<html lang="en"> <head> <title>NTP Symmetric Key</title> <meta http-equiv="Content-Type" content="text/html"> <meta name="description" content="NTP Symmetric Key"> <meta name="generator" content="makeinfo 4.7"> <link title="Top" rel="top" href="#Top"> <link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage"> <meta http-equiv="Content-Style-Type" content="text/css"> <style type="text/css"><!-- pre.display { font-family:inherit } pre.format { font-family:inherit } pre.smalldisplay { font-family:inherit; font-size:smaller } pre.smallformat { font-family:inherit; font-size:smaller } pre.smallexample { font-size:smaller } pre.smalllisp { font-size:smaller } span.sc { font-variant:small-caps } span.roman { font-family: serif; font-weight: normal; } --></style> </head> <body> <h1 class="settitle">NTP Symmetric Key</h1> <div class="node"> <p><hr> <a name="Top"></a>Next: <a rel="next" accesskey="n" href="#ntp_002ekeys-Description">ntp.keys Description</a>, Previous: <a rel="previous" accesskey="p" href="#dir">(dir)</a>, Up: <a rel="up" accesskey="u" href="#dir">(dir)</a> <br> </div> <h2 class="unnumbered">NTP's Symmetric Key File User Manual</h2> <p>This document describes the symmetric key file for the NTP Project's <code>ntpd</code> program. <p>This document applies to version 4.2.8p10 of <code>ntp.keys</code>. <div class="shortcontents"> <h2>Short Contents</h2> <ul> <a href="#Top">NTP's Symmetric Key File User Manual</a> </ul> </div> <ul class="menu"> <li><a accesskey="1" href="#ntp_002ekeys-Description">ntp.keys Description</a> <li><a accesskey="2" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> </ul> <div class="node"> <p><hr> <a name="ntp_002ekeys-Description"></a>Previous: <a rel="previous" accesskey="p" href="#Top">Top</a>, Up: <a rel="up" accesskey="u" href="#Top">Top</a> <br> </div> <!-- node-name, next, previous, up --> <h3 class="section">Description</h3> <p>The name and location of the symmetric key file for <code>ntpd</code> can be specified in a configuration file, by default <code>/etc/ntp.keys</code>. <div class="node"> <p><hr> <a name="ntp_002ekeys-Notes"></a> <br> </div> <h3 class="section">Notes about ntp.keys</h3> <p><a name="index-ntp_002ekeys-1"></a><a name="index-NTP-symmetric-key-file-format-2"></a> <p>This document describes the format of an NTP symmetric key file. For a description of the use of this type of file, see the "Authentication Support" section of the <code>ntp.conf(5)</code> page. <p><code>ntpd(8)</code> reads its keys from a file specified using the <code>-k</code> command line option or the <code>keys</code> statement in the configuration file. While key number 0 is fixed by the NTP standard (as 56 zero bits) and may not be changed, one or more keys numbered between 1 and 65534 may be arbitrarily set in the keys file. <p>The key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form <pre class="example"> <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd> </pre> <p>where <kbd>keyno</kbd> is a positive integer (between 1 and 65534), <kbd>type</kbd> is the message digest algorithm, and <kbd>key</kbd> is the key itself, and <kbd>opt_IP_list</kbd> is an optional comma-separated list of IPs that are allowed to serve time. If <kbd>opt_IP_list</kbd> is empty, any properly-authenticated server message will be accepted. <p>The <kbd>key</kbd> may be given in a format controlled by the <kbd>type</kbd> field. The <kbd>type</kbd> <code>MD5</code> is always supported. If <code>ntpd</code> was built with the OpenSSL library then any digest library supported by that library may be specified. However, if compliance with FIPS 140-2 is required the <kbd>type</kbd> must be either <code>SHA</code> or <code>SHA1</code>. <p>What follows are some key types, and corresponding formats: <dl> <dt><code>MD5</code><dd>The key is 1 to 16 printable characters terminated by an EOL, whitespace, or a <code>#</code> (which is the "start of comment" character). <br><dt><code>SHA</code><br><dt><code>SHA1</code><br><dt><code>RMD160</code><dd>The key is a hex-encoded ASCII string of 40 characters, which is truncated as necessary. </dl> <p>Note that the keys used by the <code>ntpq(8)</code> and <code>ntpdc(8)</code> programs are checked against passwords requested by the programs and entered by hand, so it is generally appropriate to specify these keys in ASCII format. <p>This section was generated by <strong>AutoGen</strong>, using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.keys</code> program. This software is released under the NTP license, <http://ntp.org/license>. <ul class="menu"> <li><a accesskey="1" href="#ntp_002ekeys-Files">ntp.keys Files</a>: Files <li><a accesskey="2" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>: See Also <li><a accesskey="3" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>: Notes </ul> <div class="node"> <p><hr> <a name="ntp_002ekeys-Files"></a>Next: <a rel="next" accesskey="n" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>, Up: <a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> <br> </div> <h4 class="subsection">ntp.keys Files</h4> <dl> <dt><span class="file">/etc/ntp.keys</span><dd>the default name of the configuration file </dl> <div class="node"> <p><hr> <a name="ntp_002ekeys-See-Also"></a>Next: <a rel="next" accesskey="n" href="#ntp_002ekeys-Notes">ntp.keys Notes</a>, Previous: <a rel="previous" accesskey="p" href="#ntp_002ekeys-Files">ntp.keys Files</a>, Up: <a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> <br> </div> <h4 class="subsection">ntp.keys See Also</h4> <p><code>ntp.conf(5)</code>, <code>ntpd(1ntpdmdoc)</code>, <code>ntpdate(1ntpdatemdoc)</code>, <code>ntpdc(1ntpdcmdoc)</code>, <code>sntp(1sntpmdoc)</code> <div class="node"> <p><hr> <a name="ntp_002ekeys-Notes"></a>Previous: <a rel="previous" accesskey="p" href="#ntp_002ekeys-See-Also">ntp.keys See Also</a>, Up: <a rel="up" accesskey="u" href="#ntp_002ekeys-Notes">ntp.keys Notes</a> <br> </div> <h4 class="subsection">ntp.keys Notes</h4> <p>This document was derived from FreeBSD. </body></html>