From: Harlan Stenn Date: Sun, 7 Jan 2024 08:46:19 +0000 (-0800) Subject: Makefile.am: X-Git-Tag: NTP_4_2_8P18_RC1~20^2^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=608f4c26b7d59c1cd70b528dcac66d1998d9b40e;p=thirdparty%2Fntp.git Makefile.am: Added util/lsf-times Many files: Update copyright year to 2024 bk: 659a64dbAcZW0TuDul-Z6DJt22F-6w --- diff --git a/ChangeLog b/ChangeLog index 25f5ad5a0..86fe3aa1e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -41,9 +41,11 @@ is disabled. * [Bug 3825] Don't touch HTML files unless building inside a BK repo. Fix the script checkHtmlFileDates. +* Update the copyright year. * Update ntp.conf documentation to add "delrestrict" and correct information about KoD rate limiting. * html/clockopt.html cleanup. +* util/lsf-times - added. * Add DSA, DSA-SHA, and SHA to tests/libntp/digests.c. * Provide ntpd thread names to debugger on Windows. * Remove dead code libntp/numtohost.c and its unit tests. diff --git a/html/copyright.html b/html/copyright.html index d00cf9712..7584aefc3 100644 --- a/html/copyright.html +++ b/html/copyright.html @@ -9,7 +9,7 @@

Copyright Notice

jpg "Clone me," says Dolly sheepishly.

Last update: - 2-Mar-2023 05:21 + 7-Jan-2024 00:29 UTC


@@ -38,7 +38,7 @@ 
 ***********************************************************************
 *                                                                     *
-* Copyright (c) Network Time Foundation 2011-2023                     *
+* Copyright (c) Network Time Foundation 2011-2024                     *
 *                                                                     *
 * All Rights Reserved                                                 *
 *                                                                     *
diff --git a/ntpd/invoke-ntp.conf.texi b/ntpd/invoke-ntp.conf.texi
index 89f85287c..04f0f4fde 100644
--- a/ntpd/invoke-ntp.conf.texi
+++ b/ntpd/invoke-ntp.conf.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp.conf.texi)
 #
-# It has been AutoGen-ed  September 30, 2023 at 03:20:45 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  7, 2024 at 12:34:25 AM by AutoGen 5.18.16
 # From the definitions    ntp.conf.def
 # and the template file   agtexi-file.tpl
 @end ignore
diff --git a/ntpd/invoke-ntp.keys.texi b/ntpd/invoke-ntp.keys.texi
index 3926518de..b57192707 100644
--- a/ntpd/invoke-ntp.keys.texi
+++ b/ntpd/invoke-ntp.keys.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp.keys.texi)
 #
-# It has been AutoGen-ed  June  6, 2023 at 04:37:41 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  7, 2024 at 12:34:27 AM by AutoGen 5.18.16
 # From the definitions    ntp.keys.def
 # and the template file   agtexi-file.tpl
 @end ignore
diff --git a/ntpd/invoke-ntpd.texi b/ntpd/invoke-ntpd.texi
index 471bca5b8..2788a8058 100644
--- a/ntpd/invoke-ntpd.texi
+++ b/ntpd/invoke-ntpd.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpd.texi)
 #
-# It has been AutoGen-ed  June  6, 2023 at 04:37:42 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  7, 2024 at 12:34:29 AM by AutoGen 5.18.16
 # From the definitions    ntpd-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
diff --git a/ntpd/ntp.conf.5man b/ntpd/ntp.conf.5man
index edbbc4230..a9a3d5405 100644
--- a/ntpd/ntp.conf.5man
+++ b/ntpd/ntp.conf.5man
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp.conf 5man "30 Sep 2023" "4.2.8p17" "File Formats"
+.TH ntp.conf 5man "07 Jan 2024" "4.2.8p17" "File Formats"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed September 30, 2023 at 03:20:48 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:34:31 AM by AutoGen 5.18.16
 .\" From the definitions ntp.conf.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -3451,7 +3451,7 @@ RFC5905
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH BUGS
 The syntax checking is not picky; some combinations of
diff --git a/ntpd/ntp.conf.5mdoc b/ntpd/ntp.conf.5mdoc
index a92096496..0e675b79e 100644
--- a/ntpd/ntp.conf.5mdoc
+++ b/ntpd/ntp.conf.5mdoc
@@ -1,9 +1,9 @@
-.Dd September 30 2023
+.Dd January 7 2024
 .Dt NTP_CONF 5mdoc File Formats
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  September 30, 2023 at 03:20:43 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:20 AM by AutoGen 5.18.16
 .\"  From the definitions    ntp.conf.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -3296,7 +3296,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh BUGS
 The syntax checking is not picky; some combinations of
diff --git a/ntpd/ntp.conf.html b/ntpd/ntp.conf.html
index e084fcf90..11f0d7fee 100644
--- a/ntpd/ntp.conf.html
+++ b/ntpd/ntp.conf.html
@@ -1,6 +1,6 @@
-
+
 
-
+
 
 
 NTP Configuration File User’s Manual
@@ -10,24 +10,19 @@
 
 
 
+
+
 
 
+
+
 
 
@@ -35,82 +30,76 @@ ul.no-bullet {list-style: none}
 
 
 
-
NTP Configuration File User’s Manual

 
 
 
 
 
-

+

+

 

-Next: , Previous: , Up: (dir)   

+Next: , Previous: , Up: (dir)   

 

-
NTP’s Configuration File User Manual

+
NTP’s Configuration File User Manual

 
 
This document describes the configuration file for the NTP Project’s
-ntpd program.
+ntpd program.
 

-
This document applies to version 4.2.8p17 of ntp.conf.
+
This document applies to version 4.2.8p17 of ntp.conf.
 

-
+
+
+

 
Short Table of Contents

 
 

-

-
-
-
-
-
-
ntp.conf Description  
-
ntp.conf Notes  
-

-
+

 

-

+

+

 

-Previous: , Up: Top   

+Previous: , Up: NTP’s Configuration File User Manual   

 

-
1 Description

+
1 Description

 
-
The behavior of  ntpd can be changed by a configuration file,
-by default ntp.conf.
+
The behavior of  ntpd can be changed by a configuration file,
+by default ntp.conf.
 

-
-
-
Notes about ntp.conf  
-

-
+
 

-

+

+

 

-Previous: , Up: ntp.conf Description   

+Up: Description   

 

-
1.1 Notes about ntp.conf

-
-
+
1.1 Notes about ntp.conf

+
+
 
 
 
 
The
-ntp.conf
+ntp.conf
 configuration file is read at initial startup by the
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 daemon in order to specify the synchronization sources,
 modes and other related information.
 Usually, it is installed in the
-/etc
+/etc
 directory,
 but could be installed elsewhere
 (see the daemon’s
--c
+-c
 command line option).
 

 
The file format is similar to other
-UNIX
+UNIX
 configuration files.
 Comments begin with a
 ‘#’
@@ -131,63 +120,52 @@ The
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp)
+/usr/share/doc/ntp)
 contains an extended discussion of these options.
 In addition to the discussion of general
 ‘Configuration Options’,
 there are sections describing the following supported functionality
 and the options used to control it:
-
    
-
  •  Authentication Support
-
  •  Monitoring Support
-
  •  Access Control Support
-
  •  Automatic NTP Configuration Options
-
  •  Reference Clock Support
-
  •  Miscellaneous Options
+
    
 
 
    Following these is a section describing
-Miscellaneous Options.
+Miscellaneous Options.
 While there is a rich set of options available,
 the only required option is one or more
-pool,
-server,
-peer,
-broadcast
+pool,
+server,
+peer,
+broadcast
 or
-manycastclient
+manycastclient
 commands.
-
    
-
-
-
-
-
-
-
-
-
-
-
-
    Configuration Support  
-
    Authentication Support  
-
    Monitoring Support  
-
    Access Control Support  
-
    Automatic NTP Configuration Options  
-
    Reference Clock Support  
-
    Miscellaneous Options  
-
    ntp.conf Files  
-
    ntp.conf See Also  
-
    ntp.conf Bugs  
-
    • ntp.conf Notes  
-
    
-
+
    
 
    
-
    
+
    
+
    
 
    
-Next: , Up: ntp.conf Notes   
    
+Next: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.1 Configuration Support
    
+
    1.1.1 Configuration Support
    
 
    Following is a description of the configuration commands in
 NTPv4.
 These commands have the same basic functions as in NTPv3 and
@@ -197,7 +175,12 @@ classes of commands, configuration commands that configure a
 persistent association with a remote server or peer or reference
 clock, and auxiliary commands that specify environmental variables
 that control various related operations.
-
    1.1.1.1 Configuration Commands
    
+
    
+
    
+
    1.1.1.1 Configuration Commands
    
 
    The various modes are determined by the command keyword and the
 type of the required IP address.
 Addresses are classed by type as
@@ -214,12 +197,12 @@ in some weird and even destructive behavior.
 is detected, support for the IPv6 address family is generated
 in addition to the default support of the IPv4 address family.
 In a few cases, including the
-reslist
+reslist
 billboard generated
 by
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 or
-ntpdc(1ntpdcmdoc),
+ntpdc(1ntpdcmdoc),
 IPv6 addresses are automatically generated.
 IPv6 addresses can be identified by the presence of colons
 “:”
@@ -230,26 +213,26 @@ with the exception of reference clock addresses,
 which are always IPv4.
 
