Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

ntp.keys(5) [v7 man page]

ntp.keys(5)							   File Formats 						       ntp.keys(5)

NAME
ntp.keys - NTP symmetric key file format configuration file SYNOPSIS
[--option-name] [--option-name value] All arguments must be options. DESCRIPTION
This document describes the format of an NTP symmetric key file. For a description of the use of this type of file, see the "Authentica- tion Support" section of the ntp.conf(5) page. ntpd(8) reads its keys from a file specified using the -k command line option or the keys statement in the configuration file. While key number 0 is fixed by the NTP standard (as 56 zero bits) and may not be changed, one or more keys numbered between 1 and 65535 may be arbi- trarily set in the keys file. The key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form keyno type key opt_IP_list where keyno is a positive integer (between 1 and 65535), type is the message digest algorithm, key is the key itself, and opt_IP_list is an optional comma-separated list of IPs where the keyno should be trusted. that are allowed to serve time. Each IP in opt_IP_list may con- tain an optional /subnetbits specification which identifies the number of bits for the desired subnet of trust. If opt_IP_list is empty, any properly-authenticated message will be accepted. The key may be given in a format controlled by the type field. The type MD5 is always supported. If ntpd was built with the OpenSSL library then any digest library supported by that library may be specified. However, if compliance with FIPS 140-2 is required the type must be either SHA or SHA1. What follows are some key types, and corresponding formats: MD5 The key is 1 to 16 printable characters terminated by an EOL, whitespace, or a # (which is the "start of comment" character). SHA SHA1 RMD160 The key is a hex-encoded ASCII string of 40 characters, which is truncated as necessary. Note that the keys used by the ntpq(8) and ntpdc(8) programs are checked against passwords requested by the programs and entered by hand, so it is generally appropriate to specify these keys in ASCII format. FILES
/etc/ntp.keys the default name of the configuration file SEE ALSO
ntp.conf(5), ntpd(1), ntpdate(1), ntpdc(1), sntp(1) AUTHORS
The University of Delaware and Network Time Foundation COPYRIGHT
Copyright (C) 1992-2017 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, <http://ntp.org/license>. BUGS
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org NOTES
This document was derived from FreeBSD. This manual page was AutoGen-erated from the ntp.keys option definitions. 4.2.8p13 20 Feb 2019 ntp.keys(5)

Check Out this Related Man Page

ntp.keys(5)							   File Formats 						       ntp.keys(5)

NAME
ntp.keys - NTP symmetric key file format configuration file SYNOPSIS
[--option-name] [--option-name value] All arguments must be options. DESCRIPTION
This document describes the format of an NTP symmetric key file. For a description of the use of this type of file, see the "Authentica- tion Support" section of the ntp.conf(5) page. ntpd(8) reads its keys from a file specified using the -k command line option or the keys statement in the configuration file. While key number 0 is fixed by the NTP standard (as 56 zero bits) and may not be changed, one or more keys numbered between 1 and 65535 may be arbi- trarily set in the keys file. The key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form keyno type key opt_IP_list where keyno is a positive integer (between 1 and 65535), type is the message digest algorithm, key is the key itself, and opt_IP_list is an optional comma-separated list of IPs where the keyno should be trusted. that are allowed to serve time. Each IP in opt_IP_list may con- tain an optional /subnetbits specification which identifies the number of bits for the desired subnet of trust. If opt_IP_list is empty, any properly-authenticated message will be accepted. The key may be given in a format controlled by the type field. The type MD5 is always supported. If ntpd was built with the OpenSSL library then any digest library supported by that library may be specified. However, if compliance with FIPS 140-2 is required the type must be either SHA or SHA1. What follows are some key types, and corresponding formats: MD5 The key is 1 to 16 printable characters terminated by an EOL, whitespace, or a # (which is the "start of comment" character). SHA SHA1 RMD160 The key is a hex-encoded ASCII string of 40 characters, which is truncated as necessary. Note that the keys used by the ntpq(8) and ntpdc(8) programs are checked against passwords requested by the programs and entered by hand, so it is generally appropriate to specify these keys in ASCII format. FILES
/etc/ntp.keys the default name of the configuration file SEE ALSO
ntp.conf(5), ntpd(1), ntpdate(1), ntpdc(1), sntp(1) AUTHORS
The University of Delaware and Network Time Foundation COPYRIGHT
Copyright (C) 1992-2017 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, <http://ntp.org/license>. BUGS
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org NOTES
This document was derived from FreeBSD. This manual page was AutoGen-erated from the ntp.keys option definitions. 4.2.8p13 20 Feb 2019 ntp.keys(5)
Man Page