summaryrefslogtreecommitdiffstats
path: root/util/ntp-keygen-opts.def
diff options
context:
space:
mode:
Diffstat (limited to 'util/ntp-keygen-opts.def')
-rw-r--r--util/ntp-keygen-opts.def99
1 files changed, 53 insertions, 46 deletions
diff --git a/util/ntp-keygen-opts.def b/util/ntp-keygen-opts.def
index 1e5d988..61cf272 100644
--- a/util/ntp-keygen-opts.def
+++ b/util/ntp-keygen-opts.def
@@ -16,191 +16,198 @@ include = '#include <stdlib.h>';
#include version.def
flag = {
- name = certificate;
value = c;
+ name = certificate;
arg-type = string;
arg-name = scheme;
ifdef = OPENSSL;
descrip = "certificate scheme";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ scheme is one of
+ RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160,
+ DSA-SHA, or DSA-SHA1.
+
+ Select the certificate message digest/signature encryption scheme.
+ Note that RSA schemes must be used with a RSA sign key and DSA
+ schemes must be used with a DSA sign key. The default without
+ this option is RSA-MD5.
_EndOfDoc_;
};
#include debug-opt.def
flag = {
- name = id-key;
value = e;
+ name = id-key;
ifdef = OPENSSL;
- descrip = "Write identity keys";
+ descrip = "Write IFF or GQ identity keys";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Write the IFF or GQ client keys to the standard output. This is
+ intended for automatic key distribution by mail.
_EndOfDoc_;
};
flag = {
- name = gq-params;
value = G;
+ name = gq-params;
ifdef = OPENSSL;
descrip = "Generate GQ parameters and keys";
doc = <<- _EndOfDoc_
- Just some descriptive text.
- _EndOfDoc_;
-};
-
-flag = {
- name = gq-keys;
- value = g;
- ifdef = OPENSSL;
- descrip = "update GQ keys";
- doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Generate parameters and keys for the GQ identification scheme,
+ obsoleting any that may exist.
_EndOfDoc_;
};
flag = {
- name = host-key;
value = H;
+ name = host-key;
ifdef = OPENSSL;
descrip = "generate RSA host key";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Generate new host keys, obsoleting any that may exist.
_EndOfDoc_;
};
flag = {
- name = iffkey;
value = I;
+ name = iffkey;
ifdef = OPENSSL;
descrip = "generate IFF parameters";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Generate parameters for the IFF identification scheme, obsoleting
+ any that may exist.
_EndOfDoc_;
};
flag = {
- name = issuer-name;
value = i;
+ name = issuer-name;
ifdef = OPENSSL;
+ arg-type = string;
+ arg-name = issuer-name;
descrip = "set issuer name";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Set the suject name to name. This is used as the subject field
+ in certificates and in the file name for host and sign keys.
_EndOfDoc_;
};
flag = {
- name = md5key;
value = M;
+ name = md5key;
descrip = "generate MD5 keys";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Generate MD5 keys, obsoleting any that may exist.
_EndOfDoc_;
};
flag = {
- name = modulus;
value = m;
+ name = modulus;
arg-type = number;
arg-name = modulus;
arg-range = '256->2048';
ifdef = OPENSSL;
descrip = "modulus";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ The number of bits in the prime modulus. The default is 512.
_EndOfDoc_;
};
flag = {
- name = pvt-cert;
value = P;
+ name = pvt-cert;
ifdef = OPENSSL;
descrip = "generate PC private certificate";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Generate a private certificate. By default, the program generates
+ public certificates.
_EndOfDoc_;
};
flag = {
- name = pvt-passwd;
value = p;
+ name = pvt-passwd;
ifdef = OPENSSL;
arg-type = string;
arg-name = passwd;
descrip = "output private password";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Encrypt generated files containing private data with the specified
+ password and the DES-CBC algorithm.
_EndOfDoc_;
};
flag = {
- name = get-pvt-passwd;
value = q;
+ name = get-pvt-passwd;
ifdef = OPENSSL;
arg-type = string;
arg-name = passwd;
descrip = "input private password";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Set the password for reading files to the specified password.
_EndOfDoc_;
};
flag = {
- name = sign-key;
value = S;
+ name = sign-key;
arg-type = string;
arg-name = sign;
ifdef = OPENSSL;
descrip = "generate sign key (RSA or DSA)";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Generate a new sign key of the designated type, obsoleting any
+ that may exist. By default, the program uses the host key as the
+ sign key.
_EndOfDoc_;
};
flag = {
- name = subject-name;
value = s;
+ name = subject-name;
arg-type = string;
arg-name = host;
ifdef = OPENSSL;
descrip = "set subject name";
doc = <<- _EndOfDoc_
- Just some descriptive text.
- _EndOfDoc_;
+ Set the issuer name to name. This is used for the issuer field
+ in certificates and in the file name for identity files.
+ _EndOfDoc_;
};
flag = {
- name = trusted-cert;
value = T;
+ name = trusted-cert;
ifdef = OPENSSL;
descrip = "trusted certificate (TC scheme)";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Generate a trusted certificate. By default, the program generates
+ a non-trusted certificate.
_EndOfDoc_;
};
flag = {
- name = mv-params;
value = V;
+ name = mv-params;
arg-type = number;
arg-name = num;
ifdef = OPENSSL;
descrip = "generate <num> MV parameters";
doc = <<- _EndOfDoc_
- Just some descriptive text.
+ Generate parameters and keys for the Mu-Varadharajan (MV)
+ identification scheme.
_EndOfDoc_;
};
flag = {
- name = mv-keys;
value = v;
+ name = mv-keys;
arg-type = number;
arg-name = num;
ifdef = OPENSSL;
descrip = "update <num> MV keys";
- doc = <<- _EndOfDoc_
- Just some descriptive text.
- _EndOfDoc_;
};
detail = <<- _EODetail_
OpenPOWER on IntegriCloud