--- /dev/null
+<html lang="en">
+<head>
+<title>Ntp-keygen User's Manual</title>
+<meta http-equiv="Content-Type" content="text/html">
+<meta name="description" content="Ntp-keygen User's Manual">
+<meta name="generator" content="makeinfo 4.13">
+<link title="Top" rel="top" href="#Top">
+<link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage">
+<meta http-equiv="Content-Style-Type" content="text/css">
+<style type="text/css"><!--
+ pre.display { font-family:inherit }
+ pre.format { font-family:inherit }
+ pre.smalldisplay { font-family:inherit; font-size:smaller }
+ pre.smallformat { font-family:inherit; font-size:smaller }
+ pre.smallexample { font-size:smaller }
+ pre.smalllisp { font-size:smaller }
+ span.sc { font-variant:small-caps }
+ span.roman { font-family:serif; font-weight:normal; }
+ span.sansserif { font-family:sans-serif; font-weight:normal; }
+--></style>
+</head>
+<body>
+<h1 class="settitle">Ntp-keygen User's Manual</h1>
+ <div class="shortcontents">
+<h2>Short Contents</h2>
+<ul>
+<a href="#Top">Top</a>
+<a href="#Top">NTP Key Generation Program User Manual</a>
+</ul>
+</div>
+
+
+
+<div class="node">
+<a name="Top"></a>
+<p><hr>
+Up: <a rel="up" accesskey="u" href="#dir">(dir)</a>
+
+</div>
+
+<h2 class="unnumbered">Top</h2>
+
+<ul class="menu">
+<li><a accesskey="1" href="#Description">Description</a>
+<li><a accesskey="2" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>: Invoking ntp-keygen
+<li><a accesskey="3" href="#Running-the-Program">Running the Program</a>
+<li><a accesskey="4" href="#Random-Seed-File">Random Seed File</a>
+<li><a accesskey="5" href="#Cryptographic-Data-Files">Cryptographic Data Files</a>
+</ul>
+
+<div class="node">
+<a name="Top"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#Description">Description</a>,
+Previous: <a rel="previous" accesskey="p" href="#dir">(dir)</a>,
+Up: <a rel="up" accesskey="u" href="#dir">(dir)</a>
+
+</div>
+
+<h2 class="unnumbered">NTP Key Generation Program User Manual</h2>
+
+<p>This document describes the use of the NTP Project's <code>ntp-keygen</code>
+program, that generates cryptographic data files used by the NTPv4
+authentication and identity schemes.
+It can generate message digest
+keys used in symmetric key cryptography and, if the OpenSSL software
+library has been installed, it can generate host keys, sign keys,
+certificates, and identity keys and parameters used by the Autokey
+public key cryptography.
+The message digest keys file is generated in a
+format compatible with NTPv3.
+All other files are in PEM-encoded
+printable ASCII format so they can be embedded as MIME attachments in
+mail to other sites.
+
+ <p>This document applies to version 4.2.7p333 of <code>ntp-keygen</code>.
+
+<div class="node">
+<a name="Description"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#Running-the-Program">Running the Program</a>,
+Previous: <a rel="previous" accesskey="p" href="#Top">Top</a>,
+Up: <a rel="up" accesskey="u" href="#Top">Top</a>
+
+</div>
+
+<!-- node-name, next, previous, up -->
+<h3 class="section">Description</h3>
+
+<p>This program generates cryptographic data files used by the NTPv4
+authentication and identity schemes. It can generate message digest
+keys used in symmetric key cryptography and, if the OpenSSL software
+library has been installed, it can generate host keys, sign keys,
+certificates, and identity keys and parameters used by the Autokey
+public key cryptography. The message digest keys file is generated in a
+format compatible with NTPv3. All other files are in PEM-encoded
+printable ASCII format so they can be embedded as MIME attachments in
+mail to other sites.
+
+ <p>When used to generate message digest keys, the program produces a file
+containing ten pseudo-random printable ASCII strings suitable for the
+MD5 message digest algorithm included in the distribution. If the
+OpenSSL library is installed, it produces an additional ten hex-encoded
+random bit strings suitable for the SHA1 and other message digest
+algorithms. The message digest keys file must be distributed and stored
+using secure means beyond the scope of NTP itself. Besides the keys
+used for ordinary NTP associations, additional keys can be defined as
+passwords for the ntpq and ntpdc utility programs.
+
+ <p>The remaining generated files are compatible with other OpenSSL
+applications and other Public Key Infrastructure (PKI) resources.
+Certificates generated by this program are compatible with extant
+industry practice, although some users might find the interpretation of
+X509v3 extension fields somewhat liberal. However, the identity keys
+are probably not compatible with anything other than Autokey.
+
+ <p>Some files used by this program are encrypted using a private password.
+The -p option specifies the password for local encrypted files and the
+-q option the password for encrypted files sent to remote sites. If no
+password is specified, the host name returned by the Unix gethostname()
+function, normally the DNS name of the host, is used.
+
+ <p>The pw option of the crypto configuration command specifies the read
+password for previously encrypted local files. This must match the
+local password used by this program. If not specified, the host name is
+used. Thus, if files are generated by this program without password,
+they can be read back by ntpd without password, but only on the same
+host.
+
+ <p>Normally, encrypted files for each host are generated by that host and
+used only by that host, although exceptions exist as noted later on
+this page. The symmetric keys file, normally called ntp.keys, is
+usually installed in /etc. Other files and links are usually installed
+in /usr/local/etc, which is normally in a shared filesystem in
+NFS-mounted networks and cannot be changed by shared clients. The
+location of the keys directory can be changed by the keysdir
+configuration command in such cases. Normally, this is in /etc.
+
+ <p>This program directs commentary and error messages to the standard
+error stream stderr and remote files to the standard output stream
+stdout where they can be piped to other applications or redirected to
+files. The names used for generated files and links all begin with the
+string ntpkey and include the file type, generating host and filestamp,
+as described in the Cryptographic Data Files section below.
+
+<div class="node">
+<a name="Running-the-Program"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#Random-Seed-File">Random Seed File</a>,
+Previous: <a rel="previous" accesskey="p" href="#Description">Description</a>,
+Up: <a rel="up" accesskey="u" href="#Top">Top</a>
+
+</div>
+
+<!-- node-name, next, previous, up -->
+<h3 class="section">Running the Program</h3>
+
+<p>To test and gain experience with Autokey concepts, log in as root and
+change to the keys directory, usually /usr/local/etc. When run for the
+first time, or if all files with names beginning ntpkey have been
+removed, use the ntp-keygen command without arguments to generate a
+default RSA host key and matching RSA-MD5 certificate with expiration
+date one year hence. If run again without options, the program uses the
+existing keys and parameters and generates only a new certificate with
+new expiration date one year hence.
+
+ <p>Run the command on as many hosts as necessary. Designate one of them as
+the trusted host (TH) using ntp-keygen with the -T option and configure
+it to synchronize from reliable Internet servers. Then configure the
+other hosts to synchronize to the TH directly or indirectly. A
+certificate trail is created when Autokey asks the immediately
+ascendant host towards the TH to sign its certificate, which is then
+provided to the immediately descendant host on request. All group hosts
+should have acyclic certificate trails ending on the TH.
+
+ <p>The host key is used to encrypt the cookie when required and so must be
+RSA type. By default, the host key is also the sign key used to encrypt
+signatures. A different sign key can be assigned using the -S option
+and this can be either RSA or DSA type. By default, the signature
+message digest type is MD5, but any combination of sign key type and
+message digest type supported by the OpenSSL library can be specified
+using the -c option.
+
+ <p>The rules say cryptographic media should be generated with proventic
+filestamps, which means the host should already be synchronized before
+this program is run. This of course creates a chicken-and-egg problem
+when the host is started for the first time. Accordingly, the host time
+should be set by some other means, such as eyeball-and-wristwatch, at
+least so that the certificate lifetime is within the current year.
+After that and when the host is synchronized to a proventic source, the
+certificate should be re-generated.
+
+ <p>Additional information on trusted groups and identity schemes is on the
+Autokey Public-Key Authentication
+page.
+
+<div class="node">
+<a name="ntp-keygen-Invocation"></a>
+<a name="ntp_002dkeygen-Invocation"></a>
+<p><hr>
+
+
+</div>
+
+<h3 class="section">Invoking ntp-keygen</h3>
+
+<p><a name="index-ntp_002dkeygen-1"></a><a name="index-Create-a-NTP-host-key-2"></a>
+
+ <p>This program generates cryptographic data files used by the NTPv4
+authentication and identification schemes.
+It generates MD5 key files used in symmetric key cryptography.
+In addition, if the OpenSSL software library has been installed,
+it generates keys, certificate and identity files used in public key
+cryptography.
+These files are used for cookie encryption,
+digital signature and challenge/response identification algorithms
+compatible with the Internet standard security infrastructure.
+
+ <p>All files are in PEM-encoded printable ASCII format,
+so they can be embedded as MIME attachments in mail to other sites
+and certificate authorities.
+By default, files are not encrypted.
+
+ <p>The
+<code>ntpd(8)</code>
+configuration command
+.Ic
+crypto
+pw
+Ar
+password
+specifies the read password for previously encrypted files.
