takes a string argument <span class="file">sign</span>. 1638 1639<p class="noindent">This option has some usage constraints. It: 1640 <ul> 1641<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1642</ul> 1643 1644 <p>Generate a new sign key of the designated type, obsoleting any 1645that may exist. By default, the program uses the host key as the 1646sign key. 1647<div class="node"> 1648<p><hr> 1649<a name="ntp_002dkeygen-trusted_002dcert"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>, 1650Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-sign_002dkey">ntp-keygen sign-key</a>, 1651Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1652<br> 1653</div> 1654 1655<h4 class="subsection">trusted-cert option (-T)</h4> 1656 1657<p><a name="index-ntp_002dkeygen_002dtrusted_002dcert-20"></a> 1658This is the “trusted certificate (tc scheme)” option. 1659 1660<p class="noindent">This option has some usage constraints. It: 1661 <ul> 1662<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1663</ul> 1664 1665 <p>Generate a trusted certificate. By default, the program generates 1666a non-trusted certificate. 1667<div class="node"> 1668<p><hr> 1669<a name="ntp_002dkeygen-mv_002dparams"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-mv_002dkeys">ntp-keygen mv-keys</a>, 1670Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-trusted_002dcert">ntp-keygen trusted-cert</a>, 1671Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1672<br> 1673</div> 1674 1675<h4 class="subsection">mv-params option (-V)</h4> 1676 1677<p><a name="index-ntp_002dkeygen_002dmv_002dparams-21"></a> 1678This is the “generate <num> mv parameters” option. 1679This option takes a number argument <span class="file">num</span>. 1680 1681<p class="noindent">This option has some usage constraints. It: 1682 <ul> 1683<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1684</ul> 1685 1686 <p>Generate parameters and keys for the Mu-Varadharajan (MV) 1687identification scheme. 1688<div class="node"> 1689<p><hr> 1690<a name="ntp_002dkeygen-mv_002dkeys"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-config">ntp-keygen config</a>, 1691Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>, 1692Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1693<br> 1694</div> 1695 1696<h4 class="subsection">mv-keys option (-v)</h4> 1697 1698<p><a name="index-ntp_002dkeygen_002dmv_002dkeys-22"></a> 1699This is the “update <num> mv keys” option. 1700This option takes a number argument <span class="file">num</span>. 1701 1702<p class="noindent">This option has some usage constraints. It: 1703 <ul> 1704<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation. 1705</ul> 1706 1707 <p>This option has no <span class="samp">doc</span> documentation. 1708 1709<div class="node"> 1710<p><hr> 1711<a name="ntp_002dkeygen-config"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-exit-status">ntp-keygen exit status</a>, 1712Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-mv_002dkeys">ntp-keygen mv-keys</a>, 1713Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1714<br> 1715</div> 1716 1717<h4 class="subsection">presetting/configuring ntp-keygen</h4> 1718 1719<p>Any option that is not marked as <i>not presettable</i> may be preset by 1720loading values from configuration ("rc" or "ini") files, and values from environment variables named <code>NTP-KEYGEN</code> and <code>NTP-KEYGEN_<OPTION_NAME></code>. <code><OPTION_NAME></code> must be one of 1721the options listed above in upper case and segmented with underscores. 1722The <code>NTP-KEYGEN</code> variable will be tokenized and parsed like 1723the command line. The remaining variables are tested for existence and their 1724values are treated like option arguments. 