    
 
    Note that in contexts where a host name is expected, a
--4
+-4
 qualifier preceding
 the host name forces DNS resolution to the IPv4 namespace,
 while a
--6
+-6
 qualifier forces DNS resolution to the IPv6 namespace.
 See IPv6 references for the
 equivalent classes for that address family.
-
    
-
    pool address [burst] [iburst] [version version] [prefer] [minpoll minpoll] [maxpoll maxpoll] [xmtnonce]
    
-
    server address [key key | autokey] [burst] [iburst] [version version] [prefer] [minpoll minpoll] [maxpoll maxpoll] [true] [xmtnonce]
    
-
    peer address [key key | autokey] [version version] [prefer] [minpoll minpoll] [maxpoll maxpoll] [true] [xleave]
    
-
    broadcast address [key key | autokey] [version version] [prefer] [minpoll minpoll] [ttl ttl] [xleave]
    
-
    manycastclient address [key key | autokey] [version version] [prefer] [minpoll minpoll] [maxpoll maxpoll] [ttl ttl]
    
+
    
+
    pool address [burst] [iburst] [version version] [prefer] [minpoll minpoll] [maxpoll maxpoll] [xmtnonce]
    
+
    server address [key key | autokey] [burst] [iburst] [version version] [prefer] [minpoll minpoll] [maxpoll maxpoll] [true] [xmtnonce]
    
+
    peer address [key key | autokey] [version version] [prefer] [minpoll minpoll] [maxpoll maxpoll] [true] [xleave]
    
+
    broadcast address [key key | autokey] [version version] [prefer] [minpoll minpoll] [ttl ttl] [xleave]
    
+
    manycastclient address [key key | autokey] [version version] [prefer] [minpoll minpoll] [maxpoll maxpoll] [ttl ttl]
    
 
    
 
 
    These five commands specify the time server name or address to
 be used and the mode in which to operate.
 The
-address
+address
 can be
 either a DNS name or an IP address in dotted-quad notation.
 Additional information on association behavior can be found in the
@@ -257,16 +240,16 @@ Additional information on association behavior can be found in the
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp).
-
    
-
    pool
    
+/usr/share/doc/ntp).
+
    
+
    pool
    
 
    For type s addresses, this command mobilizes a persistent
 client mode association with a number of remote servers.
 In this mode the local clock can synchronized to the
 remote server, but the remote server can never be synchronized to
 the local clock.
 
    
-
    server
    
+
    server
    
 
    For type s and r addresses, this command mobilizes a persistent
 client mode association with the specified remote server or local
 radio clock.
@@ -274,11 +257,11 @@ In this mode the local clock can synchronized to the
 remote server, but the remote server can never be synchronized to
 the local clock.
 This command should
-not
+not
 be used for type
 b or m addresses.
 
    
-
    peer
    
+
    peer
    
 
    For type s addresses (only), this command mobilizes a
 persistent symmetric-active mode association with the specified
 remote peer.
@@ -291,7 +274,7 @@ the better source of time.
 This command should NOT be used for type
 b, m or r addresses.
 
    
-
    broadcast
    
+
    broadcast
    
 
    For type b and m addresses (only), this
 command mobilizes a persistent broadcast mode association.
 Multiple
@@ -302,7 +285,7 @@ broadcast messages go only to the interface associated with the
 subnet specified, but multicast messages go to all interfaces.
 In broadcast mode the local server sends periodic broadcast
 messages to a client population at the
-address
+address
 specified, which is usually the broadcast address on (one of) the
 local network(s) or a multicast address assigned to NTP.
 The IANA
@@ -313,19 +296,19 @@ messages within administrative boundaries.
 Ordinarily, this
 specification applies only to the local server operating as a
 sender; for operation as a broadcast client, see the
-broadcastclient
+broadcastclient
 or
-multicastclient
+multicastclient
 commands
 below.
 
    
-
    manycastclient
    
+
    manycastclient
    
 
    For type m addresses (only), this command mobilizes a
 manycast client mode association for the multicast address
 specified.
 In this case a specific address must be supplied which
 matches the address used on the
-manycastserver
+manycastserver
 command for
 the designated manycast servers.
 The NTP multicast address
@@ -334,19 +317,19 @@ means are taken to avoid spraying large areas of the Internet with
 these messages and causing a possibly massive implosion of replies
 at the sender.
 The
-manycastserver
+manycastserver
 command specifies that the local server
 is to operate in client mode with the remote servers that are
 discovered as the result of broadcast/multicast messages.
 The
 client broadcasts a request message to the group address associated
 with the specified
-address
+address
 and specifically enabled
 servers respond to these messages.
 The client selects the servers
 providing the best time and continues as with the
-server
+server
 command.
 The remaining servers are discarded as if never
 heard.
@@ -354,63 +337,63 @@ heard.
 
    
 
 
    Options:
-
    
-
    autokey
    
+
    
+
    autokey
    
 
    All packets sent to and received from the server or peer are to
 include authentication fields encrypted using the autokey scheme
 described in
 ‘Authentication Options’.
 
    
-
    burst
    
+
    burst
    
 
    when the server is reachable, send a burst of six packets
 instead of the usual one. The packet spacing is 2 s.
 This is designed to improve timekeeping quality with the
-server
+server
 command and s addresses.
 
    
-
    iburst
    
+
    iburst
    
 
    When the server is unreachable, send a burst of eight packets
 instead of the usual one.
 The packet spacing is 2 s.
 This is designed to speed the initial synchronization
 acquisition with the
-server
+server
 command and s addresses and when
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 is started with the
--q
+-q
 option.
 
    
-
    key key
    
+
    key key
    
 
    All packets sent to and received from the server or peer are to
 include authentication fields encrypted using the specified
-key
+key
 identifier with values from 1 to 65535, inclusive.
 The
 default is to include no encryption field.
 
    
-
    minpoll minpoll
    
-
    maxpoll maxpoll
    
+
    minpoll minpoll
    
+
    maxpoll maxpoll
    
 
    These options specify the minimum and maximum poll intervals
 for NTP messages, as a power of 2 in seconds
 The maximum poll
 interval defaults to 10 (1,024 s), but can be increased by the
-maxpoll
+maxpoll
 option to an upper limit of 17 (36.4 h).
 The
 minimum poll interval defaults to 6 (64 s), but can be decreased by
 the
-minpoll
+minpoll
 option to a lower limit of 4 (16 s).
 
    
-
    noselect
    
+
    noselect
    
 
    Marks the server as unused, except for display purposes.
 The server is discarded by the selection algroithm.
 
    
-
    preempt
    
+
    preempt
    
 
    Says the association can be preempted.
 
    
-
    prefer
    
+
    prefer
    
 
    Marks the server as preferred.
 All other things being equal,
 this host will be chosen for synchronization among a set of
@@ -420,55 +403,57 @@ See the
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp)
+/usr/share/doc/ntp)
 for further information.
 
    
-
    true
    
+
    true
    
 
    Marks the server as a truechimer,
 forcing the association to always survive the selection and clustering algorithms.
 This option should almost certainly
-only
+only
 be used while testing an association.
 
    
-
    ttl ttl
    
+
    ttl ttl
    
 
    This option is used only with broadcast server and manycast
 client modes.
 It specifies the time-to-live
-ttl
+ttl
 to
 use on broadcast server and multicast server and the maximum
-ttl
+ttl
 for the expanding ring search with manycast
 client packets.
 Selection of the proper value, which defaults to
 127, is something of a black art and should be coordinated with the
 network administrator.
 
    
-
    version version
    
+
    version version
    
 
    Specifies the version number to be used for outgoing NTP
 packets.
 Versions 1-4 are the choices, with version 4 the
 default.
 
    
-
    xleave
    
+
    xleave
    
 
    Valid in
-peer
+peer
 and
-broadcast
+broadcast
 modes only, this flag enables interleave mode.
 
    
-
    xmtnonce
    
+
    xmtnonce
    
 
    Valid only for
-server
+server
 and
-pool
+pool
 modes, this flag puts a random number in the packet’s transmit timestamp.
 
    
 
    
 
    
-
    1.1.1.2 Auxiliary Commands
    
-
    
-
    broadcastclient
    
+
    
+
    
+
    1.1.1.2 Auxiliary Commands
    
+
    
+
    broadcastclient
    
 
    This command enables reception of broadcast server messages to
 any local interface (type b) address.
 Upon receiving a message for
@@ -482,7 +467,7 @@ server and client should operate using symmetric-key or public-key
 authentication as described in
 ‘Authentication Options’.
 
    
-
    manycastserver address ...
    
+
    manycastserver address ...
    
 
    This command enables reception of manycast client messages to
 the multicast group address(es) (type m) specified.
 At least one
@@ -496,7 +481,7 @@ and client should operate using symmetric-key or public-key
 authentication as described in
 ‘Authentication Options’.
 
    
-
    multicastclient address ...
    
+
    multicastclient address ...
    
 
    This command enables reception of multicast server messages to
 the multicast group address(es) (type m) specified.
 Upon receiving
@@ -510,28 +495,31 @@ both the server and client should operate using symmetric-key or
 public-key authentication as described in
 ‘Authentication Options’.
 
    
-
    mdnstries number
    
+
    mdnstries number
    
 
    If we are participating in mDNS,
 after we have synched for the first time
 we attempt to register with the mDNS system.
 If that registration attempt fails,
 we try again at one minute intervals for up to
-mdnstries
+mdnstries
 times.
 After all,
-ntpd
+ntpd
 may be starting before mDNS.
 The default value for
-mdnstries
+mdnstries
 is 5.
 
    
 
    
 
    
-
    
+
    
+
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntp.conf Notes   
    
+Next: , Previous: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.2 Authentication Support
    
+
    1.1.2 Authentication Support
    
 
    Authentication support allows the NTP client to verify that the
 server is in fact known and trusted and not an intruder intending
 accidentally or on purpose to masquerade as that server.
@@ -572,15 +560,15 @@ are on the Building and Installing the Distribution page.
 
    
 
    Authentication is configured separately for each association
 using the
-key
+key
 or
-autokey
+autokey
 subcommand on the
-peer,
-server,
-broadcast
+peer,
+server,
+broadcast
 and
-manycastclient
+manycastclient
 configuration commands as described in
 ‘Configuration Options’
 page.
@@ -609,16 +597,16 @@ the server certificate, verify its
 credentials and initialize the protocol
 
    
 
    The
-auth
+auth
 flag controls whether new associations or
 remote configuration commands require cryptographic authentication.
 This flag can be set or reset by the
-enable
+enable
 and
-disable
+disable
 commands and also by remote
 configuration commands sent by a
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 program running on
 another machine.
 If this flag is enabled, which is the default
@@ -631,7 +619,7 @@ even if not cryptographic
 authenticated.
 It should be understood
 that operating with the
-auth
+auth
 flag disabled invites a significant vulnerability
 where a rogue hacker can
 masquerade as a falseticker and seriously
@@ -648,7 +636,7 @@ the authentication process itself.
 
