NAME    [Toc]    [Back]

       ntp.keys  - Network Time Protocol (NTP) authentication key
       file

DESCRIPTION    [Toc]    [Back]

       The NTP standard specifies an extension to allow verification
  of  the  authenticity of received NTP packets and to
       provide an indication of authenticity in outgoing packets.
       This  is  implemented  in xntpd using the MD5 algorithm to
       compute the message-digest.  The specification allows  any
       one  of  possibly 4 billion keys, numbered with 32-bit key
       identifiers, to be used to  authenticate  an  association.
       The  servers  involved in an association must agree on the
       key and key identifier used to  authenticate  their  data,
       though  they  must  each  learn the key and key identifier
       independently.  In MD5, the keys are 64  bits  (8  bytes).
       The  xntpd  daemon  reads  its  keys from a file specified
       using the -k command line option, or the keys statement in
       the  configuration  file.   While key number 0 is fixed by
       the NTP standard (as 56 zero bits) and may not be changed,
       one or more of the keys numbered 1 through 15 may be arbitrarily
 set in the keys file.

       One of the keys may be chosen, by way of the configuration
       file  requestkey  statement, to authenticate run time configuration
 requests made using the xntpdc(8) program.  The
       latter  program  obtains  the  key  from the terminal as a
       password, so it is generally appropriate  to  specify  the
       key chosen to be used for this purpose in ASCII format.

       The  NTP key file uses the same comment conventions as the
       configuration file.  Key entries use a fixed format of the
       form: keyno type key

       In  this format: Is a positive integer.  Is a single character
 that defines the format the key is given  in.   This
       is  always  M,  representing Message Digest (MD5) on Tru64
       UNIX systems.  Is the key itself.  The MD5  algorithm  key
       is a 1-to-8 character ASCII string.  Because of the simple
       tokenizing routine, you cannot use the  following  characters
  in an ASCII key: " " (space), "#" (number sign), "",
       "0, and " ".  Note that both the keys and the  authentication
 scheme (MD5) must be identical between a set of peers
       sharing the same key number.

EXAMPLES    [Toc]    [Back]

       The following sample key file shows two defined NTP  keys:
       2    M    RIrop8KPPvQvYotM    #  MD5 key as a random ASCII
       string 14  M   sundial            # MD5 key  as  an  ASCII
       string

FILES    [Toc]    [Back]

       Conventional name of the key file

RELATED INFORMATION    [Toc]    [Back]

       Commands: ntpdate(8), ntpq(8), xntpd(8), xntpdc(8)

       Files: ntp.conf(4)

       Network Administration: Services delim off



                                                      ntp.keys(4)