1725 1726<p class="noindent"><code>libopts</code> will search in 2 places for configuration files: 1727 <ul> 1728<li>$HOME 1729<li>$PWD 1730</ul> 1731 The environment variables <code>HOME</code>, and <code>PWD</code> 1732are expanded and replaced when <span class="file">ntp-keygen</span> runs. 1733For any of these that are plain files, they are simply processed. 1734For any that are directories, then a file named <span class="file">.ntprc</span> is searched for 1735within that directory and processed. 1736 1737 <p>Configuration files may be in a wide variety of formats. 1738The basic format is an option name followed by a value (argument) on the 1739same line. Values may be separated from the option name with a colon, 1740equal sign or simply white space. Values may be continued across multiple 1741lines by escaping the newline with a backslash. 1742 1743 <p>Multiple programs may also share the same initialization file. 1744Common options are collected at the top, followed by program specific 1745segments. The segments are separated by lines like: 1746<pre class="example"> [NTP-KEYGEN] 1747</pre> 1748 <p class="noindent">or by 1749<pre class="example"> <?program ntp-keygen> 1750</pre> 1751 <p class="noindent">Do not mix these styles within one configuration file. 1752 1753 <p>Compound values and carefully constructed string values may also be 1754specified using XML syntax: 1755<pre class="example"> <option-name> 1756 <sub-opt>...&lt;...&gt;...</sub-opt> 1757 </option-name> 1758</pre> 1759 <p class="noindent">yielding an <code>option-name.sub-opt</code> string value of 1760<pre class="example"> "...<...>..." 1761</pre> 1762 <p><code>AutoOpts</code> does not track suboptions. You simply note that it is a 1763hierarchicly valued option. <code>AutoOpts</code> does provide a means for searching 1764the associated name/value pair list (see: optionFindValue). 1765 1766 <p>The command line options relating to configuration and/or usage help are: 1767 1768<h5 class="subsubheading">version (-)</h5> 1769 1770<p>Print the program version to standard out, optionally with licensing 1771information, then exit 0. The optional argument specifies how much licensing 1772detail to provide. The default is to print just the version. The licensing infomation may be selected with an option argument. 1773Only the first letter of the argument is examined: 1774 1775 <dl> 1776<dt><span class="samp">version</span><dd>Only print the version. This is the default. 1777<br><dt><span class="samp">copyright</span><dd>Name the copyright usage licensing terms. 1778<br><dt><span class="samp">verbose</span><dd>Print the full copyright usage licensing terms. 1779</dl> 1780 1781<div class="node"> 1782<p><hr> 1783<a name="ntp_002dkeygen-exit-status"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-Usage">ntp-keygen Usage</a>, 1784Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-config">ntp-keygen config</a>, 1785Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1786<br> 1787</div> 1788 1789<h4 class="subsection">ntp-keygen exit status</h4> 1790 1791<p>One of the following exit values will be returned: 1792 <dl> 1793<dt><span class="samp">0 (EXIT_SUCCESS)</span><dd>Successful program execution. 1794<br><dt><span class="samp">1 (EXIT_FAILURE)</span><dd>The operation failed or the command syntax was not valid. 1795<br><dt><span class="samp">66 (EX_NOINPUT)</span><dd>A specified configuration file could not be loaded. 