    An attractive alternative where multicast support is available
 is manycast mode, in which clients periodically troll
 for servers as described in the
-Automatic NTP Configuration Options
+Automatic NTP Configuration Options
 page.
 Either symmetric key or public key
 cryptographic authentication can be used in this mode.
@@ -664,8 +652,18 @@ both symmetric key and public key
 cryptography are summarized below;
 further details are in the briefings, papers
 and reports at the NTP project page linked from
-http://www.ntp.org/.
-
    1.1.2.1 Symmetric-Key Cryptography
    
+http://www.ntp.org/.
+
    
+
    
+
    1.1.2.1 Symmetric-Key Cryptography
    
 
    The original RFC-1305 specification allows any one of possibly
 65,535 keys, each distinguished by a 32-bit key identifier, to
 authenticate an association.
@@ -675,45 +673,47 @@ authenticate NTP packets.
 Keys and
 related information are specified in a key
 file, usually called
-ntp.keys,
+ntp.keys,
 which must be distributed and stored using
 secure means beyond the scope of the NTP protocol itself.
 Besides the keys used
 for ordinary NTP associations,
 additional keys can be used as passwords for the
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 utility programs.
 
    
 
    When
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 is first started, it reads the key file specified in the
-keys
+keys
 configuration command and installs the keys
 in the key cache.
 However,
 individual keys must be activated with the
-trusted
+trusted
 command before use.
 This
 allows, for instance, the installation of possibly
 several batches of keys and
 then activating or deactivating each batch
 remotely using
-ntpdc(1ntpdcmdoc).
+ntpdc(1ntpdcmdoc).
 This also provides a revocation capability that can be used
 if a key becomes compromised.
 The
-requestkey
+requestkey
 command selects the key used as the password for the
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 utility, while the
-controlkey
+controlkey
 command selects the key used as the password for the
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 utility.
-
    1.1.2.2 Public Key Cryptography
    
+
    
+
    
+
    1.1.2.2 Public Key Cryptography
    
 
    NTPv4 supports the original NTPv3 symmetric key scheme
 described in RFC-1305 and in addition the Autokey protocol,
 which is based on public key cryptography.
@@ -744,7 +744,7 @@ page.
 
    The specific cryptographic environment used by Autokey servers
 and clients is determined by a set of files
 and soft links generated by the
-ntp-keygen(1ntpkeygenmdoc)
+ntp-keygen(1ntpkeygenmdoc)
 program.
 This includes a required host key file,
 required certificate file and optional sign key file,
@@ -755,7 +755,7 @@ along with the matching sign key.
 There are several schemes
 available in the OpenSSL software library, each identified
 by a specific string such as
-md5WithRSAEncryption,
+md5WithRSAEncryption,
 which stands for the MD5 message digest with RSA
 encryption scheme.
 The current NTP distribution supports
@@ -774,7 +774,9 @@ This requires the configuration file in all hosts to be
 engineered so that, even under anticipated failure conditions,
 the NTP subnet will form such that every group host can find
 a trail to at least one trusted host.
-
    1.1.2.3 Naming and Addressing
    
+
    
+
    
+
    1.1.2.3 Naming and Addressing
    
 
    It is important to note that Autokey does not use DNS to
 resolve addresses, since DNS can’t be completely trusted
 until the name servers have synchronized clocks.
@@ -787,7 +789,7 @@ DNS compromise is essential.
 
    
 
    By convention, the name of an Autokey host is the name returned
 by the Unix
-gethostname(2)
+gethostname(2)
 system call or equivalent in other systems.
 By the system design
 model, there are no provisions to allow alternate names or aliases.
@@ -806,7 +808,9 @@ For this reason operation
 with network address translation schemes is not possible.
 This reflects the intended robust security model where government
 and corporate NTP servers are operated outside firewall perimeters.
-
    1.1.2.4 Operation
    
+
    
+
    
+
    1.1.2.4 Operation
    
 
    A specific combination of authentication scheme (none,
 symmetric key, public key) and identity scheme is called
 a cryptotype, although not all combinations are compatible.
@@ -823,19 +827,19 @@ but may not represent good security practice.
 of mobilization, either at configuration time or some time
 later when a message of appropriate cryptotype arrives.
 When mobilized by a
-server
+server
 or
-peer
+peer
 configuration command and no
-key
+key
 or
-autokey
+autokey
 subcommands are present, the association is not
 authenticated; if the
-key
+key
 subcommand is present, the association is authenticated
 using the symmetric key ID specified; if the
-autokey
+autokey
 subcommand is present, the association is authenticated
 using Autokey.
 
    
@@ -877,7 +881,7 @@ If verification fails,
 Bob sends Cathy a thing called a crypto-NAK, which tells her
 something broke.
 She can see the evidence using the
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 program.
 
    
 
    Denise has rolled her own host key and certificate.
@@ -895,10 +899,12 @@ servers (or the same server, although that might not be useful).
 But, wise security policy might preclude some cryptotype
 combinations; for instance, running an identity scheme
 with one server and no authentication with another might not be wise.
-
    1.1.2.5 Key Management
    
+
    
+
    
+
    1.1.2.5 Key Management
    
 
    The cryptographic values used by the Autokey protocol are
 incorporated as a set of files generated by the
-ntp-keygen(1ntpkeygenmdoc)
+ntp-keygen(1ntpkeygenmdoc)
 utility program, including symmetric key, host key and
 public certificate files, as well as sign key, identity parameters
 and leapseconds files.
@@ -907,9 +913,9 @@ certificate files can be generated by the OpenSSL utilities
 and certificates can be imported from public certificate
 authorities.
 Note that symmetric keys are necessary for the
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 utility programs.
 The remaining files are necessary only for the
 Autokey protocol.
@@ -928,11 +934,13 @@ The certificate extension fields must not contain either
 a subject key identifier or a issuer key identifier field;
 however, an extended key usage field for a trusted host must
 contain the value
-trustRoot;.
+trustRoot;.
 Other extension fields are ignored.
-
    1.1.2.6 Authentication Commands
    
-
    
-
    autokey [logsec]
    
+
    
+
    
+
    1.1.2.6 Authentication Commands
    
+
    
+
    autokey [logsec]
    
 
    Specifies the interval between regenerations of the session key
 list used with the Autokey protocol.
 Note that the size of the key
@@ -943,18 +951,18 @@ For poll intervals above the specified interval, a session key list
 with a single entry will be regenerated for every message
 sent.
 
    
-
    controlkey key
    
+
    controlkey key
    
 
    Specifies the key identifier to use with the
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 utility, which uses the standard
 protocol defined in RFC-1305.
 The
-key
+key
 argument is
 the key identifier for a trusted key, where the value can be in the
 range 1 to 65,535, inclusive.
 
    
-
    crypto [cert file] [leap file] [randfile file] [host file] [gq file] [gqpar file] [iffpar file] [mvpar file] [pw password]
    
+
    crypto [cert file] [leap file] [randfile file] [host file] [gq file] [gqpar file] [iffpar file] [mvpar file] [pw password]
    
 
    This command requires the OpenSSL library.
 It activates public key
 cryptography, selects the message digest and signature
@@ -965,93 +973,93 @@ the default names are used as described above.
 Unless the complete path and name of the file are specified, the
 location of a file is relative to the keys directory specified
 in the
-keysdir
+keysdir
 command or default
-/usr/local/etc.
+/usr/local/etc.
 Following are the subcommands:
-
    
-
    cert file
    
+
    
+
    cert file
    
 
    Specifies the location of the required host public certificate file.
 This overrides the link
-ntpkey_cert_hostname
+ntpkey_cert_hostname
 in the keys directory.
 
    
-
    gqpar file
    
+
    gqpar file
    
 
    Specifies the location of the optional GQ parameters file.
 This
 overrides the link
-ntpkey_gq_hostname
+ntpkey_gq_hostname
 in the keys directory.
 
    
-
    host file
    
+
    host file
    
 
    Specifies the location of the required host key file.
 This overrides
 the link
-ntpkey_key_hostname
+ntpkey_key_hostname
 in the keys directory.
 
    
-
    iffpar file
    
+
    iffpar file
    
 
    Specifies the location of the optional IFF parameters file.
 This overrides the link
-ntpkey_iff_hostname
+ntpkey_iff_hostname
 in the keys directory.
 
    
-
    leap file
    
+
    leap file
    
 
    Specifies the location of the optional leapsecond file.
 This overrides the link
-ntpkey_leap
+ntpkey_leap
 in the keys directory.
 
    
-
    mvpar file
    
+
    mvpar file
    
 
    Specifies the location of the optional MV parameters file.
 This overrides the link
-ntpkey_mv_hostname
+ntpkey_mv_hostname
 in the keys directory.
 
    
-
    pw password
    
+
    pw password
    
 
    Specifies the password to decrypt files containing private keys and
 identity parameters.
 This is required only if these files have been
 encrypted.
 
    
-
    randfile file
    
+
    randfile file
    
 
    Specifies the location of the random seed file used by the OpenSSL
 library.
 The defaults are described in the main text above.
 
    
 
    
 
    
-
    keys keyfile
    
+
    keys keyfile
    
 
    Specifies the complete path and location of the MD5 key file
 containing the keys and key identifiers used by
-ntpd(1ntpdmdoc),
-ntpq(1ntpqmdoc)
+ntpd(1ntpdmdoc),
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 when operating with symmetric key cryptography.
 This is the same operation as the
--k
+-k
 command line option.
 
    
-
    keysdir path
    
+
    keysdir path
    
 
    This command specifies the default directory path for
 cryptographic keys, parameters and certificates.
 The default is
-/usr/local/etc/.
+/usr/local/etc/.
 
    
-
    requestkey key
    
+
    requestkey key
    
 
    Specifies the key identifier to use with the
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 utility program, which uses a
 proprietary protocol specific to this implementation of
-ntpd(1ntpdmdoc).
+ntpd(1ntpdmdoc).
 The
-key
+key
 argument is a key identifier
 for the trusted key, where the value can be in the range 1 to
 65,535, inclusive.
 
    
-
    revoke logsec
    
+
    revoke logsec
    
 
    Specifies the interval between re-randomization of certain
 cryptographic values used by the Autokey scheme, as a power of 2 in
 seconds.
@@ -1063,28 +1071,30 @@ For poll
 intervals above the specified interval, the values will be updated
 for every message sent.
 