+The daemon expires on the spot if the password is missing
+or incorrect.
+For convenience, if a file has been previously encrypted,
+the default read password is the name of the host running
+the program.
+If the previous write password is specified as the host name,
+these files can be read by that host with no explicit password.
+
+ <p>File names begin with the prefix
+.Cm
+ntpkey_
+and end with the postfix
+.Ar
+_hostname.filestamp
+,
+where
+.Ar
+hostname
+is the owner name, usually the string returned
+by the Unix gethostname() routine, and
+.Ar
+filestamp
+is the NTP seconds when the file was generated, in decimal digits.
+This both guarantees uniqueness and simplifies maintenance
+procedures, since all files can be quickly removed
+by a
+.Ic
+rm
+ntpkey\&*
+command or all files generated
+at a specific time can be removed by a
+.Ic
+rm
+.Ar
+\&*filestamp
+command.
+To further reduce the risk of misconfiguration,
+the first two lines of a file contain the file name
+and generation date and time as comments.
+
+ <p>All files are installed by default in the keys directory
+.Pa
+/usr/local/etc
+,
+which is normally in a shared filesystem
+in NFS-mounted networks.
+The actual location of the keys directory
+and each file can be overridden by configuration commands,
+but this is not recommended.
+Normally, the files for each host are generated by that host
+and used only by that host, although exceptions exist
+as noted later on this page.
+
+ <p>Normally, files containing private values,
+including the host key, sign key and identification parameters,
+are permitted root read/write-only;
+while others containing public values are permitted world readable.
+Alternatively, files containing private values can be encrypted
+and these files permitted world readable,
+which simplifies maintenance in shared file systems.
+Since uniqueness is insured by the hostname and
+file name extensions, the files for a NFS server and
+dependent clients can all be installed in the same shared directory.
+
+ <p>The recommended practice is to keep the file name extensions
+when installing a file and to install a soft link
+from the generic names specified elsewhere on this page
+to the generated files.
+This allows new file generations to be activated simply
+by changing the link.
+If a link is present, ntpd follows it to the file name
+to extract the filestamp.
+If a link is not present,
+<code>ntpd(8)</code>
+extracts the filestamp from the file itself.
+This allows clients to verify that the file and generation times
+are always current.
+The
+<code>ntp-keygen</code>
+program uses the same timestamp extension for all files generated
+at one time, so each generation is distinct and can be readily
+recognized in monitoring data.
+.Ss
+Running
+the
+program
+The safest way to run the
+<code>ntp-keygen</code>
+program is logged in directly as root.
+The recommended procedure is change to the keys directory,
+usually
+.Pa
+/usr/local/etc
+,
+then run the program.
+When run for the first time,
+or if all
+.Cm
+ntpkey
+files have been removed,
+the program generates a RSA host key file and matching RSA-MD5 certificate file,
+which is all that is necessary in many cases.
+The program also generates soft links from the generic names
+to the respective files.
+If run again, the program uses the same host key file,
+but generates a new certificate file and link.
+
+ <p>The host key is used to encrypt the cookie when required and so must be RSA type.
+By default, the host key is also the sign key used to encrypt signatures.
+When necessary, a different sign key can be specified and this can be
+either RSA or DSA type.
+By default, the message digest type is MD5, but any combination
+of sign key type and message digest type supported by the OpenSSL library
+can be specified, including those using the MD2, MD5, SHA, SHA1, MDC2
+and RIPE160 message digest algorithms.
+However, the scheme specified in the certificate must be compatible
+with the sign key.
+Certificates using any digest algorithm are compatible with RSA sign keys;
+however, only SHA and SHA1 certificates are compatible with DSA sign keys.
+
+ <p>Private/public key files and certificates are compatible with
+other OpenSSL applications and very likely other libraries as well.
+Certificates or certificate requests derived from them should be compatible
+with extant industry practice, although some users might find
+the interpretation of X509v3 extension fields somewhat liberal.
+However, the identification parameter files, although encoded
+as the other files, are probably not compatible with anything other than Autokey.
+
+ <p>Running the program as other than root and using the Unix
+.Ic
+su
+command
+to assume root may not work properly, since by default the OpenSSL library
+looks for the random seed file
+.Cm
+.rnd
+in the user home directory.
+However, there should be only one
+.Cm
+.rnd
+,
+most conveniently
+in the root directory, so it is convenient to define the
+.Cm
+$RANDFILE
+environment variable used by the OpenSSL library as the path to
+.Cm
+/.rnd
+.
+
+ <p>Installing the keys as root might not work in NFS-mounted
+shared file systems, as NFS clients may not be able to write
+to the shared keys directory, even as root.
+In this case, NFS clients can specify the files in another
+directory such as
+.Pa
+/etc
+using the
+.Ic
+keysdir
+command.
+There is no need for one client to read the keys and certificates
+of other clients or servers, as these data are obtained automatically
+by the Autokey protocol.
+
+ <p>Ordinarily, cryptographic files are generated by the host that uses them,
+but it is possible for a trusted agent (TA) to generate these files
+for other hosts; however, in such cases files should always be encrypted.
+The subject name and trusted name default to the hostname
+of the host generating the files, but can be changed by command line options.
+It is convenient to designate the owner name and trusted name
+as the subject and issuer fields, respectively, of the certificate.
+The owner name is also used for the host and sign key files,
+while the trusted name is used for the identity files.
+
+ <p>All files are installed by default in the keys directory
+.Pa
+/usr/local/etc
+,
+which is normally in a shared filesystem
+in NFS-mounted networks.
+The actual location of the keys directory
+and each file can be overridden by configuration commands,
+but this is not recommended.
+Normally, the files for each host are generated by that host
+and used only by that host, although exceptions exist
+as noted later on this page.
+
+ <p>Normally, files containing private values,
+including the host key, sign key and identification parameters,
+are permitted root read/write-only;
+while others containing public values are permitted world readable.
+Alternatively, files containing private values can be encrypted
+and these files permitted world readable,
+which simplifies maintenance in shared file systems.
+Since uniqueness is insured by the hostname and
+file name extensions, the files for a NFS server and
+dependent clients can all be installed in the same shared directory.
+
+ <p>The recommended practice is to keep the file name extensions
+when installing a file and to install a soft link
+from the generic names specified elsewhere on this page
+to the generated files.
+This allows new file generations to be activated simply
+by changing the link.
+If a link is present, ntpd follows it to the file name
+to extract the filestamp.
+If a link is not present,
+<code>ntpd(8)</code>
+extracts the filestamp from the file itself.
+This allows clients to verify that the file and generation times
+are always current.
+The
+<code>ntp-keygen</code>
+program uses the same timestamp extension for all files generated
+at one time, so each generation is distinct and can be readily
+recognized in monitoring data.
+.Ss
+Running
+the
+program
+The safest way to run the
+<code>ntp-keygen</code>
+program is logged in directly as root.
+The recommended procedure is change to the keys directory,
+usually
+.Pa
+/usr/local/etc
+,
+then run the program.
+When run for the first time,
+or if all
+.Cm
+ntpkey
+files have been removed,
+the program generates a RSA host key file and matching RSA-MD5 certificate file,
+which is all that is necessary in many cases.
+The program also generates soft links from the generic names
+to the respective files.
+If run again, the program uses the same host key file,
+but generates a new certificate file and link.
+
+ <p>The host key is used to encrypt the cookie when required and so must be RSA type.
+By default, the host key is also the sign key used to encrypt signatures.
+When necessary, a different sign key can be specified and this can be
+either RSA or DSA type.
+By default, the message digest type is MD5, but any combination
+of sign key type and message digest type supported by the OpenSSL library
+can be specified, including those using the MD2, MD5, SHA, SHA1, MDC2
+and RIPE160 message digest algorithms.
+However, the scheme specified in the certificate must be compatible
+with the sign key.
+Certificates using any digest algorithm are compatible with RSA sign keys;
+however, only SHA and SHA1 certificates are compatible with DSA sign keys.
+
+ <p>Private/public key files and certificates are compatible with
+other OpenSSL applications and very likely other libraries as well.
+Certificates or certificate requests derived from them should be compatible
+with extant industry practice, although some users might find
+the interpretation of X509v3 extension fields somewhat liberal.
+However, the identification parameter files, although encoded
+as the other files, are probably not compatible with anything other than Autokey.
+
+ <p>Running the program as other than root and using the Unix
+.Ic
+su
+command
+to assume root may not work properly, since by default the OpenSSL library
+looks for the random seed file
+.Cm
+.rnd
+in the user home directory.
+However, there should be only one
+.Cm
+.rnd
+,
+most conveniently
+in the root directory, so it is convenient to define the
+.Cm
+$RANDFILE
+environment variable used by the OpenSSL library as the path to
+.Cm
+/.rnd
+.
+
+ <p>Installing the keys as root might not work in NFS-mounted
+shared file systems, as NFS clients may not be able to write
+to the shared keys directory, even as root.
+In this case, NFS clients can specify the files in another
+directory such as
+.Pa
+/etc
+using the
+.Ic
+keysdir
+command.
+There is no need for one client to read the keys and certificates
+of other clients or servers, as these data are obtained automatically
+by the Autokey protocol.
