</head>
<body>
<h1 class="settitle">ntpq: Network Time Protocol Query User's Manual</h1>
- <div class="shortcontents">
+
<div class="shortcontents">
<h2>Short Contents</h2>
<ul>
-<a href="#Top">Top</a>
<a href="#Top">ntpq: Network Time Protocol Query User Manual</a>
</ul>
</div>
<div class="node">
- <a name="Top"></a>
<p><hr>
- Next: <a rel="next" accesskey="n" href="#ntpq-Description">ntpq Description</a>,
- Previous: <a rel="previous" accesskey="p" href="#dir">(dir)</a>,
- Up: <a rel="up" accesskey="u" href="#dir">(dir)</a>
-
+ <a name="Top"></a>Up: <a rel="up" accesskey="u" href="#dir">(dir)</a>
+ <br>
</div>
-<h2 class="unnumbered">Top</h2>
+<h2 class="unnumbered">ntpq: Network Time Protocol Query User Manual</h2>
+
+<p>The <code>ntpq</code> utility program is used to
+monitor the operational status
+and determine the performance of
+<code>ntpd</code>, the NTP daemon.
+
+ <p>This document applies to version 4.2.7p337 of <code>ntpq</code>.
<ul class="menu">
<li><a accesskey="1" href="#ntpq-Description">ntpq Description</a>
</td><td valign="top" width="23%"><code>/usr/local/etc</code>
</td><td valign="top" width="5%"><code>-k</code>
</td><td valign="top" width="15%"><code>keysdir</code>
+<br></td></tr></table>
<div class="node">
- <a name="Internal-Commands"></a>
<p><hr>
- Next: <a rel="next" accesskey="n" href="#Control-Message-Commands">Control Message Commands</a>,
+
<a name="Internal-Commands"></a>Next: <a rel="next" accesskey="n" href="#Control-Message-Commands">Control Message Commands</a>,
Previous: <a rel="previous" accesskey="p" href="#Usage">Usage</a>,
Up: <a rel="up" accesskey="u" href="#Top">Top</a>
-
+ <br>
</div>
- <!-- node-name, next, previous, up -->
+ <!-- node-name, next, previous, up -->
<h3 class="section">Internal Commands</h3>
- <p>Interactive format commands consist of a keyword followed by zero to four arguments. Only enough characters of the full keyword to uniquely identify the command need be typed. The output of a command is normally sent to the standard output, but optionally the output of individual commands may be sent to a file by appending a <code>></code>, followed by a file name, to the command line. A number of interactive format commands are executed entirely within the <code>ntpq</code> program itself and do not result in NTP mode-6 requests being sent to a server. These are described following.
+
<p>Interactive format commands consist of a keyword followed by zero to four arguments. Only enough characters of the full keyword to uniquely identify the command need be typed. The output of a command is normally sent to the standard output, but optionally the output of individual commands may be sent to a file by appending a <code>></code>, followed by a file name, to the command line. A number of interactive format commands are executed entirely within the <code>ntpq</code> program itself and do not result in NTP mode-6 requests being sent to a server. These are described following.
- <dl>
- <dt><code><a name="help"></a>? [</code><kbd>command_keyword</kbd><code>]</code><dt><code>help [</code><kbd>command_keyword</kbd><code>]</code><dd>A <code>?</code> by itself will print a list of all the command keywords known to <code>ntpq</code>. A <code>?</code> followed by a command keyword will print function and usage information about the command.
+ <dt><code><a name="help"></a> ? [</code><kbd>command_keyword</kbd><code><dt>help [</code><kbd>command_keyword</kbd><code>]<dd>A ? by itself will print a list of all the command keywords known to ntpq. A ? followed by a command keyword will print function and usage information about the command.
- <br><dt><code><a name="addvars"></a>>addvars </code><kbd>name</kbd><code> [ = </code><kbd>value</kbd><code>] [...]</code><dt><code>rmvars </code><kbd>name</kbd><code> [...]</code><dt><code>clearvars</dt></code><dd>The arguments to these commands consist of a list of items of the form
- <kbd>name</kbd><code> = </code><kbd>value</kbd>, where the <code>= </code><kbd>value</kbd> is ignored,
+ <br><dt><a name="addvars"></a> >addvars </code><kbd>name</kbd><code> [ = </code><kbd>value</kbd><code>] [...]<dt>rmvars </code><kbd>name</kbd><code> [...]<dt>clearvars</dt><dd>The arguments to these commands consist of a list of items of the form
+ </code><kbd>name</kbd><code> = </code><kbd>value</kbd><code>, where the = </code><kbd>value</kbd><code> is ignored,
and can be omitted in read requests.