    
-
    trustedkey key ...
    
+
    trustedkey key ...
    
 
    Specifies the key identifiers which are trusted for the
 purposes of authenticating peers with symmetric key cryptography,
 as well as keys used by the
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 programs.
 The authentication procedures require that both the local
 and remote servers share the same key and key identifier for this
 purpose, although different keys can be used with different
 servers.
 The
-key
+key
 arguments are 32-bit unsigned
 integers with values from 1 to 65,535.
 
    
 
    
-
    1.1.2.7 Error Codes
    
+
    
+
    
+
    1.1.2.7 Error Codes
    
 
    The following error codes are reported via the NTP control
 and monitoring protocol trap mechanism.
-
    
+
    
 
    101
    
 
    (bad field format or length)
 The packet has invalid version, length or format.
@@ -1148,44 +1158,51 @@ The identity key is missing, corrupt or bogus.
 
    
 
    
 
    
-
    
+
    
+
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntp.conf Notes   
    
+Next: , Previous: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.3 Monitoring Support
    
-
    ntpd(1ntpdmdoc)
+
    1.1.3 Monitoring Support
    
+
    ntpd(1ntpdmdoc)
 includes a comprehensive monitoring facility suitable
 for continuous, long term recording of server and client
 timekeeping performance.
 See the
-statistics
+statistics
 command below
 for a listing and example of each type of statistics currently
 supported.
 Statistic files are managed using file generation sets
 and scripts in the
-./scripts
+./scripts
 directory of the source code distribution.
 Using
 these facilities and
-UNIX
-cron(8)
+UNIX
+cron(8)
 jobs, the data can be
 automatically summarized and archived for retrospective analysis.
-
    1.1.3.1 Monitoring Commands
    
-
    
-
    statistics name ...
    
+
    
+
    
+
    1.1.3.1 Monitoring Commands
    
+
    
+
    statistics name ...
    
 
    Enables writing of statistics records.
 Currently, eight kinds of
-name
+name
 statistics are supported.
-
    
-
    clockstats
    
+
    
+
    clockstats
    
 
    Enables recording of clock driver statistics information.
 Each update
 received from a clock driver appends a line of the following form to
 the file generation set named
-clockstats:
+clockstats:
 
    49213 525.624 127.127.4.1 93 226 00:08:29.606 D
 
    
 
    The first two fields show the date (Modified Julian Day) and time
@@ -1200,13 +1217,13 @@ can be gathered and displayed as well.
 See information specific to each
 clock for further details.
 
    
-
    cryptostats
    
+
    cryptostats
    
 
    This option requires the OpenSSL cryptographic software library.
 It
 enables recording of cryptographic public key protocol information.
 Each message received by the protocol module appends a line of the
 following form to the file generation set named
-cryptostats:
+cryptostats:
 
    49213 525.624 127.127.4.1 message
 
    
 
    The first two fields show the date (Modified Julian Day) and time
@@ -1218,12 +1235,12 @@ See the
 ‘Authentication Options’
 section for further information.
 
    
-
    loopstats
    
+
    loopstats
    
 
    Enables recording of loop filter statistics information.
 Each
 update of the local clock outputs a line of the following form to
 the file generation set named
-loopstats:
+loopstats:
 
    50935 75440.031 0.000006019 13.778190 0.000351733 0.0133806
 
    
 
    The first two fields show the date (Modified Julian Day) and
@@ -1233,7 +1250,7 @@ show time offset (seconds), frequency offset (parts per million -
 PPM), RMS jitter (seconds), Allan deviation (PPM) and clock
 discipline time constant.
 
    
-
    peerstats
    
+
    peerstats
    
 
    Enables recording of peer statistics information.
 This includes
 statistics records of all peers of a NTP server and of special
@@ -1241,7 +1258,7 @@ signals, where present and configured.
 Each valid update appends a
 line of the following form to the current element of a file
 generation set named
-peerstats:
+peerstats:
 
    48773 10847.650 127.127.4.1 9714 -0.001605376 0.000000000 0.001424877 0.000958674
 
    
 
    The first two fields show the date (Modified Julian Day) and
@@ -1254,7 +1271,7 @@ described in Appendix A of the NTP specification RFC 1305.
 The final four fields show the offset,
 delay, dispersion and RMS jitter, all in seconds.
 
    
-
    rawstats
    
+
    rawstats
    
 
    Enables recording of raw-timestamp statistics information.
 This
 includes statistics records of all peers of a NTP server and of
@@ -1262,7 +1279,7 @@ special signals, where present and configured.
 Each NTP message
 received from a peer or clock driver appends a line of the
 following form to the file generation set named
-rawstats:
+rawstats:
 
    50928 2132.543 128.4.1.1 128.4.1.20 3102453281.584327000 3102453281.58622800031 02453332.540806000 3102453332.541458000
 
    
 
    The first two fields show the date (Modified Julian Day) and
@@ -1276,12 +1293,12 @@ The timestamp
 values are as received and before processing by the various data
 smoothing and mitigation algorithms.
 
    
-
    sysstats
    
+
    sysstats
    
 
    Enables recording of ntpd statistics counters on a periodic basis.
 Each
 hour a line of the following form is appended to the file generation
 set named
-sysstats:
+sysstats:
 
    50928 2132.543 36000 81965 0 9546 56 71793 512 540 10 147
 
    
 
    The first two fields show the date (Modified Julian Day) and time
@@ -1289,49 +1306,49 @@ set named
 The remaining ten fields show
 the statistics counter values accumulated since the last generated
 line.
-
    
-
    Time since restart 36000
    
+
    
+
    Time since restart 36000
    
 
    Time in hours since the system was last rebooted.
 
    
-
    Packets received 81965
    
+
    Packets received 81965
    
 
    Total number of packets received.
 
    
-
    Packets processed 0
    
+
    Packets processed 0
    
 
    Number of packets received in response to previous packets sent
 
    
-
    Current version 9546
    
+
    Current version 9546
    
 
    Number of packets matching the current NTP version.
 
    
-
    Previous version 56
    
+
    Previous version 56
    
 
    Number of packets matching the previous NTP version.
 
    
-
    Bad version 71793
    
+
    Bad version 71793
    
 
    Number of packets matching neither NTP version.
 
    
-
    Access denied 512
    
+
    Access denied 512
    
 
    Number of packets denied access for any reason.
 
    
-
    Bad length or format 540
    
+
    Bad length or format 540
    
 
    Number of packets with invalid length, format or port number.
 
    
-
    Bad authentication 10
    
+
    Bad authentication 10
    
 
    Number of packets not verified as authentic.
 
    
-
    Rate exceeded 147
    
+
    Rate exceeded 147
    
 
    Number of packets discarded due to rate limitation.
 
    
 
    
 
    
-
    statsdir directory_path
    
+
    statsdir directory_path
    
 
    Indicates the full path of a directory where statistics files
 should be created (see below).
 This keyword allows
 the (otherwise constant)
-filegen
+filegen
 filename prefix to be modified for file generation sets, which
 is useful for handling statistics logs.
 
    
-
    filegen name [file filename] [type typename] [link | nolink] [enable | disable]
    
+
    filegen name [file filename] [type typename] [link | nolink] [enable | disable]
    
 
    Configures setting of generation file set name.
 Generation
 file sets provide a means for handling files that are
@@ -1350,28 +1367,28 @@ operations without the risk of disturbing the operation of ntpd.
 produced.)
 
    
 
    Note that this command can be sent from the
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 program running at a remote location.
-
    
-
    name
    
+
    
+
    name
    
 
    This is the type of the statistics records, as shown in the
-statistics
+statistics
 command.
 
    
-
    file filename
    
+
    file filename
    
 
    This is the file name for the statistics records.
 Filenames of set
 members are built from three concatenated elements
-prefix,
-filename
+prefix,
+filename
 and
-suffix:
-
    
-
    prefix
    
+suffix:
+
    
+
    prefix
    
 
    This is a constant filename path.
 It is not subject to
 modifications via the
-filegen
+filegen
 option.
 It is defined by the
 server, usually specified as a compile-time constant.
@@ -1379,63 +1396,63 @@ It may,
 however, be configurable for individual file generation sets
 via other commands.
 For example, the prefix used with
-loopstats
+loopstats
 and
-peerstats
+peerstats
 generation can be configured using the
-statsdir
+statsdir
 option explained above.
 
    
-
    filename
    
+
    filename
    
 
    This string is directly concatenated to the prefix mentioned
 above (no intervening
 ‘/’).
 This can be modified using
 the file argument to the
-filegen
+filegen
 statement.
 No
-..
+..
 elements are
 allowed in this component to prevent filenames referring to
 parts outside the filesystem hierarchy denoted by
-prefix.
+prefix.
 
    
-
    suffix
    
+
    suffix
    
 
    This part is reflects individual elements of a file set.
 It is
 generated according to the type of a file set.
 
    
 
    
 
    
-
    type typename
    
+
    type typename
    
 
    A file generation set is characterized by its type.
 The following
 types are supported:
-
    
-
    none
    
+
    
+
    none
    
 
    The file set is actually a single plain file.
 
    
-
    pid
    
+
    pid
    
 
    One element of file set is used per incarnation of a ntpd
 server.
 This type does not perform any changes to file set
 members during runtime, however it provides an easy way of
 separating files belonging to different
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 server incarnations.
 The set member filename is built by appending a
 ‘.’
 to concatenated
-prefix
+prefix
 and
-filename
+filename
 strings, and
 appending the decimal representation of the process ID of the
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 server process.
 
    
-
    day
    
+
    day
    
 
    One file generation set element is created per day.
 A day is
 defined as the period between 00:00 and 24:00 UTC.
@@ -1444,19 +1461,19 @@ member suffix consists of a
 ‘.’
 and a day specification in
 the form
-YYYYMMdd.
-YYYY
+YYYYMMdd.
+YYYY
 is a 4-digit year number (e.g., 1992).
-MM
+MM
 is a two digit month number.
-dd
+dd
 is a two digit day number.
 Thus, all information written at 10 December 1992 would end up
 in a file named
-prefix
-filename.19921210.
+prefix
+filename.19921210.
 
