Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

ntp-keygen(8) [linux man page]

NTP-KEYGEN(8)						      System Manager's Manual						     NTP-KEYGEN(8)

NAME
ntp-keygen - generate public and private keys SYNOPSIS
ntp-keygen [ -deGgHIMnPT ] [ -c [RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ] ] [ -i name ] [ -p password ] [ -S [ RSA | DSA ] ] [ -s name ] [ -v nkeys ] DESCRIPTION
This program generates cryptographic data files used by the NTPv4 authentication and identification schemes. It generates MD5 key files used in symmetric key cryptography. In addition, if the OpenSSL software library has been installed, it generates keys, certificate and identity files used in public key cryptography. These files are used for cookie encryption, digital signature and challenge/response iden- tification algorithms compatible with the Internet standard security infrastructure. SEE ALSO
/usr/share/doc/ntp-doc/html/keygen.html for the full documentation. Network Time Protocol October 7, 2006 NTP-KEYGEN(8)

Check Out this Related Man Page

NTP-KEYGEN(1)							Programmer's Manual						     NTP-KEYGEN(1)

NAME
ntp-keygen - Create a NTP host key SYNOPSIS
ntp-keygen [-flag [value]]... [--opt-name [[=| ]value]]... All arguments must be options. DESCRIPTION
This manual page briefly documents the ntp-keygen command. If there is no new host key, look for an existing one. If one is not found, create it. OPTIONS
-c scheme, --certificate=scheme certificate scheme. scheme is one of RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160, DSA-SHA, or DSA-SHA1. Select the certificate message digest/signature encryption scheme. Note that RSA schemes must be used with a RSA sign key and DSA schemes must be used with a DSA sign key. The default without this option is RSA-MD5. -d, --debug-level Increase output debug message level. This option may appear an unlimited number of times. Increase the debugging message output level. -D string, --set-debug-level=string Set the output debug message level. This option may appear an unlimited number of times. Set the output debugging level. Can be supplied multiple times, but each overrides the previous value(s). -e, --id-key Write IFF or GQ identity keys. Write the IFF or GQ client keys to the standard output. This is intended for automatic key distribution by mail. -G, --gq-params Generate GQ parameters and keys. Generate parameters and keys for the GQ identification scheme, obsoleting any that may exist. -H, --host-key generate RSA host key. Generate new host keys, obsoleting any that may exist. -I, --iffkey generate IFF parameters. Generate parameters for the IFF identification scheme, obsoleting any that may exist. -i issuer-name, --issuer-name=issuer-name set issuer name. Set the suject name to name. This is used as the subject field in certificates and in the file name for host and sign keys. -M, --md5key generate MD5 keys. Generate MD5 keys, obsoleting any that may exist. -m modulus, --modulus=modulus modulus. This option takes an integer number as its argument. The value of modulus is constrained to being: in the range 256 through 2048 The number of bits in the prime modulus. The default is 512. -P, --pvt-cert generate PC private certificate. Generate a private certificate. By default, the program generates public certificates. -p passwd, --pvt-passwd=passwd output private password. Encrypt generated files containing private data with the specified password and the DES-CBC algorithm. -q passwd, --get-pvt-passwd=passwd input private password. Set the password for reading files to the specified password. -S sign, --sign-key=sign generate sign key (RSA or DSA). Generate a new sign key of the designated type, obsoleting any that may exist. By default, the program uses the host key as the sign key. -s host, --subject-name=host set subject name. Set the issuer name to name. This is used for the issuer field in certificates and in the file name for identity files. -T, --trusted-cert trusted certificate (TC scheme). Generate a trusted certificate. By default, the program generates a non-trusted certificate. -V num, --mv-params=num generate <num> MV parameters. This option takes an integer number as its argument. Generate parameters and keys for the Mu-Varadharajan (MV) identification scheme. -v num, --mv-keys=num update <num> MV keys. This option takes an integer number as its argument. This option has not been fully documented. -?, --help Display extended usage information and exit. -!, --more-help Extended usage information passed thru pager. -> [rcfile], --save-opts[=rcfile] Save the option state to rcfile. The default is the last configuration file listed in the OPTION PRESETS section, below. -< rcfile, --load-opts=rcfile, --no-load-opts Load options from rcfile. The no-load-opts form will disable the loading of earlier RC/INI files. --no-load-opts is handled early, out of order. - [{v|c|n}], --version[={v|c|n}] Output version of program and exit. The default mode is `v', a simple version. The `c' mode will print copyright information and `n' will print the full copyright notice. OPTION PRESETS
Any option that is not marked as not presettable may be preset by loading values from configuration ("RC" or ".INI") file(s) and values from environment variables named: NTP_KEYGEN_<option-name> or NTP_KEYGEN The environmental presets take precedence (are processed later than) the configuration files. The homerc files are "$HOME", and ".". If any of these are directories, then the file .ntprc is searched for within those directories. AUTHOR
David L. Mills and/or others Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org see html/copyright.html This manual page was AutoGen-erated from the ntp-keygen option definitions. (ntp 4.2.6) 2009-12-10 NTP-KEYGEN(1)
Man Page