-ntpq maintains an internal list in which data to be included
-in control messages can be assembled, and sent using the readlist
-and writelist commands described below.
-The addvars command allows variables and optional values
+<code>ntpq</code> maintains an internal list in which data to be included
+in control messages can be assembled, and sent using the <code>readlist</code>
+and <code>writelist</code> commands described below.
+The <code>addvars</code> command allows variables and optional values
to be added to the list.
If more than one variable is to be added
the list should be comma-separated and not contain white space.
-The rmvars command can be used to remove individual variables
+The <code>rmvars</code> command can be used to remove individual variables
from the list,
-while the clearlist command removes all variables from the list.
+while the <code>clearlist</code> command removes all variables from the list.
- <br><dt><code><a name="cooked"></a>cooked</code><dd>Display server messages in prettyprint format.
+ <br><dt><a name="cooked"></a> cooked<dd>Display server messages in prettyprint format.
-
+ <br><dt><a name="debug"></a> debug more | less | off<dd>Turns internal query program debugging on and off.
-
+ <br><dt><a name="delay"></a> delay </code><kbd>milliseconds</kbd><code><dd>Specify a time interval to be added to timestamps included in requests which require authentication. This is used to enable (unreliable) server reconfiguration over long delay network paths or between machines whose clocks are unsynchronized. Actually the server does not now require timestamps in authenticated requests, so this command may be obsolete.
- <br><dt><code><a name="debug"></a>debug more | less | off</code><dd>Turns internal query program debugging on and off.
-
- <br><dt><code><a name="delay"></a>delay </code><kbd>milliseconds</kbd><dd>Specify a time interval to be added to timestamps included in requests which require authentication. This is used to enable (unreliable) server reconfiguration over long delay network paths or between machines whose clocks are unsynchronized. Actually the server does not now require timestamps in authenticated requests, so this command may be obsolete.
-
- <br><dt><code><a name="host"></a>host </code><kbd>name</kbd><dd>Set the host to which future queries will be sent.
+ <br><dt><a name="host"></a> host </code><kbd>name</kbd><code><dd>Set the host to which future queries will be sent.
The name may be either a DNS name or a numeric address.
- <br><dt><code><a name="hostnames"></a>hostnames [yes | no]</code><dd>If <code>yes</code> is specified, host names are printed in information displays.
- If <code>no</code> is specified, numeric addresses are printed instead.
- The default is <code>yes</code>,
- unless modified using the command line <code>-n</code> switch.
+ <br><dt><a name="hostnames"></a> hostnames [yes | no]<dd>If yes is specified, host names are printed in information displays.
+ If no is specified, numeric addresses are printed instead.
+ The default is yes,
+ unless modified using the command line -n switch.
- <br><dt><code><a name="keyid"></a>keyid </code><kbd>keyid</kbd><dd>This command specifies the key number to be used
+ <br><dt><a name="keyid"></a> keyid </code><kbd>keyid</kbd><code><dd>This command specifies the key number to be used
to authenticate configuration requests.
-This must correspond to a key ID configured in ntp.conf for this purpose.
+This must correspond to a key ID configured in <code>ntp.conf</code> for this purpose.
- <br><dt><code><a name="keytype"></a>keytype</code><dd>Specify the digest algorithm to use for authenticated requests,
- with default <code>MD5</code>.
+ <br><dt><a name="keytype"></a> keytype<dd>Specify the digest algorithm to use for authenticated requests,
+ with default MD5.
If the OpenSSL library is installed,
digest can be be any message digest algorithm supported by the library.
-The current selections are: MD2, MD4, MD5, MDC2, RIPEMD160, SHA and SHA1.
+The current selections are: <code>MD2</code>, <code>MD4</code>, <code>MD5</code>, <code>MDC2</code>, <code>RIPEMD160</code>, <code>SHA</code> and <code>SHA1</code>.
- <br><dt><code><a name="ntpversion"></a>ntpversion 1 | 2 | 3 | 4</code><dd>Sets the NTP version number which <code>ntpq</code> claims in packets.
+ <br><dt><a name="ntpversion"></a> ntpversion 1 | 2 | 3 | 4<dd>Sets the NTP version number which ntpq claims in packets.
Defaults to 2.
Note that mode-6 control messages (and modes, for that matter)
didn't exist in NTP version 1.
- <br><dt><code><a name="passwd"></a>passwd</code><dd>This command prompts for a password to authenticate requests.
- The password must correspond to the key ID configured in <code>ntp.conf</code> for this purpose.
+ <br><dt><a name="passwd"></a> passwd<dd>This command prompts for a password to authenticate requests.