+
+ <p>Ordinarily, cryptographic files are generated by the host that uses them,
+but it is possible for a trusted agent (TA) to generate these files
+for other hosts; however, in such cases files should always be encrypted.
+The subject name and trusted name default to the hostname
+of the host generating the files, but can be changed by command line options.
+It is convenient to designate the owner name and trusted name
+as the subject and issuer fields, respectively, of the certificate.
+The owner name is also used for the host and sign key files,
+while the trusted name is used for the identity files.
+seconds.
+seconds.
+
+ <p>s Trusted Hosts and Groups
+Each cryptographic configuration involves selection of a signature scheme
+and identification scheme, called a cryptotype,
+as explained in the
+.Sx
+Authentication
+Options
+section of
+<code>ntp.conf(5)</code>.
+The default cryptotype uses RSA encryption, MD5 message digest
+and TC identification.
+First, configure a NTP subnet including one or more low-stratum
+trusted hosts from which all other hosts derive synchronization
+directly or indirectly.
+Trusted hosts have trusted certificates;
+all other hosts have nontrusted certificates.
+These hosts will automatically and dynamically build authoritative
+certificate trails to one or more trusted hosts.
+A trusted group is the set of all hosts that have, directly or indirectly,
+a certificate trail ending at a trusted host.
+The trail is defined by static configuration file entries
+or dynamic means described on the
+.Sx
+Automatic
+NTP
+Configuration
+Options
+section of
+<code>ntp.conf(5)</code>.
+
+ <p>On each trusted host as root, change to the keys directory.
+To insure a fresh fileset, remove all
+.Cm
+ntpkey
+files.
+Then run
+<code>ntp-keygen</code>
+<code>-T</code> to generate keys and a trusted certificate.
+On all other hosts do the same, but leave off the
+<code>-T</code> flag to generate keys and nontrusted certificates.
+When complete, start the NTP daemons beginning at the lowest stratum
+and working up the tree.
+It may take some time for Autokey to instantiate the certificate trails
+throughout the subnet, but setting up the environment is completely automatic.
+
+ <p>If it is necessary to use a different sign key or different digest/signature
+scheme than the default, run
+<code>ntp-keygen</code>
+with the
+<code>-S</code> <code>-Ar</code> <code>-type</code> option, where
+.Ar
+type
+is either
+.Cm
+RSA
+or
+.Cm
+DSA
+.
+The most often need to do this is when a DSA-signed certificate is used.
+If it is necessary to use a different certificate scheme than the default,
+run
+<code>ntp-keygen</code>
+with the
+<code>-c</code> <code>-Ar</code> <code>-scheme</code> option and selected
+.Ar
+scheme
+as needed.
+f
+<code>ntp-keygen</code>
+is run again without these options, it generates a new certificate
+using the same scheme and sign key.
+
+ <p>After setting up the environment it is advisable to update certificates
+from time to time, if only to extend the validity interval.
+Simply run
+<code>ntp-keygen</code>
+with the same flags as before to generate new certificates
+using existing keys.
+However, if the host or sign key is changed,
+<code>ntpd(8)</code>
+should be restarted.
+When
+<code>ntpd(8)</code>
+is restarted, it loads any new files and restarts the protocol.
+Other dependent hosts will continue as usual until signatures are refreshed,
+at which time the protocol is restarted.
+.Ss
+Identity
+Schemes
+As mentioned on the Autonomous Authentication page,
+the default TC identity scheme is vulnerable to a middleman attack.
+However, there are more secure identity schemes available,
+including PC, IFF, GQ and MV described on the
+.Qq
+Identification
+Schemes
+page
+(maybe available at
+.Li
+http://www.eecis.udel.edu/%7emills/keygen.html
+)
+.
+These schemes are based on a TA, one or more trusted hosts
+and some number of nontrusted hosts.
+Trusted hosts prove identity using values provided by the TA,
+while the remaining hosts prove identity using values provided
+by a trusted host and certificate trails that end on that host.
+The name of a trusted host is also the name of its sugroup
+and also the subject and issuer name on its trusted certificate.
+The TA is not necessarily a trusted host in this sense, but often is.
+
+ <p>In some schemes there are separate keys for servers and clients.
+A server can also be a client of another server,
+but a client can never be a server for another client.
+In general, trusted hosts and nontrusted hosts that operate
+as both server and client have parameter files that contain
+both server and client keys.
+Hosts that operate
+only as clients have key files that contain only client keys.
+
+ <p>The PC scheme supports only one trusted host in the group.
+On trusted host alice run
+<code>ntp-keygen</code>
+<code>-P</code> <code>-p</code> <code>-Ar</code> <code>-password</code> to generate the host key file
+.Pa
+ntpkey_RSAkey_
+Ns
+Ar
+alice.filestamp
+and trusted private certificate file
+.Pa
+ntpkey_RSA-MD5_cert_
+Ns
+Ar
+alice.filestamp
+.
+Copy both files to all group hosts;
+they replace the files which would be generated in other schemes.
+On each host bob install a soft link from the generic name
+.Pa
+ntpkey_host_
+Ns
+Ar
+bob
+to the host key file and soft link
+.Pa
+ntpkey_cert_
+Ns
+Ar
+bob
+to the private certificate file.
+Note the generic links are on bob, but point to files generated
+by trusted host alice.
+In this scheme it is not possible to refresh
+either the keys or certificates without copying them
+to all other hosts in the group.
+
+ <p>For the IFF scheme proceed as in the TC scheme to generate keys
+and certificates for all group hosts, then for every trusted host in the group,
+generate the IFF parameter file.
+On trusted host alice run
+<code>ntp-keygen</code>
+<code>-T</code> <code>-I</code> <code>-p</code> <code>-Ar</code> <code>-password</code> to produce her parameter file
+.Pa
+ntpkey_IFFpar_
+Ns
+Ar
+alice.filestamp
+,
+which includes both server and client keys.
+Copy this file to all group hosts that operate as both servers
+and clients and install a soft link from the generic
+.Pa
+ntpkey_iff_
+Ns
+Ar
+alice
+to this file.
+If there are no hosts restricted to operate only as clients,
+there is nothing further to do.
+As the IFF scheme is independent
+of keys and certificates, these files can be refreshed as needed.
+
+ <p>If a rogue client has the parameter file, it could masquerade
+as a legitimate server and present a middleman threat.
+To eliminate this threat, the client keys can be extracted
+from the parameter file and distributed to all restricted clients.
+After generating the parameter file, on alice run
+<code>ntp-keygen</code>
+<code>-e</code> and pipe the output to a file or mail program.
+Copy or mail this file to all restricted clients.
+On these clients install a soft link from the generic
+.Pa
+ntpkey_iff_
+Ns
+Ar
+alice
+to this file.
+To further protect the integrity of the keys,
+each file can be encrypted with a secret password.
+
+ <p>For the GQ scheme proceed as in the TC scheme to generate keys
+and certificates for all group hosts, then for every trusted host
+in the group, generate the IFF parameter file.
+On trusted host alice run
+<code>ntp-keygen</code>
+<code>-T</code> <code>-G</code> <code>-p</code> <code>-Ar</code> <code>-password</code> to produce her parameter file
+.Pa
+ntpkey_GQpar_
+Ns
+Ar
+alice.filestamp
+,
+which includes both server and client keys.
+Copy this file to all group hosts and install a soft link
+from the generic
+.Pa
+ntpkey_gq_
+Ns
+Ar
+alice
+to this file.
+In addition, on each host bob install a soft link
+from generic
+.Pa
+ntpkey_gq_
+Ns
+Ar
+bob
+to this file.
+As the GQ scheme updates the GQ parameters file and certificate
+at the same time, keys and certificates can be regenerated as needed.
+
+ <p>For the MV scheme, proceed as in the TC scheme to generate keys
+and certificates for all group hosts.
+For illustration assume trish is the TA, alice one of several trusted hosts
+and bob one of her clients.
+On TA trish run
+<code>ntp-keygen</code>
+<code>-V</code> <code>-Ar</code> <code>-n</code> <code>-p</code> <code>-Ar</code> <code>-password</code>, where
+.Ar
+n
+is the number of revokable keys (typically 5) to produce
+the parameter file
+.Pa
+ntpkeys_MVpar_
+Ns
+Ar
+trish.filestamp
+and client key files
+.Pa
+ntpkeys_MVkeyd_
+Ns
+Ar
+trish.filestamp
+where
+.Ar
+d
+is the key number (0 \&<
+.Ar
+d
+\&<
+.Ar
+n
+)
+.
+Copy the parameter file to alice and install a soft link
+from the generic
+.Pa
+ntpkey_mv_
+Ns
+Ar
+alice
+to this file.
+Copy one of the client key files to alice for later distribution
+to her clients.
+It doesn't matter which client key file goes to alice,
+since they all work the same way.
+Alice copies the client key file to all of her cliens.
+On client bob install a soft link from generic
+.Pa
+ntpkey_mvkey_
+Ns
+Ar
+bob
+to the client key file.
+As the MV scheme is independent of keys and certificates,
+these files can be refreshed as needed.
+.Ss
+Command
+Line
+Options
+ <dl>
+<dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Select certificate message digest/signature encryption scheme.
+The
+.Ar
+scheme
+can be one of the following:
+.