    
-
    week
    
+
    week
    
 
    Any file set member contains data related to a certain week of
 a year.
 The term week is defined by computing day-of-year
@@ -1464,63 +1481,63 @@ modulo 7.
 Elements of such a file generation set are
 distinguished by appending the following suffix to the file set
 filename base: A dot, a 4-digit year number, the letter
-W,
+W,
 and a 2-digit week number.
 For example, information from January,
 10th 1992 would end up in a file with suffix
 .No . Ns Ar 1992W1 .
 
    
-
    month
    
+
    month
    
 
    One generation file set element is generated per month.
 The
 file name suffix consists of a dot, a 4-digit year number, and
 a 2-digit month.
 
    
-
    year
    
+
    year
    
 
    One generation file element is generated per year.
 The filename
 suffix consists of a dot and a 4 digit year number.
 
    
-
    age
    
+
    age
    
 
    This type of file generation sets changes to a new element of
 the file set every 24 hours of server operation.
 The filename
 suffix consists of a dot, the letter
-a,
+a,
 and an 8-digit number.
 This number is taken to be the number of seconds the server is
 running at the start of the corresponding 24-hour period.
 Information is only written to a file generation by specifying
-enable;
+enable;
 output is prevented by specifying
-disable.
+disable.
 
    
 
    
 
    
-
    link | nolink
    
+
    link | nolink
    
 
    It is convenient to be able to access the current element of a file
 generation set by a fixed name.
 This feature is enabled by
 specifying
-link
+link
 and disabled using
-nolink.
+nolink.
 If link is specified, a
 hard link from the current file set element to a file without
 suffix is created.
 When there is already a file with this name and
 the number of links of this file is one, it is renamed appending a
 dot, the letter
-C,
+C,
 and the pid of the
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 server process.
 When the
 number of links is greater than one, the file is unlinked.
 This
 allows the current file to be accessed by a constant name.
 
    
-
    enable | disable
    
+
    enable | disable
    
 
    Enables or disables the recording function.
 
    
 
    
@@ -1529,13 +1546,16 @@ allows the current file to be accessed by a constant name.
 
    
 
    
 
    
-
    
+
    
+
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntp.conf Notes   
    
+Next: , Previous: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.4 Access Control Support
    
+
    1.1.4 Access Control Support
    
 
    The
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 daemon implements a general purpose address/mask based restriction
 list.
 The list contains address/match entries sorted first
@@ -1551,7 +1571,7 @@ Additional information and examples can be found in the
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp).
+/usr/share/doc/ntp).
 
    
 
    The restriction facility was implemented in conformance
 with the access policies for the original NSFnet backbone
@@ -1567,7 +1587,7 @@ by a determined cracker.
 
    
 
    Clients can be denied service because they are explicitly
 included in the restrict list created by the
-restrict
+restrict
 command
 or implicitly as the result of cryptographic or rate limit
 violations.
@@ -1582,7 +1602,12 @@ an indefinite period.
 When a client or network is denied access
 for an indefinite period, the only way at present to remove
 the restrictions is by restarting the server.
-
    1.1.4.1 The Kiss-of-Death Packet
    
+
    
+
    
+
    1.1.4.1 The Kiss-of-Death Packet
    
 
    Ordinarily, packets denied service are simply dropped with no
 further action except incrementing statistics counters.
 Sometimes a
@@ -1595,12 +1620,12 @@ KoD packets have the leap bits set unsynchronized and stratum set
 to zero and the reference identifier field set to a four-byte
 ASCII code.
 If the
-noserve
+noserve
 or
-notrust
+notrust
 flag of the matching restrict list entry is set,
 the code is "DENY"; if the
-limited
+limited
 flag is set and the rate limit
 is exceeded, the code is "RATE".
 Finally, if a cryptographic violation occurs, the code is "CRYP".
@@ -1617,31 +1642,33 @@ to restart the protocol at both the client and server.
 This
 happens automatically at the client when the association times out.
 It will happen at the server only if the server operator cooperates.
-
    1.1.4.2 Access Control Commands
    
-
    
-
    discard [average avg] [minimum min] [monitor prob]
    
+
    
+
    
+
    1.1.4.2 Access Control Commands
    
+
    
+
    discard [average avg] [minimum min] [monitor prob]
    
 
    Set the parameters of the
-limited
+limited
 facility which protects the server from
 client abuse.
 The
-average
+average
 subcommand specifies the minimum average packet
 spacing in log2 seconds, defaulting to 3 (8s), while the
-minimum
+minimum
 subcommand specifies the minimum packet spacing
 in seconds, defaulting to 2.
 Packets that violate these minima are discarded
 and a kiss-o’-death packet returned if enabled.
 The
-monitor
+monitor
 subcommand indirectly specifies the probability of
 replacing the oldest entry from the monitor (MRU)
 list of recent requests used to enforce rate controls,
 when that list is at its maximum size. The probability
 of replacing the oldest entry is the age of that entry
 in seconds divided by the
-monitor
+monitor
 value, default 3000. For example, if the oldest entry
 in the MRU list represents a request 300 seconds ago,
 by default the probability of replacing it with an
@@ -1649,42 +1676,42 @@ entry representing the client request being processed
 now is 10%. Conversely, if the oldest entry is more
 than 3000 seconds old, the probability is 100%.
 
    
-
    restrict address [mask mask] [ippeerlimit int] [flag ...]
    
+
    restrict address [mask mask] [ippeerlimit int] [flag ...]
    
 
    The
-address
+address
 argument expressed in
 numeric form is the address of a host or network.
 Alternatively, the
-address
+address
 argument can be a valid hostname.  When a hostname
 is provided, a restriction entry is created for each
 address the hostname resolves to, and any provided
-mask
+mask
 is ignored and an individual host mask is
 used for each entry.
 The
-mask
+mask
 argument expressed in numeric form defaults to
 all bits lit, meaning that the
-address
+address
 is treated as the address of an individual host.
 A default entry with address and mask all zeroes
 is always included and is always the first entry in the list.
 Note that text string
-default,
+default,
 with no mask option, may
 be used to indicate the default entry.
 The
-ippeerlimit
+ippeerlimit
 directive limits the number of peer requests for each IP to
-int,
+int,
 where a value of -1 means "unlimited", the current default.
 A value of 0 means "none".
 There would usually be at most 1 peering request per IP,
 but if the remote peering requests are behind a proxy
 there could well be more than 1 per IP.
 In the current implementation,
-flag
+flag
 always
 restricts access, i.e., an entry with no flags indicates that free
 access to the server is to be given.
@@ -1697,36 +1724,36 @@ restrict informational queries and attempts to do run-time
 reconfiguration of the server.
 One or more of the following flags
 may be specified:
-
    
-
    ignore
    
+
    
+
    ignore
    
 
    Deny packets of all kinds, including
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 queries.
 
    
-
    kod
    
+
    kod
    
 
    If this flag is set when a rate violation occurs, a kiss-o’-death
 (KoD) packet is sometimes sent.
 KoD packets are rate limited to no more than one per minimum
 average interpacket spacing, set by
-discard average
+discard average
 defaulting to 8s.  Otherwise, no response is sent.
 
    
-
    limited
    
+
    limited
    
 
    Deny service if the packet spacing violates the lower limits specified
 in the
-discard
+discard
 command.
 A history of clients is kept using the
 monitoring capability of
-ntpd(1ntpdmdoc).
+ntpd(1ntpdmdoc).
 Thus, monitoring is always active as
 long as there is a restriction entry with the
-limited
+limited
 flag.
 
    
-
    lowpriotrap
    
+
    lowpriotrap
    
 
    Declare traps set by matching hosts to be low priority.
 The
 number of traps a server can maintain is limited (the current limit
@@ -1737,75 +1764,75 @@ This flag
 modifies the assignment algorithm by allowing low priority traps to
 be overridden by later requests for normal priority traps.
 
    
-
    noepeer
    
+
    noepeer
    
 
    Deny ephemeral peer requests,
 even if they come from an authenticated source.
 Note that the ability to use a symmetric key for authentication may be restricted to
 one or more IPs or subnets via the third field of the
-ntp.keys
+ntp.keys
 file.
 This restriction is not enabled by default,
 to maintain backward compatability.
 Expect
-noepeer
+noepeer
 to become the default in ntp-4.4.
 
    
-
    nomodify
    
+
    nomodify
    
 
    Deny
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 queries which attempt to modify the state of the
 server (i.e., run time reconfiguration).
 Queries which return
 information are permitted.
 
    
-
    noquery
    
+
    noquery
    
 
    Deny
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 queries.
 Time service is not affected.
 
    
-
    nopeer
    
+
    nopeer
    
 
    Deny unauthenticated packets which would result in mobilizing a new association.
 This includes
 broadcast and symmetric active packets
 when a configured association does not exist.
 It also includes
-pool
+pool
 associations, so if you want to use servers from a 
-pool
+pool
 directive and also want to use
-nopeer
+nopeer
 by default, you’ll want a
-restrict source ...
+restrict source ...
 line as well that does
-not
+not
 include the
-nopeer
+nopeer
 directive.
 
    
-
    noserve
    
+
    noserve
    
 
    Deny all packets except
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 queries.
 
    
-
    notrap
    
+
    notrap
    
 
    Decline to provide mode 6 control message trap service to matching
 hosts.
 The trap service is a subsystem of the
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 control message
 protocol which is intended for use by remote event logging programs.
 
    
-
    notrust
    
+
    notrust
    
 
    Deny service unless the packet is cryptographically authenticated.
 
    
-
    ntpport
    
+
    ntpport
    
 
    This is actually a match algorithm modifier, rather than a
 restriction flag.
 Its presence causes the restriction entry to be
@@ -1813,19 +1840,19 @@ matched only if the source port in the packet is the standard NTP
 UDP port (123).
 There can be two restriction entries with the same IP address if
 one specifies
-ntpport
+ntpport
 and the other does not.
 The
-ntpport
+ntpport
 entry is considered more specific and
 is sorted later in the list.
 
    
-
    serverresponse fuzz
    
+
    serverresponse fuzz
    
 
    When reponding to server requests,
 fuzz the low order bits of the
-reftime.
+reftime.
 