+ The password must correspond to the key ID configured in ntp.conf for this purpose.
- <br><dt><code><a name="quit"></a>quit</code><dd>Exit <code>ntpq</code>.
+ <br><dt><a name="quit"></a> quit<dd>Exit ntpq.
- <br><dt><code><a name="raw"></a>raw</code><dd>Display server messages as received and without reformatting.
+ <br><dt><a name="raw"></a> raw<dd>Display server messages as received and without reformatting.
- <br><dt><code><a name="timeout"></a>timeout </code><kbd>millseconds</kbd><dd>Specify a timeout period for responses to server queries.
+ <br><dt><a name="timeout"></a> timeout </code><kbd>millseconds</kbd><code><dd>Specify a timeout period for responses to server queries.
The default is about 5000 milliseconds.
-Note that since ntpq retries each query once after a timeout
+Note that since <code>ntpq</code> retries each query once after a timeout
the total waiting time for a timeout will be twice the timeout value set.
- </dl>
-
- <div class="node">
- <a name="Control-Message-Commands"></a>
+ </dl>
+ <p></code><div class="node">
<p><hr>
- Next: <a rel="next" accesskey="n" href="#Status-Words-and-Kiss-Codes">Status Words and Kiss Codes</a>,
+
<a name="Control-Message-Commands"></a>Next: <a rel="next" accesskey="n" href="#Status-Words-and-Kiss-Codes">Status Words and Kiss Codes</a>,
Previous: <a rel="previous" accesskey="p" href="#Internal-Commands">Internal Commands</a>,
Up: <a rel="up" accesskey="u" href="#Top">Top</a>
-
+ <br>
</div>
- <!-- node-name, next, previous, up -->
+ <!-- node-name, next, previous, up -->
<h3 class="section">Control Message Commands</h3>
- <p>Association IDs are used to identify system, peer and clock variables.
+
<p>Association IDs are used to identify system, peer and clock variables.
System variables are assigned an association ID of zero and system name space,
while each association is assigned a nonzero association ID and peer namespace.
Most control commands send a single mode-6 message to the server
<dt><code>associations</code><dd>Display a list of mobilized associations in the form:
<br>
<code>ind assid status conf reach auth condition last_event cnt</code>
+ </dl>
+ <p><br></td></tr><tr align="left"><th valign="top" width="23%">Variable </th><th valign="top" width="23%">Description
- <p><table summary=""><tr align="left"><th valign="top" width="10%">Variable </th><th valign="top" width="40%">Description
-
- <p><br></th></tr><tr align="left"><td valign="top" width="10%"><code>ind</code>
- </td><td valign="top" width="40%">index on this list
+ <p><br></th></tr><tr align="left"><td valign="top" width="23%"><code>ind</code>
+ </td><td valign="top" width="23%">index on this list
- <p><br></td></tr><tr align="left"><td valign="top" width="10%"><code>assid</code>
- </td><td valign="top" width="40%">association ID
+ <p><br></td></tr><tr align="left"><td valign="top" width="23%"><code>assid</code>
+ </td><td valign="top" width="23%">association ID
- <p><br></td></tr><tr align="left"><td valign="top" width="10%"><code>status</code>
- </td><td valign="top" width="
40%"><a href="decode.html#peer">peer status word</a>
+ <p><br></td></tr><tr align="left"><td valign="top" width="23%"><code>status</code>
+ </td><td valign="top" width="
23%"><a href="decode.html#peer">peer status word</a>
- <p><br></td></tr><tr align="left"><td valign="top" width="10%"><code>conf</code>
- </td><td valign="top" width="40%"><code>yes</code>: persistent, <code>no</code>: ephemeral
+ <p><br></td></tr><tr align="left"><td valign="top" width="23%"><code>conf</code>
+ </td><td valign="top" width="23%"><code>yes</code>: persistent, <code>no</code>: ephemeral
- <p><br></td></tr><tr align="left"><td valign="top" width="10%"><code>reach</code>
- </td><td valign="top" width="40%"><code>yes</code>: reachable, <code>no</code>: unreachable
+ <p><br></td></tr><tr align="left"><td valign="top" width="23%"><code>reach</code>
+ </td><td valign="top" width="23%"><code>yes</code>: reachable, <code>no</code>: unreachable
- <p><br></td></tr><tr align="left"><td valign="top" width="10%"><code>auth</code>
- </td><td valign="top" width="40%"><code>ok</code>, <code>yes</code>, <code>bad</code> and <code>none</code>
++<p><br></td></tr><tr align="left"><td valign="top" width="23%"><code>auth</code>