+Cm
+RSA-MD2
+,
+RSA-MD5
+,
+RSA-SHA
+,
+RSA-SHA1
+,
+RSA-MDC2
+,
+RSA-RIPEMD160
+,
+DSA-SHA
+,
+or
+.Cm
+DSA-SHA1
+.
+Note that RSA schemes must be used with a RSA sign key and DSA
+schemes must be used with a DSA sign key.
+The default without this option is
+.Cm
+RSA-MD5
+.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Enable debugging.
+This option displays the cryptographic data produced in eye-friendly billboards.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Write the IFF client keys to the standard output.
+This is intended for automatic key distribution by mail.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate parameters and keys for the GQ identification scheme,
+obsoleting any that may exist.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate keys for the GQ identification scheme
+using the existing GQ parameters.
+If the GQ parameters do not yet exist, create them first.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate new host keys, obsoleting any that may exist.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate parameters for the IFF identification scheme,
+obsoleting any that may exist.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Set the suject name to
+.Ar
+name
+.
+This is used as the subject field in certificates
+and in the file name for host and sign keys.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate MD5 keys, obsoleting any that may exist.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate a private certificate.
+By default, the program generates public certificates.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Encrypt generated files containing private data with
+.Ar
+password
+and the DES-CBC algorithm.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Set the password for reading files to password.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate a new sign key of the designated type,
+obsoleting any that may exist.
+By default, the program uses the host key as the sign key.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Set the issuer name to
+.Ar
+name
+.
+This is used for the issuer field in certificates
+and in the file name for identity files.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate a trusted certificate.
+By default, the program generates a non-trusted certificate.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate parameters and keys for the Mu-Varadharajan (MV) identification scheme.
+
+ <p>.Ss
+Random
+Seed
+File
+All cryptographically sound key generation schemes must have means
+to randomize the entropy seed used to initialize
+the internal pseudo-random number generator used
+by the library routines.
+The OpenSSL library uses a designated random seed file for this purpose.
+The file must be available when starting the NTP daemon and
+<code>ntp-keygen</code>
+program.
+If a site supports OpenSSL or its companion OpenSSH,
+it is very likely that means to do this are already available.
+
+ <p>It is important to understand that entropy must be evolved
+for each generation, for otherwise the random number sequence
+would be predictable.
+Various means dependent on external events, such as keystroke intervals,
+can be used to do this and some systems have built-in entropy sources.
+Suitable means are described in the OpenSSL software documentation,
+but are outside the scope of this page.
+
+ <p>The entropy seed used by the OpenSSL library is contained in a file,
+usually called
+.Cm
+.rnd
+,
+which must be available when starting the NTP daemon
+or the
+<code>ntp-keygen</code>
+program.
+The NTP daemon will first look for the file
+using the path specified by the
+.Ic
+randfile
+subcommand of the
+.Ic
+crypto
+configuration command.
+If not specified in this way, or when starting the
+<code>ntp-keygen</code>
+program,
+the OpenSSL library will look for the file using the path specified
+by the
+.Ev
+RANDFILE
+environment variable in the user home directory,
+whether root or some other user.
+If the
+.Ev
+RANDFILE
+environment variable is not present,
+the library will look for the
+.Cm
+.rnd
+file in the user home directory.
+If the file is not available or cannot be written,
+the daemon exits with a message to the system log and the program
+exits with a suitable error message.
+.Ss
+Cryptographic
+Data
+Files
+All other file formats begin with two lines.
+The first contains the file name, including the generated host name
+and filestamp.
+The second contains the datestamp in conventional Unix date format.
+Lines beginning with # are considered comments and ignored by the
+<code>ntp-keygen</code>
+program and
+<code>ntpd(8)</code>
+daemon.
+Cryptographic values are encoded first using ASN.1 rules,
+then encrypted if necessary, and finally written PEM-encoded
+printable ASCII format preceded and followed by MIME content identifier lines.
+
+ <p>The format of the symmetric keys file is somewhat different
+than the other files in the interest of backward compatibility.
+Since DES-CBC is deprecated in NTPv4, the only key format of interest
+is MD5 alphanumeric strings.
+Following hte heard the keys are
+entered one per line in the format
+.D1
+Ar
+keyno
+type
+key
+where
+.Ar
+keyno
+is a positive integer in the range 1-65,535,
+.Ar
+type
+is the string MD5 defining the key format and
+.Ar
+key
+is the key itself,
+which is a printable ASCII string 16 characters or less in length.
+Each character is chosen from the 93 printable characters
+in the range 0x21 through 0x7f excluding space and the
+.Ql
+#
+character.
+
+ <p>Note that the keys used by the
+<code>ntpq(8)</code>
+and
+<code>ntpdc(8)</code>
+programs
+are checked against passwords requested by the programs
+and entered by hand, so it is generally appropriate to specify these keys
+in human readable ASCII format.
+
+ <p>The
+<code>ntp-keygen</code>
+program generates a MD5 symmetric keys file
+.Pa
+ntpkey_MD5key_
+Ns
+Ar
+hostname.filestamp
+.
+Since the file contains private shared keys,
+it should be visible only to root and distributed by secure means
+to other subnet hosts.
+The NTP daemon loads the file
+.Pa
+ntp.keys
+,
+so
+<code>ntp-keygen</code>
+installs a soft link from this name to the generated file.
+Subsequently, similar soft links must be installed by manual
+or automated means on the other subnet hosts.
+While this file is not used with the Autokey Version 2 protocol,
+it is needed to authenticate some remote configuration commands
+used by the
+<code>ntpq(8)</code>
+and
+<code>ntpdc(8)</code>
+utilities.
+
+ <p>This section was generated by <strong>AutoGen</strong>,
+using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp-keygen</code> program.
+This software is released under the NTP license, <http://ntp.org/license>.
+
+ <ul class="menu">
+<li><a accesskey="1" href="#ntp_002dkeygen-usage">ntp-keygen usage</a>: ntp-keygen help/usage (<samp><span class="option">--help</span></samp>)
+<li><a accesskey="2" href="#ntp_002dkeygen-imbits">ntp-keygen imbits</a>: imbits option (-b)
+<li><a accesskey="3" href="#ntp_002dkeygen-certificate">ntp-keygen certificate</a>: certificate option (-c)
+<li><a accesskey="4" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>: cipher option (-C)
+<li><a accesskey="5" href="#ntp_002dkeygen-id_002dkey">ntp-keygen id-key</a>: id-key option (-e)
+<li><a accesskey="6" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>: gq-params option (-G)
+<li><a accesskey="7" href="#ntp_002dkeygen-host_002dkey">ntp-keygen host-key</a>: host-key option (-H)
+<li><a accesskey="8" href="#ntp_002dkeygen-iffkey">ntp-keygen iffkey</a>: iffkey option (-I)
+<li><a accesskey="9" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>: ident option (-i)
+<li><a href="#ntp_002dkeygen-lifetime">ntp-keygen lifetime</a>: lifetime option (-l)
+<li><a href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>: md5key option (-M)
+<li><a href="#ntp_002dkeygen-modulus">ntp-keygen modulus</a>: modulus option (-m)
+<li><a href="#ntp_002dkeygen-pvt_002dcert">ntp-keygen pvt-cert</a>: pvt-cert option (-P)
+<li><a href="#ntp_002dkeygen-pvt_002dpasswd">ntp-keygen pvt-passwd</a>: pvt-passwd option (-p)
+<li><a href="#ntp_002dkeygen-get_002dpvt_002dpasswd">ntp-keygen get-pvt-passwd</a>: get-pvt-passwd option (-q)
+<li><a href="#ntp_002dkeygen-sign_002dkey">ntp-keygen sign-key</a>: sign-key option (-S)
+<li><a href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>: subject-name option (-s)
+<li><a href="#ntp_002dkeygen-trusted_002dcert">ntp-keygen trusted-cert</a>: trusted-cert option (-T)
+<li><a href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>: mv-params option (-V)
+<li><a href="#ntp_002dkeygen-mv_002dkeys">ntp-keygen mv-keys</a>: mv-keys option (-v)
+<li><a href="#ntp_002dkeygen-config">ntp-keygen config</a>: presetting/configuring ntp-keygen
+<li><a href="#ntp_002dkeygen-exit-status">ntp-keygen exit status</a>: exit status
+<li><a href="#ntp_002dkeygen-Usage">ntp-keygen Usage</a>: Usage
+<li><a href="#ntp_002dkeygen-Notes">ntp-keygen Notes</a>: Notes
+<li><a href="#ntp_002dkeygen-Bugs">ntp-keygen Bugs</a>: Bugs
+</ul>
+
+<div class="node">
+<a name="ntp-keygen-usage"></a>
+<a name="ntp_002dkeygen-usage"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-imbits">ntp-keygen imbits</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">ntp-keygen help/usage (<samp><span class="option">--help</span></samp>)</h4>
+
+ <p><a name="index-ntp_002dkeygen-help-3"></a>
+This is the automatically generated usage text for ntp-keygen.
+
+ <p>The text printed is the same whether selected with the <code>help</code> option
+(<samp><span class="option">--help</span></samp>) or the <code>more-help</code> option (<samp><span class="option">--more-help</span></samp>). <code>more-help</code> will print
+the usage text by passing it through a pager program.
