NTP_KEYS(5) | File Formats Manual (file) | NTP_KEYS(5) |
ntp.keys
—
ntp.keys
—
ntp.keys |
[--option-name ]
[--option-name value]
All arguments must be options. |
ntpd(8) reads its keys
from a file specified using the -k
command line
option or the keys
statement in the configuration
file. While key number 0 is fixed by the NTP standard (as 56 zero bits) and
may not be changed, one or more keys numbered between 1 and 65535 may be
arbitrarily set in the keys file.
The key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form
where keyno is a positive integer (between 1
and 65535), type is the message digest algorithm,
key is the key itself, and
opt_IP_list is an optional comma-separated list of IPs
where the keyno should be trusted. that are allowed to
serve time. Each IP in opt_IP_list may contain an
optional /subnetbits
specification which identifies
the number of bits for the desired subnet of trust. If
opt_IP_list is empty, any properly-authenticated
message will be accepted.
The key may be given in a format controlled
by the type field. The type
MD5
is always supported. If
ntpd
was built with the OpenSSL library then any
digest library supported by that library may be specified. However, if
compliance with FIPS 140-2 is required the type must
be either SHA
or SHA1
.
What follows are some key types, and corresponding formats:
MD5
#
(which is the "start of comment"
character).
SHA
SHA1
RMD160
Note that the keys used by the ntpq(8) and ntpdc(8) programs are checked against passwords requested by the programs and entered by hand, so it is generally appropriate to specify these keys in ASCII format.
--help
--more-help
--version
[{v|c|n}]NTP_KEYS_<option-name> or NTP_KEYS
This manual page was AutoGen-erated from the ntp.keys option definitions.
August 14 2018 | SunOS 5.10 |