++</td><td valign="top" width="23%"><code>ok</code>, <code>yes</code>, <code>bad</code> and <code>none</code>
+ <p><br></td></tr><tr align="left"><td valign="top" width="23%"><code>auth</code>
+ </td><td valign="top" width="23%"><code>ok</code>, <code>yes</code>, <code>bad</code> and <code>none</code>
- <p><br></td></tr><tr align="left"><td valign="top" width="10%"><code>condition</code>
- </td><td valign="top" width="
40%">selection status (see the <code>select</code> field of the <a href="decode.html#peer">peer status word</a>)
+ <p><br></td></tr><tr align="left"><td valign="top" width="23%"><code>condition</code>
+ </td><td valign="top" width="
23%">selection status (see the <code>select</code> field of the <a href="decode.html#peer">peer status word</a>)
- <p><br></td></tr><tr align="left"><td valign="top" width="10%"><code>last_event</code>
- </td><td valign="top" width="
40%">event report (see the <code>event</code> field of the <a href="decode.html#peer">peer status word</a>)
+ <p><br></td></tr><tr align="left"><td valign="top" width="23%"><code>last_event</code>
+ </td><td valign="top" width="
23%">event report (see the <code>event</code> field of the <a href="decode.html#peer">peer status word</a>)
- <p><br></td></tr><tr align="left"><td valign="top" width="10%"><code>cnt</code>
+ <p><br></td></tr><tr align="left"><td valign="top" width="23%"><code>cnt</code>
event count (see the <code>count</code> field of the <a href="decode.html#peer">peer status word</a>)
- <br></td></tr></table>
+ <br></td></tr></table>
- <br><dt><code><a name="cv"></a>clockvar </code><kbd>assocID</kbd><code> [</code><kbd>name</kbd><code> [ = </code><kbd>value</kbd><code> [...]] [...]]</code><dt><code>cv </code><kbd>assocID</kbd><code> [</code><kbd>name</kbd><code> [ = </code><kbd>value</kbd><code> [...] ][...]]</code><dd>Display a list of <a href="#clock">clock variables</a> for those associations supporting a reference clock.
+ <p><a name="cv"></a> clockvar <kbd>assocID</kbd> [<kbd>name</kbd> [ = <kbd>value</kbd> [...]] [...]]
+ cv <kbd>assocID</kbd> [<kbd>name</kbd> [ = <kbd>value</kbd> [...] ][...]]
+ Display a list of See <a href="#clock">clock variables</a> for those associations supporting a reference clock.
- <br><dt><code><a name="g_t_003aconfig"></a>:config [...]</code><dd>Send the remainder of the command line, including whitespace, to the server
+ <p><a name="_003aconfig"></a> :config [...]
+ Send the remainder of the command line, including whitespace, to the server
as a run-time configuration command in the same format
as the configuration file.
This command is experimental until further notice and clarification.
printable ASCII format so they can be embedded as MIME attachments in
mail to other sites.
- <p>This document applies to version 4.2.7p337 of <code>ntp-keygen</code>.
+ <p>This document applies to version 4.2.7p338 of <code>ntp-keygen</code>.
<div class="node">
+<a name="Description"></a>
<p><hr>
-
<a name="Description"></a>Next: <a rel="next" accesskey="n" href="#Running-the-Program">Running the Program</a>,
+Next: <a rel="next" accesskey="n" href="#Running-the-Program">Running the Program</a>,
Previous: <a rel="previous" accesskey="p" href="#Top">Top</a>,
Up: <a rel="up" accesskey="u" href="#Top">Top</a>
-<br>
+
</div>
<!-- node-name, next, previous, up -->
string
<code>ntpkey</code> and include the file type, generating host and filestamp,
as described in the
- “Cryptographic Data Files”
+ Cryptographic Data Files
section below.
<div class="node">
-<p><hr>
<a name="Running"></a>
-<br>
+<p><hr>
+
+
</div>
<h3 class="section">Running</h3>
<code>DSA-SHA1</code>. Note that RSA schemes must be used with a RSA sign key and DSA
schemes must be used with a DSA sign key.
The default without this option is
-<code>RSA-MD5</code>. <br><dt><span class="samp">Fl</span><dd>Enable debugging.
+<code>RSA-MD5</code>. <br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Enable debugging.
This option displays the cryptographic data produced in eye-friendly billboards.
-<br><dt><span class="samp">Fl</span><dd>Write the IFF client keys to the standard output.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Write the IFF client keys to the standard output.
This is intended for automatic key distribution by mail.