+<code>more-help</code> is disabled on platforms without a working
+<code>fork(2)</code> function. The <code>PAGER</code> environment variable is
+used to select the program, defaulting to <samp><span class="file">more</span></samp>. Both will exit
+with a status code of 0.
+
+ <pre class="example"> ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.7p333
+ USAGE: ntp-keygen [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
+ Flg Arg Option-Name Description
+ -b Num imbits identity modulus bits
+ - It must be in the range:
+ 256 to 2048
+ -c Str certificate certificate scheme
+ -C Str cipher privatekey cipher
+ -d no debug-level Increase debug verbosity level
+ - may appear multiple times
+ -D Num set-debug-level Set the debug verbosity level
+ - may appear multiple times
+ -e no id-key Write IFF or GQ identity keys
+ -G no gq-params Generate GQ parameters and keys
+ -H no host-key generate RSA host key
+ -I no iffkey generate IFF parameters
+ -i Str ident set Autokey group name
+ -l Num lifetime set certificate lifetime
+ -M no md5key generate MD5 keys
+ -m Num modulus modulus
+ - It must be in the range:
+ 256 to 2048
+ -P no pvt-cert generate PC private certificate
+ -p Str pvt-passwd output private password
+ -q Str get-pvt-passwd input private password
+ -S Str sign-key generate sign key (RSA or DSA)
+ -s Str subject-name set host and optionally group name
+ -T no trusted-cert trusted certificate (TC scheme)
+ -V Num mv-params generate <num> MV parameters
+ -v Num mv-keys update <num> MV keys
+ opt version Output version information and exit
+ -? no help Display extended usage information and exit
+ -! no more-help Extended usage information passed thru pager
+ -> opt save-opts Save the option state to a config file
+ -< Str load-opts Load options from a config file
+ - disabled as --no-load-opts
+ - may appear multiple times
+
+ Options are specified by doubled hyphens and their name or by a single
+ hyphen and the flag character.
+
+
+
+ The following option preset mechanisms are supported:
+ - reading file $HOME/.ntprc
+ - reading file ./.ntprc
+ - examining environment variables named NTP_KEYGEN_*
+
+ please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
+</pre>
+ <div class="node">
+<a name="ntp-keygen-imbits"></a>
+<a name="ntp_002dkeygen-imbits"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-certificate">ntp-keygen certificate</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-usage">ntp-keygen usage</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">imbits option (-b)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dimbits-4"></a>
+This is the “identity modulus bits” option.
+This option takes an argument number <samp><span class="file">imbits</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>The number of bits in the identity modulus. The default is 256.
+<div class="node">
+<a name="ntp-keygen-certificate"></a>
+<a name="ntp_002dkeygen-certificate"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-imbits">ntp-keygen imbits</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">certificate option (-c)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dcertificate-5"></a>
+This is the “certificate scheme” option.
+This option takes an argument string <samp><span class="file">scheme</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>scheme is one of
+RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160,
+DSA-SHA, or DSA-SHA1.
+
+ <p>Select the certificate message digest/signature encryption scheme.
+Note that RSA schemes must be used with a RSA sign key and DSA
+schemes must be used with a DSA sign key. The default without
+this option is RSA-MD5.
+<div class="node">
+<a name="ntp-keygen-cipher"></a>
+<a name="ntp_002dkeygen-cipher"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-id_002dkey">ntp-keygen id-key</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-certificate">ntp-keygen certificate</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">cipher option (-C)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dcipher-6"></a>
+This is the “privatekey cipher” option.
+This option takes an argument string <samp><span class="file">cipher</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Select the cipher which is used to encrypt the files containing
+private keys. The default is three-key triple DES in CBC mode,
+equivalent to "-C des-ede3-cbc". The openssl tool lists ciphers
+available in "openssl -h" output.
+<div class="node">
+<a name="ntp-keygen-id-key"></a>
+<a name="ntp_002dkeygen-id_002dkey"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">id-key option (-e)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002did_002dkey-7"></a>
+This is the “write iff or gq identity keys” option.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Write the IFF or GQ client keys to the standard output. This is
+intended for automatic key distribution by mail.
+<div class="node">
+<a name="ntp-keygen-gq-params"></a>
+<a name="ntp_002dkeygen-gq_002dparams"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-host_002dkey">ntp-keygen host-key</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-id_002dkey">ntp-keygen id-key</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">gq-params option (-G)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dgq_002dparams-8"></a>
+This is the “generate gq parameters and keys” option.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Generate parameters and keys for the GQ identification scheme,
+obsoleting any that may exist.
+<div class="node">
+<a name="ntp-keygen-host-key"></a>
+<a name="ntp_002dkeygen-host_002dkey"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-iffkey">ntp-keygen iffkey</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">host-key option (-H)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dhost_002dkey-9"></a>
+This is the “generate rsa host key” option.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Generate new host keys, obsoleting any that may exist.
+<div class="node">
+<a name="ntp-keygen-iffkey"></a>
+<a name="ntp_002dkeygen-iffkey"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-host_002dkey">ntp-keygen host-key</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">iffkey option (-I)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002diffkey-10"></a>
+This is the “generate iff parameters” option.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Generate parameters for the IFF identification scheme, obsoleting
+any that may exist.
+<div class="node">
+<a name="ntp-keygen-ident"></a>
+<a name="ntp_002dkeygen-ident"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-lifetime">ntp-keygen lifetime</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-iffkey">ntp-keygen iffkey</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">ident option (-i)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dident-11"></a>
+This is the “set autokey group name” option.
+This option takes an argument string <samp><span class="file">group</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Set the optional Autokey group name to name. This is used in
+the file name of IFF, GQ, and MV client parameters files. In
+that role, the default is the host name if this option is not
+provided. The group name, if specified using -i/–ident or
+using -s/–subject-name following an '´character, is also a
+part of the self-signed host certificate's subject and issuer
+names in the form host
+ <p>or 'server ident' configuration in ntpd's configuration file.
+<div class="node">
+<a name="ntp-keygen-lifetime"></a>
+<a name="ntp_002dkeygen-lifetime"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">lifetime option (-l)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dlifetime-12"></a>
+This is the “set certificate lifetime” option.
+This option takes an argument number <samp><span class="file">lifetime</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Set the certificate expiration to lifetime days from now.
+<div class="node">
+<a name="ntp-keygen-md5key"></a>
+<a name="ntp_002dkeygen-md5key"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-modulus">ntp-keygen modulus</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-lifetime">ntp-keygen lifetime</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">md5key option (-M)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dmd5key-13"></a>
+This is the “generate md5 keys” option.
+Generate MD5 keys, obsoleting any that may exist.
+<div class="node">
+<a name="ntp-keygen-modulus"></a>
+<a name="ntp_002dkeygen-modulus"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-pvt_002dcert">ntp-keygen pvt-cert</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">modulus option (-m)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dmodulus-14"></a>
+This is the “modulus” option.
+This option takes an argument number <samp><span class="file">modulus</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>The number of bits in the prime modulus. The default is 512.
+<div class="node">
+<a name="ntp-keygen-pvt-cert"></a>
+<a name="ntp_002dkeygen-pvt_002dcert"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-pvt_002dpasswd">ntp-keygen pvt-passwd</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-modulus">ntp-keygen modulus</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">pvt-cert option (-P)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dpvt_002dcert-15"></a>
+This is the “generate pc private certificate” option.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Generate a private certificate. By default, the program generates
+public certificates.
+<div class="node">
+<a name="ntp-keygen-pvt-passwd"></a>
+<a name="ntp_002dkeygen-pvt_002dpasswd"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-get_002dpvt_002dpasswd">ntp-keygen get-pvt-passwd</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-pvt_002dcert">ntp-keygen pvt-cert</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">pvt-passwd option (-p)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dpvt_002dpasswd-16"></a>
+This is the “output private password” option.
+This option takes an argument string <samp><span class="file">passwd</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Encrypt generated files containing private data with the specified
+password and the cipher selected with -C/–cipher.
+<div class="node">
+<a name="ntp-keygen-get-pvt-passwd"></a>
+<a name="ntp_002dkeygen-get_002dpvt_002dpasswd"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-sign_002dkey">ntp-keygen sign-key</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-pvt_002dpasswd">ntp-keygen pvt-passwd</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">get-pvt-passwd option (-q)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dget_002dpvt_002dpasswd-17"></a>
+This is the “input private password” option.
+This option takes an argument string <samp><span class="file">passwd</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Set the password for reading files to the specified password.
+<div class="node">
+<a name="ntp-keygen-sign-key"></a>
+<a name="ntp_002dkeygen-sign_002dkey"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-get_002dpvt_002dpasswd">ntp-keygen get-pvt-passwd</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">sign-key option (-S)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dsign_002dkey-18"></a>
+This is the “generate sign key (rsa or dsa)” option.
+This option takes an argument string <samp><span class="file">sign</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Generate a new sign key of the designated type, obsoleting any
+that may exist. By default, the program uses the host key as the
+sign key.