    
-
    version
    
+
    version
    
 
    Deny packets that do not match the current NTP version.
 
    
 
    
@@ -1834,36 +1861,46 @@ fuzz the low order bits of the
 ntpport, for each of the local host’s interface addresses are
 inserted into the table at startup to prevent ntpd
 from attempting to synchronize to itself, such as with
-manycastclient
+manycastclient
 when
-manycast
+manycast
 is also specified with the same multicast address.
 A default entry is also always present, though if it is
 otherwise unconfigured; no flags are associated
 with the default entry (i.e., everything besides your own
 NTP server is unrestricted).
 
    
-
    delrestrict [source] address
    
+
    delrestrict [source] address
    
 
    Remove a previously-set restriction.  This is useful for
 runtime configuration via
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 .  If
-source
+source
 is specified, a dynamic restriction created from the 
-restrict source
+restrict source
 template at the time
 an association was added is removed.  Without
-source
+source
 a static restriction is removed.
 
    
 
    
 
    
-
    
+
    
+
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntp.conf Notes   
    
+Next: , Previous: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.5 Automatic NTP Configuration Options
    
-
    1.1.5.1 Manycasting
    
+
    1.1.5 Automatic NTP Configuration Options
    
+
+
    
+
    1.1.5.1 Manycasting
    
 
    Manycasting is a automatic discovery and configuration paradigm
 new to NTPv4.
 It is intended as a means for a multicast client
@@ -1891,19 +1928,19 @@ and is generally considered stronger, at least with relatively
 large key sizes.
 It is implemented using the Autokey protocol and
 the OpenSSL cryptographic library available from
-http://www.openssl.org/.
+http://www.openssl.org/.
 The library can also be used with other NTPv4 modes
 as well and is highly recommended, especially for broadcast modes.
 
    
 
    A persistent manycast client association is configured
 using the
-manycastclient
+manycastclient
 command, which is similar to the
-server
+server
 command but with a multicast (IPv4 class
-D
+D
 or IPv6 prefix
-FF)
+FF)
 group address.
 The IANA has designated IPv4 address 224.1.1.1
 and IPv6 address FF05::101 (site local) for NTP.
@@ -1916,7 +1953,7 @@ as different group address, each one serving as a template
 for a future ephemeral unicast client/server association.
 
    
 
    Manycast servers configured with the
-manycastserver
+manycastserver
 command listen on the specified group address for manycast
 client messages.
 Note the distinction between manycast client,
@@ -1955,23 +1992,23 @@ as much as possible the volume of manycast client messages
 and the effects of implosion due to near-simultaneous
 arrival of manycast server messages.
 The strategy is determined by the
-manycastclient,
-tos
+manycastclient,
+tos
 and
-ttl
+ttl
 configuration commands.
 The manycast poll interval is
 normally eight times the system poll interval,
 which starts out at the
-minpoll
+minpoll
 value specified in the
-manycastclient,
+manycastclient,
 command and, under normal circumstances, increments to the
-maxpolll
+maxpolll
 value specified in this command.
 Initially, the TTL is
 set at the minimum hops specified by the
-ttl
+ttl
 command.
 At each retransmission the TTL is increased until reaching
 the maximum hops specified by this command or a sufficient
@@ -1981,43 +2018,43 @@ Further retransmissions use the same TTL.
 
    The quality and reliability of the suite of associations
 discovered by the manycast client is determined by the NTP
 mitigation algorithms and the
-minclock
+minclock
 and
-minsane
+minsane
 values specified in the
-tos
+tos
 configuration command.
 At least
-minsane
+minsane
 candidate servers must be available and the mitigation
 algorithms produce at least
-minclock
+minclock
 survivors in order to synchronize the clock.
 Byzantine agreement principles require at least four
 candidates in order to correctly discard a single falseticker.
 For legacy purposes,
-minsane
+minsane
 defaults to 1 and
-minclock
+minclock
 defaults to 3.
 For manycast service
-minsane
+minsane
 should be explicitly set to 4, assuming at least that
 number of servers are available.
 
    
 
    If at least
-minclock
+minclock
 servers are found, the manycast poll interval is immediately
 set to eight times
-maxpoll.
+maxpoll.
 If less than
-minclock
+minclock
 servers are found when the TTL has reached the maximum hops,
 the manycast poll interval is doubled.
 For each transmission
 after that, the poll interval is doubled again until
 reaching the maximum of eight times
-maxpoll.
+maxpoll.
 Further transmissions use the same poll interval and
 TTL values.
 Note that while all this is going on,
@@ -2029,7 +2066,7 @@ specified by the network router configuration and,
 in the case of IPv6, the link/site scope prefix.
 By default, the increment for TTL hops is 32 starting
 from 31; however, the
-ttl
+ttl
 configuration command can be
 used to modify the values to match the scope rules.
 
    
@@ -2044,19 +2081,19 @@ in TTL range will eventually find all primary servers
 in TTL range, which is probably not the most common
 objective in large networks.
 The
-tos
+tos
 command can be used to modify this behavior.
 Servers with stratum below
-floor
+floor
 or above
-ceiling
+ceiling
 specified in the
-tos
+tos
 command are strongly discouraged during the selection
 process; however, these servers may be temporally
 accepted if the number of servers within TTL range is
 less than
-minclock.
+minclock.
 
    
 
    The above actions occur for each manycast client message,
 which repeats at the designated poll interval.
@@ -2065,7 +2102,7 @@ subsequent manycast server replies are discarded,
 since that would result in a duplicate association.
 If during a poll interval the number of client associations
 falls below
-minclock,
+minclock,
 all manycast client prototype associations are reset
 to the initial poll interval and TTL hops and operation
 resumes from the beginning.
@@ -2075,7 +2112,7 @@ all manycast servers in TTL range to respond.
 The result could well be an implosion, either minor or major,
 depending on the number of servers in range.
 The recommended value for
-maxpoll
+maxpoll
 is 12 (4,096 s).
 
    
 
    It is possible and frequently useful to configure a host
@@ -2089,9 +2126,9 @@ subnet of two primary servers and a hundred or more
 dependent clients.
 With two exceptions, all servers
 and clients have identical configuration files including both
-multicastclient
+multicastclient
 and
-multicastserver
+multicastserver
 commands using, for instance, multicast group address
 239.1.1.1.
 The only exception is that each primary server
@@ -2100,12 +2137,12 @@ reference source such as a GPS receiver.
 
    
 
    The remaining configuration files for all secondary
 servers and clients have the same contents, except for the
-tos
+tos
 command, which is specific for each stratum level.
 For stratum 1 and stratum 2 servers, that command is
 not necessary.
 For stratum 3 and above servers the
-floor
+floor
 value is set to the intended stratum number.
 Thus, all stratum 3 configuration files are identical,
 all stratum 4 files are identical and so forth.
@@ -2123,27 +2160,29 @@ will time out the corresponding association and
 re-associate accordingly.
 
    
 
    Some administrators prefer to avoid running
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 continuously and run either
-sntp(1sntpmdoc)
+sntp(1sntpmdoc)
 or
-ntpd(1ntpdmdoc)
--q
+ntpd(1ntpdmdoc)
+-q
 as a cron job.
 In either case the servers must be
 configured in advance and the program fails if none are
 available when the cron job runs.
 A really slick
 application of manycast is with
-ntpd(1ntpdmdoc)
--q.
+ntpd(1ntpdmdoc)
+-q.
 The program wakes up, scans the local landscape looking
 for the usual suspects, selects the best from among
 the rascals, sets the clock and then departs.
 Servers do not have to be configured in advance and
 all clients throughout the network can have the same
 configuration file.
-
    1.1.5.2 Manycast Interactions with Autokey
    
+
    
+
    
+
    1.1.5.2 Manycast Interactions with Autokey
    
 
    Each time a manycast client sends a client mode packet
 to a multicast group address, all manycast servers
 in scope generate a reply including the host name
@@ -2173,9 +2212,11 @@ At the same time, the manycast
 scheme starts all over from the beginning and
 the expanding ring shrinks to the minimum and increments
 from there while collecting all servers in scope.
-
    1.1.5.3 Broadcast Options
    
-
    
-
    tos [bcpollbstep gate]
    
+
    
+
    
+
    1.1.5.3 Broadcast Options
    
+
    
+
    tos [bcpollbstep gate]
    
 
    This command provides a way to delay,
 by the specified number of broadcast poll intervals,
 believing backward time steps from a broadcast server.
@@ -2190,9 +2231,11 @@ This value defaults to 0, but can be changed
 to any number of poll intervals between 0 and 4.
 
    
 
    
-
    1.1.5.4 Manycast Options
    
-
    
-
    tos [ceiling ceiling | cohort { 0 | 1 } | floor floor | minclock minclock | minsane minsane]
    
+
    
+
    
+
    1.1.5.4 Manycast Options
    
+
    
+
    tos [ceiling ceiling | cohort { 0 | 1 } | floor floor | minclock minclock | minsane minsane]
    
 
    This command affects the clock selection and clustering
 algorithms.
 It can be used to select the quality and
@@ -2200,17 +2243,17 @@ quantity of peers used to synchronize the system clock
 and is most useful in manycast mode.
 The variables operate
 as follows:
-
    
-
    ceiling ceiling
    
+
    
+
    ceiling ceiling
    
 
    Peers with strata above
-ceiling
+ceiling
 will be discarded if there are at least
-minclock
+minclock
 peers remaining.
 This value defaults to 15, but can be changed
 to any number from 1 to 15.
 
    
-
    cohort {0 | 1}
    
+
    cohort {0 | 1}
    
 
    This is a binary flag which enables (0) or disables (1)
 manycast server replies to manycast clients with the same
 stratum level.
@@ -2219,25 +2262,25 @@ large numbers of clients with the same stratum level
 are present.
 The default is to enable these replies.
 
    
-
    floor floor
    
+
    floor floor
    
 
    Peers with strata below
-floor
+floor
 will be discarded if there are at least
-minclock
+minclock
 peers remaining.
 This value defaults to 1, but can be changed
 to any number from 1 to 15.
 
