unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (OSF1-V5.1-alpha)
Page:
Section:
Apropos / Subsearch:
optional field



ntp.keys(4)							  ntp.keys(4)



NAME

  ntp.keys - Network Time Protocol (NTP) authentication	key file

DESCRIPTION

  The NTP standard specifies an	extension to allow verification	of the
  authenticity of received NTP packets and to provide an indication of
  authenticity in outgoing packets.  This is implemented in xntpd using	the
  MD5 algorithm	to compute the message-digest.	The specification allows any
  one of possibly 4 billion keys, numbered with	32-bit key identifiers,	to be
  used to authenticate an association.	The servers involved in	an associa-
  tion must agree on the key and key identifier	used to	authenticate their
  data,	though they must each learn the	key and	key identifier independently.
  In MD5, the keys are 64 bits (8 bytes).  The xntpd daemon reads its keys
  from a file specified	using the -k command line option, or the keys state-
  ment in the configuration file.  While key number 0 is fixed by the NTP
  standard (as 56 zero bits) and may not be changed, one or more of the	keys
  numbered 1 through 15	may be arbitrarily set in the keys file.

  One of the keys may be chosen, by way	of the configuration file requestkey
  statement, to	authenticate run time configuration requests made using	the
  xntpdc(8) program.  The latter program obtains the key from the terminal as
  a password, so it is generally appropriate to	specify	the key	chosen to be
  used for this	purpose	in ASCII format.

  The NTP key file uses	the same comment conventions as	the configuration
  file.	 Key entries use a fixed format	of the form:

  keyno	type key

  In this format:

  keyno
      Is a positive integer.

  type
      Is a single character that defines the format the	key is given in.
      This is always M,	representing Message Digest (MD5) on Tru64 UNIX	sys-
      tems.

  key Is the key itself.  The MD5 algorithm key	is a 1-to-8 character ASCII
      string.  Because of the simple tokenizing	routine, you cannot use	the
      following	characters in an ASCII key: " "	(space), "#" (number sign),
      "", "0, and " ".	Note that both the keys	and the	authentication scheme
      (MD5) must be identical between a	set of peers sharing the same key
      number.

EXAMPLES

  The following	sample key file	shows two defined NTP keys:


       2   M   RIrop8KPPvQvYotM	  # MD5	key as a random	ASCII string
       14  M   sundial		  # MD5	key as an ASCII	string




FILES

  /etc/ntp.keys
	    Conventional name of the key file

RELATED	INFORMATION

  Commands: ntpdate(8),	ntpq(8), xntpd(8), xntpdc(8)

  Files: ntp.conf(4)

  Network Administration: Services