ntp.keys(4) [osf1 man page]
ntp.keys(4) Kernel Interfaces Manual ntp.keys(4) NAME
ntp.keys - Network Time Protocol (NTP) authentication key file DESCRIPTION
The NTP standard specifies an extension to allow verification of the authenticity of received NTP packets and to provide an indication of authenticity in outgoing packets. This is implemented in xntpd using the MD5 algorithm to compute the message-digest. The specification allows any one of possibly 4 billion keys, numbered with 32-bit key identifiers, to be used to authenticate an association. The servers involved in an association must agree on the key and key identifier used to authenticate their data, though they must each learn the key and key identifier independently. In MD5, the keys are 64 bits (8 bytes). The xntpd daemon reads its keys from a file specified using the -k command line option, or the keys statement in the configuration file. While key number 0 is fixed by the NTP standard (as 56 zero bits) and may not be changed, one or more of the keys numbered 1 through 15 may be arbitrarily set in the keys file. One of the keys may be chosen, by way of the configuration file requestkey statement, to authenticate run time configuration requests made using the xntpdc(8) program. The latter program obtains the key from the terminal as a password, so it is generally appropriate to specify the key chosen to be used for this purpose in ASCII format. The NTP key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form: keyno type key In this format: Is a positive integer. Is a single character that defines the format the key is given in. This is always M, representing Message Digest (MD5) on Tru64 UNIX systems. Is the key itself. The MD5 algorithm key is a 1-to-8 character ASCII string. Because of the simple tokenizing routine, you cannot use the following characters in an ASCII key: " " (space), "#" (number sign), "", "0, and " ". Note that both the keys and the authentication scheme (MD5) must be identical between a set of peers sharing the same key number. EXAMPLES
The following sample key file shows two defined NTP keys: 2 M RIrop8KPPvQvYotM # MD5 key as a random ASCII string 14 M sundial # MD5 key as an ASCII string FILES
Conventional name of the key file RELATED INFORMATION
Commands: ntpdate(8), ntpq(8), xntpd(8), xntpdc(8) Files: ntp.conf(4) Network Administration delim off ntp.keys(4)
Check Out this Related Man Page
xntpd(8) System Manager's Manual xntpd(8) NAME
xntpd - Network Time Protocol (NTP) daemon SYNOPSIS
/usr/sbin/xntpd [-abdgmx] [-c conffile] [-e auth_delay] [-f driftfile] [-k keyfile] [-l logfile] [-p pidfile] [-r broaddelay] [-s statdir] [-t trustedkey] [-v sysvar] [-V def_sysvar] OPTIONS
Runs in authenticate mode. Listens for broadcast NTP and synchronizes to this if available. Specify debugging mode. This option may occur multiple times, with each occurence indicating greater detail of display. Allows xntpd to correct any time difference, including differ- ences greater than 1000 seconds. Listens for multicast messages and synchronizes to them if available (requires multicast kernel). Pre- vents xntpd from setting the system time backward. In NTP version 3, the default allows xntpd to set the system time backward. Specifies an alternate configuration file. Specifies the time (in seconds) it takes to compute the NTP encryption field on this computer. Specifies the location of the drift file. Specifies the location of the file which contains the NTP authentication keys. See ntp.keys(4) for infor- mation on the authentication key file format. Specifies a log file instead of logging to syslog. Specifies the name of the file to record the daemon's process id. Specifies the default round trip delay (in seconds) to be used if the daemon cannot automatically compensate for network delay when synchronizing to broadcasts. Specifies the directory in which to create statistics files. Adds a key number to the trusted key list. Adds a system variable. Adds a system variable listed by default. DESCRIPTION
The xntpd daemon maintains a system's time-of-day in agreement with Internet standard time servers. The xntpd daemon is a complete imple- mentation of the Network Time Protocol (NTP) version 3 standard as defined by RFC 1305, but also retains compatibility with version 1 and version 2 servers as defined by RFC 1059 and RFC 1119, respectively. The xntpd daemon does all computations in fixed point arithmetic and requires no floating point code. The computations done in the proto- col and clock adjustment code are carried out with high precision and with attention to the details that might introduce systematic bias into the computations, to try to maintain an accuracy suitable for synchronizing with even the most precise external time source. The xntpd daemon reads its configuration from a file at startup time. The default configuration file is /etc/ntp.conf. The xntpd daemon can be monitored and configuration options altered while the daemon is running by using either the ntpq(8) or the xntpdc(8) program. The xntpd daemon includes support for several commercially available external reference clocks. See ntp.conf(4) for information on the use and configuration of reference clocks. The Tru64 UNIX operating system also provides the NTP_TIME and MICRO_TIME kernel options to allow greater accuracy and time resolution. See ntp_intro(7) and Network Administration for more information. FILES
Default name of the configuration file Conventional name of the drift file Conventional name of the key file SEE ALSO
Commands: ntp(1), ntpdate(8), ntpq(8), xntpdc(8) Files: ntp.conf(4), ntp.keys(4) Network Administration HISTORY
Written by Dennis Ferguson at the University of Toronto. Text amended by David Mills at the University of Delaware. xntpd(8)