    
-
    minclock minclock
    
+
    minclock minclock
    
 
    The clustering algorithm repeatedly casts out outlier
 associations until no more than
-minclock
+minclock
 associations remain.
 This value defaults to 3,
 but can be changed to any number from 1 to the number of
 configured sources.
 
    
-
    minsane minsane
    
+
    minsane minsane
    
 
    This is the minimum number of candidates available
 to the clock selection algorithm in order to produce
 one or more truechimers for the clustering algorithm.
@@ -2247,13 +2290,13 @@ The default is 1
 for legacy purposes.
 However, according to principles of
 Byzantine agreement,
-minsane
+minsane
 should be at least 4 in order to detect and discard
 a single falseticker.
 
    
 
    
 
    
-
    ttl hop ...
    
+
    ttl hop ...
    
 
    This command specifies a list of TTL values in increasing
 order, up to 8 values can be specified.
 In manycast mode these values are used in turn
@@ -2263,11 +2306,14 @@ multiples of 32 starting at 31.
 
    
 
    
 
    
-
    
+
    
+
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntp.conf Notes   
    
+Next: , Previous: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.6 Reference Clock Support
    
+
    1.1.6 Reference Clock Support
    
 
    The NTP Version 4 daemon supports some three dozen different radio,
 satellite and modem reference clocks plus a special pseudo-clock
 used for backup or when no other clock source is available.
@@ -2277,7 +2323,7 @@ be found in the
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp).
+/usr/share/doc/ntp).
 Additional information can be found in the pages linked
 there, including the
 "Debugging Hints for Reference Clock Drivers"
@@ -2286,14 +2332,14 @@ and
 pages
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp).
+/usr/share/doc/ntp).
 In addition, support for a PPS
 signal is available as described in the
 "Pulse-per-second (PPS) Signal Interfacing"
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp).
+/usr/share/doc/ntp).
 Many
 drivers support special line discipline/streams modules which can
 significantly improve the accuracy using the driver.
@@ -2303,7 +2349,7 @@ described in the
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp).
+/usr/share/doc/ntp).
 
    
 
    A reference clock will generally (though not always) be a radio
 timecode receiver which is synchronized to a source of standard
@@ -2322,7 +2368,7 @@ in a scalding remark to the system log file, but is otherwise non
 hazardous.
 
    
 
    For the purposes of configuration,
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 treats
 reference clocks in a manner analogous to normal NTP peers as much
 as possible.
@@ -2330,12 +2376,12 @@ Reference clocks are identified by a syntactically
 correct but invalid IP address, in order to distinguish them from
 normal NTP peers.
 Reference clock addresses are of the form
-127.127.t.u,
+127.127.t.u,
 where
-t
+t
 is an integer
 denoting the clock type and
-u
+u
 indicates the unit
 number in the range 0-3.
 While it may seem overkill, it is in fact
@@ -2343,24 +2389,24 @@ sometimes useful to configure multiple reference clocks of the same
 type, in which case the unit numbers must be unique.
 
    
 
    The
-server
+server
 command is used to configure a reference
 clock, where the
-address
+address
 argument in that command
 is the clock address.
 The
-key,
-version
+key,
+version
 and
-ttl
+ttl
 options are not used for reference clock support.
 The
-mode
+mode
 option is added for reference clock support, as
 described below.
 The
-prefer
+prefer
 option can be useful to
 persuade the server to cherish a reference clock with somewhat more
 enthusiasm than other reference clocks or peers.
@@ -2369,67 +2415,71 @@ information on this option can be found in the
 "Mitigation Rules and the prefer Keyword"
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp)
+/usr/share/doc/ntp)
 page.
 The
-minpoll
+minpoll
 and
-maxpoll
+maxpoll
 options have
 meaning only for selected clock drivers.
 See the individual clock
 driver document pages for additional information.
 
    
 
    The
-fudge
+fudge
 command is used to provide additional
 information for individual clock drivers and normally follows
 immediately after the
-server
+server
 command.
 The
-address
+address
 argument specifies the clock address.
 The
-refid
+refid
 and
-stratum
+stratum
 options can be used to
 override the defaults for the device.
 There are two optional
 device-dependent time offsets and four flags that can be included
 in the
-fudge
+fudge
 command as well.
 
    
 
    The stratum number of a reference clock is by default zero.
 Since the
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 daemon adds one to the stratum of each
 peer, a primary server ordinarily displays an external stratum of
 one.
 In order to provide engineered backups, it is often useful to
 specify the reference clock stratum as greater than zero.
 The
-stratum
+stratum
 option is used for this purpose.
 Also, in cases
 involving both a reference clock and a pulse-per-second (PPS)
 discipline signal, it is useful to specify the reference clock
 identifier as other than the default, depending on the driver.
 The
-refid
+refid
 option is used for this purpose.
 Except where noted,
 these options apply to all clock drivers.
-
    1.1.6.1 Reference Clock Commands
    
-
    
-
    server 127.127.t.u [prefer] [mode int] [minpoll int] [maxpoll int]
    
+
    
+
    
+
    1.1.6.1 Reference Clock Commands
    
+
    
+
    server 127.127.t.u [prefer] [mode int] [minpoll int] [maxpoll int]
    
 
    This command can be used to configure reference clocks in
 special ways.
 The options are interpreted as follows:
-
    
-
    prefer
    
+
    
+
    prefer
    
 
    Marks the reference clock as preferred.
 All other things being
 equal, this host will be chosen for synchronization among a set of
@@ -2439,10 +2489,10 @@ See the
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp)
+/usr/share/doc/ntp)
 for further information.
 
    
-
    mode int
    
+
    mode int
    
 
    Specifies a mode number which is interpreted in a
 device-specific fashion.
 For instance, it selects a dialing
@@ -2450,39 +2500,39 @@ protocol in the ACTS driver and a device subtype in the
 parse
 drivers.
 
    
-
    minpoll int
    
-
    maxpoll int
    
+
    minpoll int
    
+
    maxpoll int
    
 
    These options specify the minimum and maximum polling interval
 for reference clock messages, as a power of 2 in seconds
 For
 most directly connected reference clocks, both
-minpoll
+minpoll
 and
-maxpoll
+maxpoll
 default to 6 (64 s).
 For modem reference clocks,
-minpoll
+minpoll
 defaults to 10 (17.1 m) and
-maxpoll
+maxpoll
 defaults to 14 (4.5 h).
 The allowable range is 4 (16 s) to 17 (36.4 h) inclusive.
 
    
 
    
 
    
-
    fudge 127.127.t.u [time1 sec] [time2 sec] [stratum int] [refid string] [mode int] [flag1 0 | 1] [flag2 0 | 1] [flag3 0 | 1] [flag4 0 | 1]
    
+
    fudge 127.127.t.u [time1 sec] [time2 sec] [stratum int] [refid string] [mode int] [flag1 0 | 1] [flag2 0 | 1] [flag3 0 | 1] [flag4 0 | 1]
    
 
    This command can be used to configure reference clocks in
 special ways.
 It must immediately follow the
-server
+server
 command which configures the driver.
 Note that the same capability
 is possible at run time using the
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 program.
 The options are interpreted as
 follows:
-
    
-
    time1 sec
    
+
    
+
    time1 sec
    
 
    Specifies a constant to be added to the time offset produced by
 the driver, a fixed-point decimal number in seconds.
 This is used
@@ -2502,17 +2552,17 @@ Note: in order to facilitate calibration when more than one
 radio clock or PPS signal is supported, a special calibration
 feature is available.
 It takes the form of an argument to the
-enable
+enable
 command described in
-Miscellaneous Options
+Miscellaneous Options
 page and operates as described in the
 "Reference Clock Drivers"
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp).
+/usr/share/doc/ntp).
 
    
-
    time2 secs
    
+
    time2 secs
    
 
    Specifies a fixed-point decimal number in seconds, which is
 interpreted in a driver-dependent way.
 See the descriptions of
@@ -2521,22 +2571,22 @@ specific drivers in the
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp ).
+/usr/share/doc/ntp ).
 
    
-
    stratum int
    
+
    stratum int
    
 
    Specifies the stratum number assigned to the driver, an integer
 between 0 and 15.
 This number overrides the default stratum number
 ordinarily assigned by the driver itself, usually zero.
 
    
-
    refid string
    
+
    refid string
    
 
    Specifies an ASCII string of from one to four characters which
 defines the reference identifier used by the driver.
 This string
 overrides the default identifier ordinarily assigned by the driver
 itself.
 
    
-
    mode int
    
+
    mode int
    
 
    Specifies a mode number which is interpreted in a
 device-specific fashion.
 For instance, it selects a dialing
@@ -2544,25 +2594,25 @@ protocol in the ACTS driver and a device subtype in the
 parse
 drivers.
 
    
-
    flag1 0 | 1
    
-
    flag2 0 | 1
    
-
    flag3 0 | 1
    
-
    flag4 0 | 1
    
+
    flag1 0 | 1
    
+
    flag2 0 | 1
    
+
    flag3 0 | 1
    
+
    flag4 0 | 1
    
 
    These four flags are used for customizing the clock driver.
 The
 interpretation of these values, and whether they are used at all,
 is a function of the particular clock driver.
 However, by
 convention
-flag4
+flag4
 is used to enable recording monitoring
 data to the
-clockstats
+clockstats
 file configured with the
-filegen
+filegen
 command.
 Further information on the
-filegen
+filegen
 command can be found in
 ‘Monitoring Options’.
 
    
@@ -2570,13 +2620,16 @@ command can be found in
 
    
 
    
 
    
-
    
+
    
+
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntp.conf Notes   
    
+Next: , Previous: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.7 Miscellaneous Options
    
-
    
-
    broadcastdelay seconds
    
+
    1.1.7 Miscellaneous Options
    
+
    
+
    broadcastdelay seconds
    
 
    The broadcast and multicast modes require a special calibration
 to determine the network delay between the local and remote
 servers.
@@ -2592,12 +2645,12 @@ number between 0.003 and 0.007 seconds is appropriate.
 The default
 when this command is not used is 0.004 seconds.
 