+<div class="node">
+<a name="ntp-keygen-subject-name"></a>
+<a name="ntp_002dkeygen-subject_002dname"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-trusted_002dcert">ntp-keygen trusted-cert</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-sign_002dkey">ntp-keygen sign-key</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">subject-name option (-s)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dsubject_002dname-19"></a>
+This is the “set host and optionally group name” option.
+This option takes an argument string <samp><span class="file">host@group</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Set the Autokey host name, and optionally, group name specified
+following an '´character. The host name is used in the file
+name of generated host and signing certificates, without the
+group name. The host name, and if provided, group name are used
+in host
+ <p>fields. Specifying '-s is allowed, and results in
+leaving the host name unchanged while appending
+ <p>subject and issuer fields, as with -i group. The group name, or
+if not provided, the host name are also used in the file names
+of IFF, GQ, and MV client parameter files.
+<div class="node">
+<a name="ntp-keygen-trusted-cert"></a>
+<a name="ntp_002dkeygen-trusted_002dcert"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">trusted-cert option (-T)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dtrusted_002dcert-20"></a>
+This is the “trusted certificate (tc scheme)” option.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Generate a trusted certificate. By default, the program generates
+a non-trusted certificate.
+<div class="node">
+<a name="ntp-keygen-mv-params"></a>
+<a name="ntp_002dkeygen-mv_002dparams"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-mv_002dkeys">ntp-keygen mv-keys</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-trusted_002dcert">ntp-keygen trusted-cert</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">mv-params option (-V)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dmv_002dparams-21"></a>
+This is the “generate <num> mv parameters” option.
+This option takes an argument number <samp><span class="file">num</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>Generate parameters and keys for the Mu-Varadharajan (MV)
+identification scheme.
+<div class="node">
+<a name="ntp-keygen-mv-keys"></a>
+<a name="ntp_002dkeygen-mv_002dkeys"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-config">ntp-keygen config</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">mv-keys option (-v)</h4>
+
+ <p><a name="index-ntp_002dkeygen_002dmv_002dkeys-22"></a>
+This is the “update <num> mv keys” option.
+This option takes an argument number <samp><span class="file">num</span></samp>.
+
+ <p class="noindent">This option has some usage constraints. It:
+ <ul>
+<li>must be compiled in by defining <code>AUTOKEY</code> during the compilation.
+</ul>
+
+ <p>This option has no ‘<samp><span class="samp">doc</span></samp>’ documentation.
+
+<div class="node">
+<a name="ntp-keygen-config"></a>
+<a name="ntp_002dkeygen-config"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-exit-status">ntp-keygen exit status</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-mv_002dkeys">ntp-keygen mv-keys</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">presetting/configuring ntp-keygen</h4>
+
+ <p>Any option that is not marked as <i>not presettable</i> may be preset by
+loading values from configuration ("rc" or "ini") files, and values from environment variables named <code>NTP-KEYGEN</code> and <code>NTP-KEYGEN_<OPTION_NAME></code>. <code><OPTION_NAME></code> must be one of
+the options listed above in upper case and segmented with underscores.
+The <code>NTP-KEYGEN</code> variable will be tokenized and parsed like
+the command line. The remaining variables are tested for existence and their
+values are treated like option arguments.
+
+ <p class="noindent"><code>libopts</code> will search in 2 places for configuration files:
+ <ul>
+<li>$HOME
+<li>$PWD
+</ul>
+ The environment variables <code>HOME</code>, and <code>PWD</code>
+are expanded and replaced when <samp><span class="file">ntp-keygen</span></samp> runs.
+For any of these that are plain files, they are simply processed.
+For any that are directories, then a file named <samp><span class="file">.ntprc</span></samp> is searched for
+within that directory and processed.
+
+ <p>Configuration files may be in a wide variety of formats.
+The basic format is an option name followed by a value (argument) on the
+same line. Values may be separated from the option name with a colon,
+equal sign or simply white space. Values may be continued across multiple
+lines by escaping the newline with a backslash.
+
+ <p>Multiple programs may also share the same initialization file.
+Common options are collected at the top, followed by program specific
+segments. The segments are separated by lines like:
+ <pre class="example"> [NTP-KEYGEN]
+</pre>
+ <p class="noindent">or by
+ <pre class="example"> <?program ntp-keygen>
+</pre>
+ <p class="noindent">Do not mix these styles within one configuration file.
+
+ <p>Compound values and carefully constructed string values may also be
+specified using XML syntax:
+ <pre class="example"> <option-name>
+ <sub-opt>...&lt;...&gt;...</sub-opt>
+ </option-name>
+</pre>
+ <p class="noindent">yielding an <code>option-name.sub-opt</code> string value of
+ <pre class="example"> "...<...>..."
+</pre>
+ <p><code>AutoOpts</code> does not track suboptions. You simply note that it is a
+hierarchicly valued option. <code>AutoOpts</code> does provide a means for searching
+the associated name/value pair list (see: optionFindValue).
+
+ <p>The command line options relating to configuration and/or usage help are:
+
+<h5 class="subsubheading">version (-)</h5>
+
+ <p>Print the program version to standard out, optionally with licensing
+information, then exit 0. The optional argument specifies how much licensing
+detail to provide. The default is to print just the version. The licensing infomation may be selected with an option argument. Only the
+first letter of the argument is examined:
+
+ <dl>
+<dt>‘<samp><span class="samp">version</span></samp>’<dd>Only print the version. This is the default.
+<br><dt>‘<samp><span class="samp">copyright</span></samp>’<dd>Name the copyright usage licensing terms.
+<br><dt>‘<samp><span class="samp">verbose</span></samp>’<dd>Print the full copyright usage licensing terms.
+</dl>
+
+<div class="node">
+<a name="ntp-keygen-exit-status"></a>
+<a name="ntp_002dkeygen-exit-status"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-Usage">ntp-keygen Usage</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-config">ntp-keygen config</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">ntp-keygen exit status</h4>
+
+ <p>One of the following exit values will be returned:
+ <dl>
+<dt>‘<samp><span class="samp">0 (EXIT_SUCCESS)</span></samp>’<dd>Successful program execution.
+<br><dt>‘<samp><span class="samp">1 (EXIT_FAILURE)</span></samp>’<dd>The operation failed or the command syntax was not valid.
+<br><dt>‘<samp><span class="samp">66 (EX_NOINPUT)</span></samp>’<dd>A specified configuration file could not be loaded.
+<br><dt>‘<samp><span class="samp">70 (EX_SOFTWARE)</span></samp>’<dd>libopts had an internal operational error. Please report
+it to autogen-users@lists.sourceforge.net. Thank you.
+</dl>
+ <div class="node">
+<a name="ntp-keygen-Usage"></a>
+<a name="ntp_002dkeygen-Usage"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-Notes">ntp-keygen Notes</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-exit-status">ntp-keygen exit status</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">ntp-keygen Usage</h4>
+
+ <p>The
+<code>-p</code> <code>-Ar</code> <code>-password</code> option specifies the write password and
+<code>-q</code> <code>-Ar</code> <code>-password</code> option the read password for previously encrypted files.
+The
+<code>ntp-keygen</code>
+program prompts for the password if it reads an encrypted file
+and the password is missing or incorrect.
+If an encrypted file is read successfully and
+no write password is specified, the read password is used
+as the write password by default.
+<div class="node">
+<a name="ntp-keygen-Notes"></a>
+<a name="ntp_002dkeygen-Notes"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-Bugs">ntp-keygen Bugs</a>,
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-Usage">ntp-keygen Usage</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">ntp-keygen Notes</h4>
+
+ <p>This document corresponds to version of NTP.
+Portions of this document came from FreeBSD.
+<div class="node">
+<a name="ntp-keygen-Bugs"></a>
+<a name="ntp_002dkeygen-Bugs"></a>
+<p><hr>
+Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-Notes">ntp-keygen Notes</a>,
+Up: <a rel="up" accesskey="u" href="#ntp_002dkeygen-Invocation">ntp-keygen Invocation</a>
+
+</div>
+
+<h4 class="subsection">ntp-keygen Bugs</h4>
+
+ <p>It can take quite a while to generate some cryptographic values,
+from one to several minutes with modern architectures
+such as UltraSPARC and up to tens of minutes to an hour
+with older architectures such as SPARC IPC.
+
+ <p>Please report bugs to http://bugs.ntp.org .
+
+<div class="node">
+<a name="Random-Seed-File"></a>
+<p><hr>
+Next: <a rel="next" accesskey="n" href="#Cryptographic-Data-Files">Cryptographic Data Files</a>,
+Previous: <a rel="previous" accesskey="p" href="#Running-the-Program">Running the Program</a>,
+Up: <a rel="up" accesskey="u" href="#Top">Top</a>
+
+</div>
+
+ <!-- node-name, next, previous, up -->
+<h3 class="section">Random Seed File</h3>
+
+ <p>All cryptographically sound key generation schemes must have means to
+randomize the entropy seed used to initialize the internal
+pseudo-random number generator used by the OpenSSL library routines. If
+a site supports ssh, it is very likely that means to do this are
+already available. The entropy seed used by the OpenSSL library is
+contained in a file, usually called .rnd, which must be available when
+starting the ntp-keygen program or ntpd daemon.
