Next: ntp.keys Description, Previous: (dir), Up: (dir)
This document describes the symmetric key file for the NTP Project’s
ntpd program.
This document applies to version 4.2.8p17 of ntp.keys.
| • ntp.keys Description | ||
| • ntp.keys Notes |
The name and location of the symmetric key file for ntpd can
be specified in a configuration file, by default /etc/ntp.keys.
| • Notes about ntp.keys |
Previous: ntp.keys See Also, Up: ntp.keys Description
This document describes the format of an NTP symmetric key file.
For a description of the use of this type of file, see the
"Authentication Support"
section of the
ntp.conf(5)
page.
ntpd(8)
reads its keys from a file specified using the
-k
command line option or the
keys
statement in the configuration file.
While key number 0 is fixed by the NTP standard
(as 56 zero bits)
and may not be changed,
one or more keys numbered between 1 and 65535
may be arbitrarily set in the keys file.
The key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form
keyno type key opt_IP_list
where
keyno
is a positive integer (between 1 and 65535),
type
is the message digest algorithm,
key
is the key itself, and
opt_IP_list
is an optional comma-separated list of IPs
where the
keyno
should be trusted.
that are allowed to serve time.
Each IP in
opt_IP_list
may contain an optional
/subnetbits
specification which identifies the number of bits for
the desired subnet of trust.
If
opt_IP_list
is empty,
any properly-authenticated message will be
accepted.
The
key
may be given in a format
controlled by the
type
field.
The
type
MD5
is always supported.
If
ntpd
was built with the OpenSSL library
then any digest library supported by that library may be specified.
However, if compliance with FIPS 140-2 is required the
type
must be either
SHA
or
SHA1.
What follows are some key types, and corresponding formats:
MD5The key is 1 to 16 printable characters terminated by
an EOL,
whitespace,
or
a
#
(which is the "start of comment" character).
SHASHA1RMD160The key is a hex-encoded ASCII string of 40 characters, which is truncated as necessary.
Note that the keys used by the
ntpq(8)
and
ntpdc(8)
programs are checked against passwords
requested by the programs and entered by hand,
so it is generally appropriate to specify these keys in ASCII format.
This section was generated by AutoGen,
using the agtexi-cmd template and the option descriptions for the ntp.keys program.
This software is released under the NTP license, <http://ntp.org/license>.
| • ntp.keys Files | Files | |
| • ntp.keys See Also | See Also | |
| • ntp.keys Notes | Notes |
Next: ntp.keys See Also, Up: ntp.keys Notes
the default name of the configuration file
Previous: ntp.keys Files, Up: ntp.keys Notes
ntp.conf(5),
ntpd(1ntpdmdoc),
ntpdate(1ntpdatemdoc),
ntpdc(1ntpdcmdoc),
sntp(1sntpmdoc)
This document was derived from FreeBSD.