Provided by: ntp_4.2.8p12+dfsg-3ubuntu4.20.04.1_amd64 bug

NAME

     ntp.keys — NTP symmetric key file format

NAME

     ntp.keys — NTP symmetric key file format

SYNOPSIS

     ntp.keys [--option-name] [--option-name value]

              All arguments must be options.

DESCRIPTION

     This document describes the format of an NTP symmetric key file.  For a description of the
     use of this type of file, see the "Authentication Support" section of the ntp.conf(5) page.

     ntpd(8) reads its keys from a file specified using the -k command line option or the keys
     statement in the configuration file.  While key number 0 is fixed by the NTP standard (as 56
     zero bits) and may not be changed, one or more keys numbered between 1 and 65535 may be
     arbitrarily set in the keys file.

     The key file uses the same comment conventions as the configuration file.  Key entries use a
     fixed format of the form

           keyno type key opt_IP_list

     where keyno is a positive integer (between 1 and 65535), type is the message digest
     algorithm, key is the key itself, and opt_IP_list is an optional comma-separated list of IPs
     where the keyno should be trusted.  that are allowed to serve time.  Each IP in opt_IP_list
     may contain an optional /subnetbits specification which identifies the number of bits for
     the desired subnet of trust.  If opt_IP_list is empty, any properly-authenticated message
     will be accepted.

     The key may be given in a format controlled by the type field.  The type MD5 is always
     supported.  If ntpd was built with the OpenSSL library then any digest library supported by
     that library may be specified.  However, if compliance with FIPS 140-2 is required the type
     must be either SHA or SHA1.

     What follows are some key types, and corresponding formats:

     MD5     The key is 1 to 16 printable characters terminated by an EOL, whitespace, or a #
             (which is the "start of comment" character).

     SHA
     SHA1
     RMD160  The key is a hex-encoded ASCII string of 40 characters, which is truncated as
             necessary.

     Note that the keys used by the ntpq(8) and ntpdc(8) programs are checked against passwords
     requested by the programs and entered by hand, so it is generally appropriate to specify
     these keys in ASCII format.

OPTIONS

     --help  Display usage information and exit.

     --more-help
             Pass the extended usage information through a pager.

     --version [{v|c|n}]
             Output version of program and exit.  The default mode is `v', a simple version.  The
             `c' mode will print copyright information and `n' will print the full copyright
             notice.

OPTION PRESETS

     Any option that is not marked as not presettable may be preset by loading values from
     environment variables named:
       NTP_KEYS_<option-name> or NTP_KEYS

ENVIRONMENT

     See OPTION PRESETS for configuration environment variables.

FILES

     /etc/ntp.keys  the default name of the configuration file

EXIT STATUS

     One of the following exit values will be returned:

     0  (EXIT_SUCCESS)
             Successful program execution.

     1  (EXIT_FAILURE)
             The operation failed or the command syntax was not valid.

     70  (EX_SOFTWARE)
             libopts had an internal operational error.  Please report it to
             autogen-users@lists.sourceforge.net.  Thank you.

SEE ALSO

     ntp.conf(5), ntpd(8), ntpdate(8), ntpdc(1), sntp(1)

AUTHORS

     The University of Delaware and Network Time Foundation

COPYRIGHT

     Copyright (C) 1992-2017 The University of Delaware and Network Time Foundation all rights
     reserved.  This program is released under the terms of the NTP license,
     <http://ntp.org/license>.

BUGS

     Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org

NOTES

     This document was derived from FreeBSD.

     This manual page was AutoGen-erated from the ntp.keys option definitions.