+
+ <p>The OpenSSL library looks for the file using the path specified by the
+RANDFILE environment variable in the user home directory, whether root
+or some other user. If the RANDFILE environment variable is not
+present, the library looks for the .rnd file in the user home
+directory. Since both the ntp-keygen program and ntpd daemon must run
+as root, the logical place to put this file is in /.rnd or /root/.rnd.
+If the file is not available or cannot be written, the program exits
+with a message to the system log.
+
+<div class="node">
+<a name="Cryptographic-Data-Files"></a>
+<p><hr>
+Previous: <a rel="previous" accesskey="p" href="#Random-Seed-File">Random Seed File</a>,
+Up: <a rel="up" accesskey="u" href="#Top">Top</a>
+
+</div>
+
+ <!-- node-name, next, previous, up -->
+<h3 class="section">Cryptographic Data Files</h3>
+
+ <p>File and link names are in the form ntpkey_key_name.fstamp, where key
+is the key or parameter type, name is the host or group name and fstamp
+is the filestamp (NTP seconds) when the file was created). By
+convention, key names in generated file names include both upper and
+lower case characters, while key names in generated link names include
+only lower case characters. The filestamp is not used in generated link
+names.
+
+ <p>The key name is a string defining the cryptographic key type. Key types
+include public/private keys host and sign, certificate cert and several
+challenge/response key types. By convention, client files used for
+challenges have a par subtype, as in the IFF challenge IFFpar, while
+server files for responses have a key subtype, as in the GQ response
+GQkey.
+
+ <p>All files begin with two nonencrypted lines. The first line contains
+the file name in the format ntpkey_key_host.fstamp. The second line
+contains the datestamp in conventional Unix date format. Lines
+beginning with # are ignored.
+
+ <p>The remainder of the file contains cryptographic data encoded first
+using ASN.1 rules, then encrypted using the DES-CBC algorithm with
+given password and finally written in PEM-encoded printable ASCII text
+preceded and followed by MIME content identifier lines.
+
+ <p>The format of the symmetric keys file, ordinarily named ntp.keys, is
+somewhat different than the other files in the interest of backward
+compatibility. Ordinarily, the file is generated by this program, but
+it can be constructed and edited using an ordinary text editor.
+
+ <pre class="example"> # ntpkey_MD5key_hms.local.3564038757
+ # Sun Dec 9 02:45:57 2012
+
+ 1 MD5 "]!ghT%O;3)WJ,/Nc:>I # MD5 key
+ 2 MD5 lu+H^tF46BKR-6~pV_5 # MD5 key
+ 3 MD5 :lnoVsE%Yz*avh%EtNC # MD5 key
+ 4 MD5 |fdZrf0sF~^V # MD5 key
+ 5 MD5 IyAG>O"y"LmCRS!*bHC # MD5 key
+ 6 MD5 ">e\A # MD5 key
+ 7 MD5 c9x=M'CfLxax9v)PV-si # MD5 key
+ 8 MD5 E|=jvFVov?Bn|Ev=&aK\ # MD5 key
+ 9 MD5 T!c4UT&`(m$+m+B6,`Q0 # MD5 key
+ 10 MD5 JVF/1=)=IFbHbJQz..Cd # MD5 key
+ 11 SHA1 6dea311109529e436c2b4fccae9bc753c16d1b48 # SHA1 key
+ 12 SHA1 7076f373d86c4848c59ff8046e49cb7d614ec394 # SHA1 key
+ 13 SHA1 5f48b1b60591eb01b7cf1d33b7774f08d20262d3 # SHA1 key
+ 14 SHA1 eed5ab9d9497319ec60cf3781d52607e76720178 # SHA1 key
+ 15 SHA1 f283562611a04c964da8126296f5f8e58c3f85de # SHA1 key
+ 16 SHA1 1930da171297dd63549af50b29449de17dcf341f # SHA1 key
+ 17 SHA1 fee892110358cd4382322b889869e750db8e8a8f # SHA1 key
+ 18 SHA1 b5520c9fadd7ad3fd8bfa061c8821b65d029bb37 # SHA1 key
+ 19 SHA1 8c74fb440ec80f453ec6aaa62b9baed0ab723b92 # SHA1 key
+ 20 SHA1 6bc05f734306a189326000970c19b3910f403795 # SHA1 key
+</pre>
+ <p>Figure 1. Typical Symmetric Key File
+
+ <p>Figure 1 shows a typical symmetric keys file used by the reference
+implementation. Each line of the file contains three fields, first an
+integer between 1 and 65534, inclusive, representing the key identifier
+used in the server and peer configuration commands. Next is the key
+type for the message digest algorithm, which in the absence of the
+OpenSSL library must be MD5 to designate the MD5 message digest
+algorithm. If the OpenSSL library is installed, the key type can be any
+message digest algorithm supported by that library. However, if
+compatibility with FIPS 140-2 is required, the key type must be either
+SHA or SHA1. The key type can be changed using an ASCII text editor.
+
+ <p>An MD5 key consists of a printable ASCII string less than or equal to
+16 characters and terminated by whitespace or a # character. An OpenSSL
+key consists of a hex-encoded ASCII string of 40 characters, which is
+truncated as necessary.
+
+ <p>Note that the keys used by the ntpq and ntpdc programs are checked
+against passwords requested by the programs and entered by hand, so it
+is generally appropriate to specify these keys in human readable ASCII
+format.
+
+ <p>The <code>ntp-keygen</code> program generates a MD5 symmetric keys file
+<code>ntpkey_MD5key_hostname.filestamp</code>. Since the file contains private
+shared keys, it should be visible only to root and distributed by
+secure means to other subnet hosts. The NTP daemon loads the file
+<code>ntp.keys</code>, so <code>ntp-keygen</code> installs a soft link from this name to the
+generated file. Subsequently, similar soft links must be installed by
+manual or automated means on the other subnet hosts. While this file is
+not used with the Autokey Version 2 protocol, it is needed to
+authenticate some remote configuration commands used by the <code>ntpq</code> and
+<code>ntpdc</code> utilities.
+
+</body></html>
+
--- /dev/null
+\input texinfo @c -*-texinfo-*-
+@c %**start of header
+@setfilename ntp-keygen.info
+@settitle Ntp-keygen User's Manual
+@include ../sntp/include/version.texi
+@paragraphindent 2
+@c %**end of header
+
+@ifinfo
+This file documents the use of the NTP Project's @code{ntp-keygen}
+program, which generates various keys for @code{ntpd},
+@end ifinfo
+
+@direntry
+* ntp-keygen: (ntp-keygen). NTP Key Generation
+@end direntry
+
+@titlepage
+@title NTP Key Generation User's Manual
+@subtitle ntp-keygen, version @value{VERSION}, @value{UPDATED}
+@c @author Max @email{foo@ntp.org}
+@end titlepage
+
+@c @page
+@c @vskip 0pt plus 1filll
+
+@shortcontents
+
+@menu
+* Description::
+* ntp-keygen Invocation:: Invoking ntp-keygen
+* Running the Program::
+* Random Seed File::
+* Cryptographic Data Files::
+@end menu
+
+@node Top, Description, (dir), (dir)
+@top NTP Key Generation Program User Manual
+
+This document describes the use of the NTP Project's @code{ntp-keygen}
+program, that generates cryptographic data files used by the NTPv4
+authentication and identity schemes.
+It can generate message digest
+keys used in symmetric key cryptography and, if the OpenSSL software
+library has been installed, it can generate host keys, sign keys,
+certificates, and identity keys and parameters used by the Autokey
+public key cryptography.
+The message digest keys file is generated in a
+format compatible with NTPv3.
+All other files are in PEM-encoded
+printable ASCII format so they can be embedded as MIME attachments in
+mail to other sites.
+
+This document applies to version @value{VERSION} of @code{ntp-keygen}.
+
+@node Description, Running the Program, Top, Top
+@comment node-name, next, previous, up
+@section Description
+
+This program generates cryptographic data files used by the NTPv4
+authentication and identity schemes. It can generate message digest
+keys used in symmetric key cryptography and, if the OpenSSL software
+library has been installed, it can generate host keys, sign keys,
+certificates, and identity keys and parameters used by the Autokey
+public key cryptography. The message digest keys file is generated in a
+format compatible with NTPv3. All other files are in PEM-encoded
+printable ASCII format so they can be embedded as MIME attachments in
+mail to other sites.
+
+When used to generate message digest keys, the program produces a file
+containing ten pseudo-random printable ASCII strings suitable for the
+MD5 message digest algorithm included in the distribution. If the
+OpenSSL library is installed, it produces an additional ten hex-encoded
+random bit strings suitable for the SHA1 and other message digest
+algorithms. The message digest keys file must be distributed and stored
+using secure means beyond the scope of NTP itself. Besides the keys
+used for ordinary NTP associations, additional keys can be defined as
+passwords for the ntpq and ntpdc utility programs.
+
+The remaining generated files are compatible with other OpenSSL
+applications and other Public Key Infrastructure (PKI) resources.
+Certificates generated by this program are compatible with extant
+industry practice, although some users might find the interpretation of
+X509v3 extension fields somewhat liberal. However, the identity keys
+are probably not compatible with anything other than Autokey.
+
+Some files used by this program are encrypted using a private password.
