1 .TH ntp.keys 5 "27 Feb 2018" "4.2.8p11" "File Formats"
3 .\" EDIT THIS FILE WITH CAUTION (ntp.man)
5 .\" It has been AutoGen-ed February 27, 2018 at 05:14:26 PM by AutoGen 5.18.5
6 .\" From the definitions ntp.keys.def
7 .\" and the template file agman-file.tpl
10 .Nd NTP symmetric key file format
14 ntp.keys \- NTP symmetric key file format configuration file
29 [\f\*[B-Font]\-\-option-name\f[]]
30 [\f\*[B-Font]\-\-option-name\f[] \f\*[I-Font]value\f[]]
34 All arguments must be options.
39 This document describes the format of an NTP symmetric key file.
40 For a description of the use of this type of file, see the
41 "Authentication Support"
43 \fCntp.conf\f[]\fR(5)\f[]
49 reads its keys from a file specified using the
51 command line option or the
53 statement in the configuration file.
54 While key number 0 is fixed by the NTP standard
56 and may not be changed,
57 one or more keys numbered between 1 and 65534
58 may be arbitrarily set in the keys file.
62 The key file uses the same comment conventions
63 as the configuration file.
64 Key entries use a fixed format of the form
69 \f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] \f\*[I-Font]opt_IP_list\f[]
76 is a positive integer (between 1 and 65534),
78 is the message digest algorithm,
80 is the key itself, and
81 \f\*[I-Font]opt_IP_list\f[]
82 is an optional comma-separated list of IPs
86 that are allowed to serve time.
88 \f\*[I-Font]opt_IP_list\f[]
89 may contain an optional
90 \f\*[B-Font]/subnetbits\f[]
91 specification which identifies the number of bits for
92 the desired subnet of trust.
94 \f\*[I-Font]opt_IP_list\f[]
96 any properly-authenticated message will be
103 may be given in a format
113 was built with the OpenSSL library
114 then any digest library supported by that library may be specified.
115 However, if compliance with FIPS 140-2 is required the
124 What follows are some key types, and corresponding formats:
130 The key is 1 to 16 printable characters terminated by
136 (which is the "start of comment" character).
152 The key is a hex-encoded ASCII string of 40 characters,
153 which is truncated as necessary.
158 Note that the keys used by the
159 \fCntpq\f[]\fR(8)\f[]
161 \fCntpdc\f[]\fR(8)\f[]
162 programs are checked against passwords
163 requested by the programs and entered by hand,
164 so it is generally appropriate to specify these keys in ASCII format.
167 .NOP \fI/etc/ntp.keys\f[]
168 the default name of the configuration file
171 \fCntp.conf\f[]\fR(5)\f[],
172 \fCntpd\f[]\fR(@NTPD_MS@)\f[],
173 \fCntpdate\f[]\fR(@NTPDATE_MS@)\f[],
174 \fCntpdc\f[]\fR(@NTPDC_MS@)\f[],
175 \fCsntp\f[]\fR(@SNTP_MS@)\f[]
177 The University of Delaware and Network Time Foundation
179 Copyright (C) 1992-2017 The University of Delaware and Network Time Foundation all rights reserved.
180 This program is released under the terms of the NTP license, <http://ntp.org/license>.
182 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
184 This document was derived from FreeBSD.
188 This manual page was \fIAutoGen\fP-erated from the \fBntp.keys\fP