1796<br><dt><span class="samp">70 (EX_SOFTWARE)</span><dd>libopts had an internal operational error. Please report 1797it to autogen-users@lists.sourceforge.net. Thank you. 1798</dl> 1799 <div class="node"> 1800<p><hr> 1801<a name="ntp_002dkeygen-Usage"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-Notes">ntp-keygen Notes</a>, 1802Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-exit-status">ntp-keygen exit status</a>, 1803Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1804<br> 1805</div> 1806 1807<h4 class="subsection">ntp-keygen Usage</h4> 1808 1809<div class="node"> 1810<p><hr> 1811<a name="ntp_002dkeygen-Notes"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-Bugs">ntp-keygen Bugs</a>, 1812Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-Usage">ntp-keygen Usage</a>, 1813Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1814<br> 1815</div> 1816 1817<h4 class="subsection">ntp-keygen Notes</h4> 1818 1819<div class="node"> 1820<p><hr> 1821<a name="ntp_002dkeygen-Bugs"></a>Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-Notes">ntp-keygen Notes</a>, 1822Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a> 1823<br> 1824</div> 1825 1826<h4 class="subsection">ntp-keygen Bugs</h4> 1827 1828<div class="node"> 1829<p><hr> 1830<a name="Random-Seed-File"></a>Next: <a rel="next" accesskey="n" href="#Cryptographic-Data-Files">Cryptographic Data Files</a>, 1831Previous: <a rel="previous" accesskey="p" href="#Running-the-Program">Running the Program</a>, 1832Up: <a rel="up" accesskey="u" href="#Top">Top</a> 1833<br> 1834</div> 1835 1836<!-- node-name, next, previous, up --> 1837<h3 class="section">Random Seed File</h3> 1838 1839<p>All cryptographically sound key generation schemes must have means to 1840randomize the entropy seed used to initialize the internal 1841pseudo-random number generator used by the OpenSSL library routines. 1842If a site supports ssh, it is very likely that means to do this are 1843already available. 1844The entropy seed used by the OpenSSL library is contained in a file, 1845usually called <code>.rnd</code>, which must be available when 1846starting the <code>ntp-keygen</code> program or <code>ntpd</code> daemon. 1847 1848 <p>The OpenSSL library looks for the file using the path specified by the 1849<code>RANDFILE</code> environment variable in the user home directory, whether root 1850or some other user. 1851If the <code>RANDFILE</code> environment variable is not 1852present, the library looks for the <code>.rnd</code> file in the user home 1853directory. 1854Since both the <code>ntp-keygen</code> program and <code>ntpd</code> daemon must run 1855as root, the logical place to put this file is in <code>/.rnd</code> or 1856<code>/root/.rnd</code>. 1857If the file is not available or cannot be written, the program exits 1858with a message to the system log. 1859 1860<div class="node"> 1861<p><hr> 1862<a name="Cryptographic-Data-Files"></a>Previous: <a rel="previous" accesskey="p" href="#Random-Seed-File">Random Seed File</a>, 1863Up: <a rel="up" accesskey="u" href="#Top">Top</a> 1864<br> 1865</div> 1866 1867<!-- node-name, next, previous, up --> 1868<h3 class="section">Cryptographic Data Files</h3> 1869 1870<p>File and link names are in the <code>form ntpkey_key_name.fstamp</code>, 1871where <code>key</code> is the key or parameter type, 1872<code>name</code> is the host or group name and 1873<code>fstamp</code> is the filestamp (NTP seconds) when the file was created). 1874By convention, key names in generated file names include both upper and 1875lower case characters, while key names in generated link names include 1876only lower case characters. The filestamp is not used in generated link 1877names. 1878 1879 <p>The key name is a string defining the cryptographic key type. 1880Key types include public/private keys host and sign, certificate cert 1881and several challenge/response key types. 1882By convention, client files used for 1883challenges have a par subtype, as in the IFF challenge IFFpar, while 1884server files for responses have a key subtype, as in the GQ response 1885GQkey. 1886 1887 <p>All files begin with two nonencrypted lines. The first line contains 1888the file name in the format <code>ntpkey_key_host.fstamp</code>. 1889The second line contains the datestamp in conventional Unix date format. 1890Lines beginning with <code>#</code> are ignored. 