Content-type: text/html Man page of ntp.keys

ntp.keys

Section: Devices and Network Interfaces (4)
Index Return to Main Contents

 

NAME

ntp.keys - Network Time Protocol (NTP) authentication key file  

DESCRIPTION

The NTP standard specifies an extension to allow verification of the authenticity of received NTP packets and to provide an indication of authenticity in outgoing packets. This is implemented in xntpd using the MD5 algorithm to compute the message-digest. The specification allows any one of possibly 4 billion keys, numbered with 32-bit key identifiers, to be used to authenticate an association. The servers involved in an association must agree on the key and key identifier used to authenticate their data, though they must each learn the key and key identifier independently. In MD5, the keys are 64 bits (8 bytes). The xntpd daemon reads its keys from a file specified using the -k command line option, or the keys statement in the configuration file. While key number 0 is fixed by the NTP standard (as 56 zero bits) and may not be changed, one or more of the keys numbered 1 through 15 may be arbitrarily set in the keys file.

One of the keys may be chosen, by way of the configuration file requestkey statement, to authenticate run time configuration requests made using the xntpdc(8) program. The latter program obtains the key from the terminal as a password, so it is generally appropriate to specify the key chosen to be used for this purpose in ASCII format.

The NTP key file uses the same comment conventions as the configuration file. Key entries use a fixed format of the form: keyno type key

In this format: Is a positive integer. Is a single character that defines the format the key is given in. This is always M, representing Message Digest (MD5) on Tru64 UNIX systems. Is the key itself. The MD5 algorithm key is a 1-to-8 character ASCII string. Because of the simple tokenizing routine, you cannot use the following characters in an ASCII key: " " (space), "#" (number sign), " ", ", and " ". Note that both the keys and the authentication scheme (MD5) must be identical between a set of peers sharing the same key number.  

EXAMPLES

The following sample key file shows two defined NTP keys: 2 M RIrop8KPPvQvYotM # MD5 key as a random ASCII string 14 M sundial # MD5 key as an ASCII string  

FILES

Conventional name of the key file  

RELATED INFORMATION

Commands: ntpdate(8), ntpq(8), xntpd(8), xntpdc(8)

Files: ntp.conf(4)

Network Administration delim off


 

Index

NAME
DESCRIPTION
EXAMPLES
FILES
RELATED INFORMATION

This document was created by man2html, using the manual pages.
Time: 02:40:06 GMT, October 02, 2010