ntp.keys manpage

Search topic Section

ntp.keys(5)			 File Formats			   ntp.keys(5)

       ntp.keys - NTP symmetric key file format configuration file

	[--option-name] [--option-name value]

       All arguments must be options.

       This document describes the format of an NTP symmetric key file.	 For a
       description of the use of this type of file,  see  the  "Authentication
       Support" section of the ntp.conf(5) page.

       ntpd(8)	reads its keys from a file specified using the -k command line
       option or the keys statement in the configuration file.	While key num-
       ber  0  is  fixed  by the NTP standard (as 56 zero bits) and may not be
       changed, one or more keys numbered between 1 and 65535 may be arbitrar-
       ily set in the keys file.

       The  key	 file  uses  the same comment conventions as the configuration
       file.  Key entries use a fixed format of the form

	   keyno type key opt_IP_list

       where keyno is a positive integer (between 1 and 65535),	 type  is  the
       message	digest algorithm, key is the key itself, and opt_IP_list is an
       optional comma-separated list of IPs where the keyno should be trusted.
       that  are allowed to serve time.	 Each IP in opt_IP_list may contain an
       optional /subnetbits specification which identifies the number of  bits
       for  the	 desired  subnet of trust.  If opt_IP_list is empty, any prop-
       erly-authenticated message will be accepted.

       The key may be given in a format controlled by  the  type  field.   The
       type  MD5  is  always  supported.   If  ntpd was built with the OpenSSL
       library then any digest library supported by that library may be speci-
       fied.  However, if compliance with FIPS 140-2 is required the type must
       be either SHA or SHA1.

       What follows are some key types, and corresponding formats:

       MD5    The key is 1 to 16 printable characters terminated  by  an  EOL,
	      whitespace, or a # (which is the "start of comment" character).

       RMD160 The key is a hex-encoded ASCII string of 40 characters, which is
	      truncated as necessary.

       Note that the keys used	by  the	 ntpq(8)  and  ntpdc(8)	 programs  are
       checked	against	 passwords  requested  by  the programs and entered by
       hand, so it is generally appropriate to specify	these  keys  in	 ASCII

       /etc/ntp.keys the default name of the configuration file

       ntp.conf(5), ntpd(8), ntpdate(8), ntpdc(8), sntp(8)

       The University of Delaware and Network Time Foundation

       Copyright  (C)  1992-2017  The  University of Delaware and Network Time
       Foundation all rights reserved.	This program  is  released  under  the
       terms of the NTP license, <http://ntp.org/license>.

       Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org

       This document was derived from FreeBSD.

       This  manual  page  was AutoGen-erated from the ntp.keys option defini-

4.2.8p12			  14 Aug 2018			   ntp.keys(5)