+The -p option specifies the password for local encrypted files and the
+-q option the password for encrypted files sent to remote sites. If no
+password is specified, the host name returned by the Unix gethostname()
+function, normally the DNS name of the host, is used.
+
+The pw option of the crypto configuration command specifies the read
+password for previously encrypted local files. This must match the
+local password used by this program. If not specified, the host name is
+used. Thus, if files are generated by this program without password,
+they can be read back by ntpd without password, but only on the same
+host.
+
+Normally, encrypted files for each host are generated by that host and
+used only by that host, although exceptions exist as noted later on
+this page. The symmetric keys file, normally called ntp.keys, is
+usually installed in /etc. Other files and links are usually installed
+in /usr/local/etc, which is normally in a shared filesystem in
+NFS-mounted networks and cannot be changed by shared clients. The
+location of the keys directory can be changed by the keysdir
+configuration command in such cases. Normally, this is in /etc.
+
+This program directs commentary and error messages to the standard
+error stream stderr and remote files to the standard output stream
+stdout where they can be piped to other applications or redirected to
+files. The names used for generated files and links all begin with the
+string ntpkey and include the file type, generating host and filestamp,
+as described in the Cryptographic Data Files section below.
+
+@node Running the Program, Random Seed File, Description, Top
+@comment node-name, next, previous, up
+@section Running the Program
+
+To test and gain experience with Autokey concepts, log in as root and
+change to the keys directory, usually /usr/local/etc. When run for the
+first time, or if all files with names beginning ntpkey have been
+removed, use the ntp-keygen command without arguments to generate a
+default RSA host key and matching RSA-MD5 certificate with expiration
+date one year hence. If run again without options, the program uses the
+existing keys and parameters and generates only a new certificate with
+new expiration date one year hence.
+
+Run the command on as many hosts as necessary. Designate one of them as
+the trusted host (TH) using ntp-keygen with the -T option and configure
+it to synchronize from reliable Internet servers. Then configure the
+other hosts to synchronize to the TH directly or indirectly. A
+certificate trail is created when Autokey asks the immediately
+ascendant host towards the TH to sign its certificate, which is then
+provided to the immediately descendant host on request. All group hosts
+should have acyclic certificate trails ending on the TH.
+
+The host key is used to encrypt the cookie when required and so must be
+RSA type. By default, the host key is also the sign key used to encrypt
+signatures. A different sign key can be assigned using the -S option
+and this can be either RSA or DSA type. By default, the signature
+message digest type is MD5, but any combination of sign key type and
+message digest type supported by the OpenSSL library can be specified
+using the -c option.
+
+The rules say cryptographic media should be generated with proventic
+filestamps, which means the host should already be synchronized before
+this program is run. This of course creates a chicken-and-egg problem
+when the host is started for the first time. Accordingly, the host time
+should be set by some other means, such as eyeball-and-wristwatch, at
+least so that the certificate lifetime is within the current year.
+After that and when the host is synchronized to a proventic source, the
+certificate should be re-generated.
+
+Additional information on trusted groups and identity schemes is on the
+Autokey Public-Key Authentication
+page.
+
+@include invoke-ntp-keygen.texi
+
+@node Random Seed File, Cryptographic Data Files, Running the Program, Top
+@comment node-name, next, previous, up
+@section Random Seed File
+
+All cryptographically sound key generation schemes must have means to
+randomize the entropy seed used to initialize the internal
+pseudo-random number generator used by the OpenSSL library routines. If
+a site supports ssh, it is very likely that means to do this are
+already available. The entropy seed used by the OpenSSL library is
+contained in a file, usually called .rnd, which must be available when
+starting the ntp-keygen program or ntpd daemon.
+
+The OpenSSL library looks for the file using the path specified by the
+RANDFILE environment variable in the user home directory, whether root
+or some other user. If the RANDFILE environment variable is not
+present, the library looks for the .rnd file in the user home
+directory. Since both the ntp-keygen program and ntpd daemon must run
+as root, the logical place to put this file is in /.rnd or /root/.rnd.
+If the file is not available or cannot be written, the program exits
+with a message to the system log.
+
+@node Cryptographic Data Files, , Random Seed File, Top
+@comment node-name, next, previous, up
+@section Cryptographic Data Files
+
+File and link names are in the form ntpkey_key_name.fstamp, where key
+is the key or parameter type, name is the host or group name and fstamp
+is the filestamp (NTP seconds) when the file was created). By
+convention, key names in generated file names include both upper and
+lower case characters, while key names in generated link names include
+only lower case characters. The filestamp is not used in generated link
+names.
+
+The key name is a string defining the cryptographic key type. Key types
+include public/private keys host and sign, certificate cert and several
+challenge/response key types. By convention, client files used for
+challenges have a par subtype, as in the IFF challenge IFFpar, while
+server files for responses have a key subtype, as in the GQ response
+GQkey.
+
+All files begin with two nonencrypted lines. The first line contains
+the file name in the format ntpkey_key_host.fstamp. The second line
+contains the datestamp in conventional Unix date format. Lines
+beginning with # are ignored.
+
+The remainder of the file contains cryptographic data encoded first
+using ASN.1 rules, then encrypted using the DES-CBC algorithm with
+given password and finally written in PEM-encoded printable ASCII text
+preceded and followed by MIME content identifier lines.
+
+The format of the symmetric keys file, ordinarily named ntp.keys, is
+somewhat different than the other files in the interest of backward
+compatibility. Ordinarily, the file is generated by this program, but
+it can be constructed and edited using an ordinary text editor.
+
+@example
+# ntpkey_MD5key_hms.local.3564038757
+# Sun Dec 9 02:45:57 2012
+
+ 1 MD5 "]!ghT%O;3)WJ,/Nc:>I # MD5 key
+ 2 MD5 lu+H^tF46BKR-6~p{V_5 # MD5 key
+ 3 MD5 :lnoVsE%Y}z*avh%EtNC # MD5 key
+ 4 MD5 |fdZrf0sF~@PHZ;w-i^V # MD5 key
+ 5 MD5 IyAG>O"}y"LmCRS!*bHC # MD5 key
+ 6 MD5 ">e\A@>hT/661ri52,,H # MD5 key
+ 7 MD5 c9x=M'CfLxax9v)PV-si # MD5 key
+ 8 MD5 E|=jvFVov?Bn|Ev=&aK\ # MD5 key
+ 9 MD5 T!c4UT&`(m$+m+B6,`Q0 # MD5 key
+10 MD5 JVF/1=)=IFbHbJQz..Cd # MD5 key
+11 SHA1 6dea311109529e436c2b4fccae9bc753c16d1b48 # SHA1 key
+12 SHA1 7076f373d86c4848c59ff8046e49cb7d614ec394 # SHA1 key
+13 SHA1 5f48b1b60591eb01b7cf1d33b7774f08d20262d3 # SHA1 key
+14 SHA1 eed5ab9d9497319ec60cf3781d52607e76720178 # SHA1 key
+15 SHA1 f283562611a04c964da8126296f5f8e58c3f85de # SHA1 key
+16 SHA1 1930da171297dd63549af50b29449de17dcf341f # SHA1 key
+17 SHA1 fee892110358cd4382322b889869e750db8e8a8f # SHA1 key
+18 SHA1 b5520c9fadd7ad3fd8bfa061c8821b65d029bb37 # SHA1 key
+19 SHA1 8c74fb440ec80f453ec6aaa62b9baed0ab723b92 # SHA1 key
+20 SHA1 6bc05f734306a189326000970c19b3910f403795 # SHA1 key
+@end example
+
+ Figure 1. Typical Symmetric Key File
+
+Figure 1 shows a typical symmetric keys file used by the reference
+implementation. Each line of the file contains three fields, first an
+integer between 1 and 65534, inclusive, representing the key identifier
+used in the server and peer configuration commands. Next is the key
+type for the message digest algorithm, which in the absence of the
+OpenSSL library must be MD5 to designate the MD5 message digest
+algorithm. If the OpenSSL library is installed, the key type can be any
+message digest algorithm supported by that library. However, if
+compatibility with FIPS 140-2 is required, the key type must be either
+SHA or SHA1. The key type can be changed using an ASCII text editor.
+
+An MD5 key consists of a printable ASCII string less than or equal to
+16 characters and terminated by whitespace or a # character. An OpenSSL
+key consists of a hex-encoded ASCII string of 40 characters, which is
+truncated as necessary.
+
+Note that the keys used by the ntpq and ntpdc programs are checked
+against passwords requested by the programs and entered by hand, so it
+is generally appropriate to specify these keys in human readable ASCII
+format.
+
+The @code{ntp-keygen} program generates a MD5 symmetric keys file
+@code{ntpkey_MD5key_hostname.filestamp}. Since the file contains private
+shared keys, it should be visible only to root and distributed by
+secure means to other subnet hosts. The NTP daemon loads the file
+@code{ntp.keys}, so @code{ntp-keygen} installs a soft link from this name to the
+generated file. Subsequently, similar soft links must be installed by
+manual or automated means on the other subnet hosts. While this file is
+not used with the Autokey Version 2 protocol, it is needed to
+authenticate some remote configuration commands used by the @code{ntpq} and
+@code{ntpdc} utilities.
projects / thirdparty / ntp.git / commitdiff