-<br><dt><span class="samp">Fl</span><dd>Generate parameters and keys for the GQ identification scheme,
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate parameters and keys for the GQ identification scheme,
obsoleting any that may exist.
-<br><dt><span class="samp">Fl</span><dd>Generate keys for the GQ identification scheme
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate keys for the GQ identification scheme
using the existing GQ parameters.
If the GQ parameters do not yet exist, create them first.
-<br><dt><span class="samp">Fl</span><dd>Generate new host keys, obsoleting any that may exist.
-<br><dt><span class="samp">Fl</span><dd>Generate parameters for the IFF identification scheme,
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate new host keys, obsoleting any that may exist.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate parameters for the IFF identification scheme,
obsoleting any that may exist.
- <br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Set the suject name to
+ <br><dt><span class="samp">Fl</span><dd>Set the suject name to
<code>name</code>. This is used as the subject field in certificates
and in the file name for host and sign keys.
-<br><dt><span class="samp">Fl</span><dd>Generate MD5 keys, obsoleting any that may exist.
-<br><dt><span class="samp">Fl</span><dd>Generate a private certificate.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate MD5 keys, obsoleting any that may exist.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate a private certificate.
By default, the program generates public certificates.
- <br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Encrypt generated files containing private data with
+ <br><dt><span class="samp">Fl</span><dd>Encrypt generated files containing private data with
<code>password</code> and the DES-CBC algorithm.
- <br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Set the password for reading files to password.
- <br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate a new sign key of the designated type,
+ <br><dt><span class="samp">Fl</span><dd>Set the password for reading files to password.
+ <br><dt><span class="samp">Fl</span><dd>Generate a new sign key of the designated type,
obsoleting any that may exist.
By default, the program uses the host key as the sign key.
- <br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Set the issuer name to
+ <br><dt><span class="samp">Fl</span><dd>Set the issuer name to
<code>name</code>. This is used for the issuer field in certificates
and in the file name for identity files.
-<br><dt><span class="samp">Fl</span><dd>Generate a trusted certificate.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate a trusted certificate.
By default, the program generates a non-trusted certificate.
-<br><dt><span class="samp">Fl</span><dd>Generate parameters and keys for the Mu-Varadharajan (MV) identification scheme.
+<br><dt>‘<samp><span class="samp">Fl</span></samp>’<dd>Generate parameters and keys for the Mu-Varadharajan (MV) identification scheme.
<div class="node">
-<p><hr>
<a name="Random"></a>
-<br>
+<p><hr>
+
+
</div>
<h3 class="section">Random</h3>
equivalent to "<code>-C des-ede3-cbc". The openssl tool lists ciphers
available in "openssl -h" output.
</code><div class="node">
- <a name="ntp-keygen-id-key"></a>
- <a name="ntp_002dkeygen-id_002dkey"></a>
<p><hr>
-
<a name="ntp_002dkeygen-id_002dkey"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>,
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-gq_002dparams">ntp-keygen gq-params</a>,
Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-cipher">ntp-keygen cipher</a>,
Up: <a rel="up" accesskey="u" href="#Cryptographic">Cryptographic</a>
-<br>
+
</div>
<h4 class="subsection">id-key option (-e)</h4>
<p>'crypto ident' or 'server ident' configuration in
ntpd's configuration file.
</code><div class="node">
- <a name="ntp-keygen-lifetime"></a>
- <a name="ntp_002dkeygen-lifetime"></a>
<p><hr>
-
<a name="ntp_002dkeygen-lifetime"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>,
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-md5key">ntp-keygen md5key</a>,
Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-ident">ntp-keygen ident</a>,
Up: <a rel="up" accesskey="u" href="#Cryptographic">Cryptographic</a>
-<br>
+
</div>
<h4 class="subsection">lifetime option (-l)</h4>
if not provided, the host name are also used in the file names
of IFF, GQ, and MV client parameter files.
</code><div class="node">
- <a name="ntp-keygen-trusted-cert"></a>
- <a name="ntp_002dkeygen-trusted_002dcert"></a>
<p><hr>
-
<a name="ntp_002dkeygen-trusted_002dcert"></a>Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>,
+Next: <a rel="next" accesskey="n" href="#ntp_002dkeygen-mv_002dparams">ntp-keygen mv-params</a>,
Previous: <a rel="previous" accesskey="p" href="#ntp_002dkeygen-subject_002dname">ntp-keygen subject-name</a>,
Up: <a rel="up" accesskey="u" href="#Cryptographic">Cryptographic</a>
-<br>
+
</div>
<h4 class="subsection">trusted-cert option (-T)</h4>
projects / thirdparty / ntp.git / commitdiff