1891 1892 <p>The remainder of the file contains cryptographic data encoded first 1893using ASN.1 rules, then encrypted using the DES-CBC algorithm with 1894given password and finally written in PEM-encoded printable ASCII text 1895preceded and followed by MIME content identifier lines. 1896 1897 <p>The format of the symmetric keys file, ordinarily named <code>ntp.keys</code>, 1898is somewhat different than the other files in the interest of backward 1899compatibility. 1900Ordinarily, the file is generated by this program, but 1901it can be constructed and edited using an ordinary text editor. 1902 1903<pre class="example"> # ntpkey_MD5key_hms.local.3564038757 1904 # Sun Dec 9 02:45:57 2012 1905 1906 1 MD5 "]!ghT%O;3)WJ,/Nc:>I # MD5 key 1907 2 MD5 lu+H^tF46BKR-6~pV_5 # MD5 key 1908 3 MD5 :lnoVsE%Yz*avh%EtNC # MD5 key 1909 4 MD5 |fdZrf0sF~^V # MD5 key 1910 5 MD5 IyAG>O"y"LmCRS!*bHC # MD5 key 1911 6 MD5 ">e\A # MD5 key 1912 7 MD5 c9x=M'CfLxax9v)PV-si # MD5 key 1913 8 MD5 E|=jvFVov?Bn|Ev=&aK\ # MD5 key 1914 9 MD5 T!c4UT&`(m$+m+B6,`Q0 # MD5 key 1915 10 MD5 JVF/1=)=IFbHbJQz..Cd # MD5 key 1916 11 SHA1 6dea311109529e436c2b4fccae9bc753c16d1b48 # SHA1 key 1917 12 SHA1 7076f373d86c4848c59ff8046e49cb7d614ec394 # SHA1 key 1918 13 SHA1 5f48b1b60591eb01b7cf1d33b7774f08d20262d3 # SHA1 key 1919 14 SHA1 eed5ab9d9497319ec60cf3781d52607e76720178 # SHA1 key 1920 15 SHA1 f283562611a04c964da8126296f5f8e58c3f85de # SHA1 key 1921 16 SHA1 1930da171297dd63549af50b29449de17dcf341f # SHA1 key 1922 17 SHA1 fee892110358cd4382322b889869e750db8e8a8f # SHA1 key 1923 18 SHA1 b5520c9fadd7ad3fd8bfa061c8821b65d029bb37 # SHA1 key 1924 19 SHA1 8c74fb440ec80f453ec6aaa62b9baed0ab723b92 # SHA1 key 1925 20 SHA1 6bc05f734306a189326000970c19b3910f403795 # SHA1 key 1926</pre> 1927 <p>Figure 1. Typical Symmetric Key File 1928 1929 <p>Figure 1 shows a typical symmetric keys file used by the reference 1930implementation. 1931Each line of the file contains three fields, first an 1932integer between 1 and 65534, inclusive, representing the key identifier 1933used in the server and peer configuration commands. 1934Next is the key type for the message digest algorithm, 1935which in the absence of the 1936OpenSSL library must be MD5 to designate the MD5 message digest 1937algorithm. 1938If the OpenSSL library is installed, the key type can be any 1939message digest algorithm supported by that library. 1940However, if 1941compatibility with FIPS 140-2 is required, the key type must be either 1942SHA or SHA1. 1943The key type can be changed using an ASCII text editor. 1944 1945 <p>An MD5 key consists of a printable ASCII string less than or equal to 194616 characters and terminated by whitespace or a # character. 1947An OpenSSL 1948key consists of a hex-encoded ASCII string of 40 characters, which is 1949truncated as necessary. 1950 1951 <p>Note that the keys used by the <code>ntpq</code> and <code>ntpdc</code> programs are 1952checked against passwords requested by the programs and entered by hand, 1953so it 1954is generally appropriate to specify these keys in human readable ASCII 1955format. 1956 1957 <p>The <code>ntp-keygen</code> program generates a MD5 symmetric keys file 1958<code>ntpkey_MD5key_hostname.filestamp</code>. 1959Since the file contains private 1960shared keys, it should be visible only to root and distributed by 1961secure means to other subnet hosts. 1962The NTP daemon loads the file <code>ntp.keys</code>, so <code>ntp-keygen</code> 1963installs a soft link from this name to the generated file. 1964Subsequently, similar soft links must be installed by 1965manual or automated means on the other subnet hosts. 1966While this file is 1967not used with the Autokey Version 2 protocol, it is needed to 1968authenticate some remote configuration commands used by the <code>ntpq</code> and 1969<code>ntpdc</code> utilities. 1970 1971</body></html> 1972 1973