diff options
Diffstat (limited to 'contrib/ntp/ntpd/invoke-ntp.keys.texi')
-rw-r--r-- | contrib/ntp/ntpd/invoke-ntp.keys.texi | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/contrib/ntp/ntpd/invoke-ntp.keys.texi b/contrib/ntp/ntpd/invoke-ntp.keys.texi new file mode 100644 index 0000000..622c4ff --- /dev/null +++ b/contrib/ntp/ntpd/invoke-ntp.keys.texi @@ -0,0 +1,125 @@ +@node ntp.keys Notes +@section Notes about ntp.keys +@pindex ntp.keys +@cindex NTP symmetric key file format +@ignore +# +# EDIT THIS FILE WITH CAUTION (invoke-ntp.keys.texi) +# +# It has been AutoGen-ed June 29, 2015 at 04:30:31 PM by AutoGen 5.18.5 +# From the definitions ntp.keys.def +# and the template file agtexi-file.tpl +@end ignore + + + +This document describes the format of an NTP symmetric key file. +For a description of the use of this type of file, see the +"Authentication Support" +section of the +@code{ntp.conf(5)} +page. + +@code{ntpd(8)} +reads its keys from a file specified using the +@code{-k} +command line option or the +@code{keys} +statement in the configuration file. +While key number 0 is fixed by the NTP standard +(as 56 zero bits) +and may not be changed, +one or more keys numbered between 1 and 65534 +may be arbitrarily set in the keys file. + +The key file uses the same comment conventions +as the configuration file. +Key entries use a fixed format of the form + +@example +@kbd{keyno} @kbd{type} @kbd{key} +@end example + +where +@kbd{keyno} +is a positive integer (between 1 and 65534), +@kbd{type} +is the message digest algorithm, +and +@kbd{key} +is the key itself. + +The +@kbd{key} +may be given in a format +controlled by the +@kbd{type} +field. +The +@kbd{type} +@code{MD5} +is always supported. +If +@code{ntpd} +was built with the OpenSSL library +then any digest library supported by that library may be specified. +However, if compliance with FIPS 140-2 is required the +@kbd{type} +must be either +@code{SHA} +or +@code{SHA1}. + +What follows are some key types, and corresponding formats: + +@table @asis +@item @code{MD5} +The key is 1 to 16 printable characters terminated by +an EOL, +whitespace, +or +a +@code{#} +(which is the "start of comment" character). + +@item @code{SHA} +@item @code{SHA1} +@item @code{RMD160} +The key is a hex-encoded ASCII string of 40 characters, +which is truncated as necessary. +@end table + +Note that the keys used by the +@code{ntpq(8)} +and +@code{ntpdc(8)} +programs are checked against passwords +requested by the programs and entered by hand, +so it is generally appropriate to specify these keys in ASCII format. + +This section was generated by @strong{AutoGen}, +using the @code{agtexi-cmd} template and the option descriptions for the @code{ntp.keys} program. +This software is released under the NTP license, <http://ntp.org/license>. + +@menu +* ntp.keys Files:: Files +* ntp.keys See Also:: See Also +* ntp.keys Notes:: Notes +@end menu + +@node ntp.keys Files +@subsection ntp.keys Files +@table @asis +@item @file{/etc/ntp.keys} +the default name of the configuration file +@end table +@node ntp.keys See Also +@subsection ntp.keys See Also +@code{ntp.conf(5)}, +@code{ntpd(1ntpdmdoc)}, +@code{ntpdate(1ntpdatemdoc)}, +@code{ntpdc(1ntpdcmdoc)}, +@code{sntp(1sntpmdoc)} +@node ntp.keys Notes +@subsection ntp.keys Notes +This document was derived from FreeBSD. |