    
-
    driftfile driftfile
    
+
    driftfile driftfile
    
 
    This command specifies the complete path and name of the file used to
 record the frequency of the local clock oscillator.
 This is the same
 operation as the
--f
+-f
 command line option.
 If the file exists, it is read at
 startup in order to set the initial frequency and then updated once per
@@ -2615,92 +2668,92 @@ The file is updated by first writing
 the current drift value into a temporary file and then renaming
 this file to replace the old version.
 This implies that
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 must have write permission for the directory the
 drift file is located in, and that file system links, symbolic or
 otherwise, should be avoided.
 
    
-
    dscp value
    
+
    dscp value
    
 
    This option specifies the Differentiated Services Control Point (DSCP) value,
 a 6-bit code.
 The default value is 46, signifying Expedited Forwarding.
 
    
-
    enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | peer_clear_digest_early | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]
    
-
    disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | peer_clear_digest_early | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]
    
+
    enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | peer_clear_digest_early | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]
    
+
    disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | peer_clear_digest_early | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]
    
 
    Provides a way to enable or disable various server options.
 Flags not mentioned are unaffected.
 Note that all of these flags
 can be controlled remotely using the
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 utility program.
-
    
-
    auth
    
+
    
+
    auth
    
 
    Enables the server to synchronize with unconfigured peers only if the
 peer has been correctly authenticated using either public key or
 private key cryptography.
 The default for this flag is
-enable.
+enable.
 
    
-
    bclient
    
+
    bclient
    
 
    Enables the server to listen for a message from a broadcast or
 multicast server, as in the
-multicastclient
+multicastclient
 command with default
 address.
 The default for this flag is
-disable.
+disable.
 
    
-
    calibrate
    
+
    calibrate
    
 
    Enables the calibrate feature for reference clocks.
 The default for
 this flag is
-disable.
+disable.
 
    
-
    kernel
    
+
    kernel
    
 
    Enables the kernel time discipline, if available.
 The default for this
 flag is
-enable
+enable
 if support is available, otherwise
-disable.
+disable.
 
    
-
    mode7
    
+
    mode7
    
 
    Enables processing of NTP mode 7 implementation-specific requests
 which are used by the deprecated
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 program.
 The default for this flag is disable.
 This flag is excluded from runtime configuration using
-ntpq(1ntpqmdoc).
+ntpq(1ntpqmdoc).
 The
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 program provides the same capabilities as
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 using standard mode 6 requests.
 
    
-
    monitor
    
+
    monitor
    
 
    Enables the monitoring facility.
 See the
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 program
 and the
-monlist
+monlist
 command or further information.
 The
 default for this flag is
-enable.
+enable.
 
    
-
    ntp
    
+
    ntp
    
 
    Enables time and frequency discipline.
 In effect, this switch opens and
 closes the feedback loop, which is useful for testing.
 The default for
 this flag is
-enable.
+enable.
 
    
-
    peer_clear_digest_early
    
+
    peer_clear_digest_early
    
 
    By default, if
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 is using autokey and it
 receives a crypto-NAK packet that
 passes the duplicate packet and origin timestamp checks
@@ -2713,23 +2766,23 @@ If you have active noticable problems with this type of DoS attack
 then you should consider
 disabling this option.
 You can check your
-peerstats
+peerstats
 file for evidence of any of these attacks.
 The
 default for this flag is
-enable.
+enable.
 
    
-
    stats
    
+
    stats
    
 
    Enables the statistics facility.
 See the
 ‘Monitoring Options’
 section for further information.
 The default for this flag is
-disable.
+disable.
 
    
-
    unpeer_crypto_early
    
+
    unpeer_crypto_early
    
 
    By default, if
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 receives an autokey packet that fails TEST9,
 a crypto failure,
 the association is immediately cleared.
@@ -2744,15 +2797,15 @@ disabling this flag will delay
 tearing down the association until the reachability counter
 becomes zero.
 You can check your
-peerstats
+peerstats
 file for evidence of any of these attacks.
 The
 default for this flag is
-enable.
+enable.
 
    
-
    unpeer_crypto_nak_early
    
+
    unpeer_crypto_nak_early
    
 
    By default, if
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 receives a crypto-NAK packet that
 passes the duplicate packet and origin timestamp checks
 the association is immediately cleared.
@@ -2764,15 +2817,15 @@ If you have active noticable problems with this type of DoS attack
 then you should consider
 disabling this option.
 You can check your
-peerstats
+peerstats
 file for evidence of any of these attacks.
 The
 default for this flag is
-enable.
+enable.
 
    
-
    unpeer_digest_early
    
+
    unpeer_digest_early
    
 
    By default, if
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 receives what should be an authenticated packet
 that passes other packet sanity checks but
 contains an invalid digest
@@ -2785,15 +2838,15 @@ If you have active noticable problems with this type of DoS attack
 then you should consider
 disabling this option.
 You can check your
-peerstats
+peerstats
 file for evidence of any of these attacks.
 The
 default for this flag is
-enable.
+enable.
 
    
 
    
 
    
-
    includefile includefile
    
+
    includefile includefile
    
 
    This command allows additional configuration commands
 to be included from a separate file.
 Include files may
@@ -2801,15 +2854,15 @@ be nested to a depth of five; upon reaching the end of any
 include file, command processing resumes in the previous
 configuration file.
 This option is useful for sites that run
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 on multiple hosts, with (mostly) common options (e.g., a
 restriction list).
 
    
-
    interface [listen | ignore | drop] [all | ipv4 | ipv6 | wildcard name | address [/ prefixlen]]
    
+
    interface [listen | ignore | drop] [all | ipv4 | ipv6 | wildcard name | address [/ prefixlen]]
    
 
    The
-interface
+interface
 directive controls which network addresses
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 opens, and whether input is dropped without processing.
 The first parameter determines the action for addresses
 which match the second parameter.
@@ -2817,66 +2870,66 @@ The second parameter specifies a class of addresses,
 or a specific interface name,
 or an address.
 In the address case,
-prefixlen
+prefixlen
 determines how many bits must match for this rule to apply.
-ignore
+ignore
 prevents opening matching addresses,
-drop
+drop
 causes
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 to open the address and drop all received packets without examination.
 Multiple
-interface
+interface
 directives can be used.
 The last rule which matches a particular address determines the action for it.
-interface
+interface
 directives are disabled if any
--I,
---interface,
--L,
+-I,
+--interface,
+-L,
 or
---novirtualips
+--novirtualips
 command-line options are specified in the configuration file,
 all available network addresses are opened.
 The
-nic
+nic
 directive is an alias for
-interface.
+interface.
 
    
-
    leapfile leapfile
    
+
    leapfile leapfile
    
 
    This command loads the IERS leapseconds file and initializes the
 leapsecond values for the next leapsecond event, leapfile expiration
 time, and TAI offset.
 The file can be obtained directly from the IERS at
-https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list
+https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list
 or
-ftp://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list.
+ftp://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list.
 The
-leapfile
+leapfile
 is scanned when
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 processes the
-leapfile directive or when
-ntpd detects that the
-leapfile
+leapfile directive or when
+ntpd detects that the
+leapfile
 has changed.
-ntpd
+ntpd
 checks once a day to see if the
-leapfile
+leapfile
 has changed.
 The
-update-leap(1update_leapmdoc)
+update-leap(1update_leapmdoc)
 script can be run to see if the
-leapfile
+leapfile
 should be updated.
 
    
-
    leapsmearinterval seconds
    
+
    leapsmearinterval seconds
    
 
    This EXPERIMENTAL option is only available if
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 was built with the
---enable-leap-smear
+--enable-leap-smear
 option to the
-configure
+configure
 script.
 It specifies the interval over which a leap second correction will be applied.
 Recommended values for this option are between
@@ -2884,16 +2937,16 @@ Recommended values for this option are between
 .Sy DO NOT USE THIS OPTION ON PUBLIC-ACCESS SERVERS!
 See http://bugs.ntp.org/2855 for more information.
 
    
-
    logconfig configkeyword
    
+
    logconfig configkeyword
    
 
    This command controls the amount and type of output written to
 the system
-syslog(3)
+syslog(3)
 facility or the alternate
-logfile
+logfile
 log file.
 By default, all output is turned on.
 All
-configkeyword
+configkeyword
 keywords can be prefixed with
 ‘=’,
 ‘+’
@@ -2902,36 +2955,36 @@ and
 where
 ‘=’
 sets the
-syslog(3)
+syslog(3)
 priority mask,
 ‘+’
 adds and
 ‘-’
 removes
 messages.
-syslog(3)
+syslog(3)
 messages can be controlled in four
 classes
-(clock, peer, sys and sync).
+(clock, peer, sys and sync).
 Within these classes four types of messages can be
 controlled: informational messages
-(info),
+(info),
 event messages
-(events),
+(events),
 statistics messages
-(statistics)
+(statistics)
 and
 status messages
-(status).
+(status).
 
    
 
    Configuration keywords are formed by concatenating the message class with
 the event class.
 The
-all
+all
 prefix can be used instead of a message class.
 A
 message class may also be followed by the
-all
+all
 keyword to enable/disable all
 messages of the respective message class.
 Thus, a minimal log configuration
@@ -2939,7 +2992,7 @@ could look like this:
 
    logconfig =syncstatus +sysevents
 
    
 
    This would just list the synchronizations state of
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 and the major system events.
 For a simple reference server, the
 following minimum message configuration could be useful:
@@ -2950,86 +3003,86 @@ synchronization information.
 All other events and messages about
 peers, system events and so on is suppressed.
 
    
-
    logfile logfile
    
+
    logfile logfile
    
 
    This command specifies the location of an alternate log file to
 be used instead of the default system
-syslog(3)
+syslog(3)
 facility.
 This is the same operation as the
--l
+-l
 command line option.
 
    
-
    mru [maxdepth count | maxmem kilobytes | mindepth count | maxage seconds | initialloc count | initmem kilobytes | incalloc count | incmem kilobytes]
    
+
    mru [maxdepth count | maxmem kilobytes | mindepth count | maxage seconds | initialloc count | initmem kilobytes | incalloc count | incmem kilobytes]
    
 
    Controls size limite of the monitoring facility’s Most Recently Used
 (MRU) list
 of client addresses, which is also used by the
 rate control facility.
-
    
-
    maxdepth count
    
-
    maxmem kilobytes
    
+
    
+
    maxdepth count
    
+
    maxmem kilobytes
    
 
    Equivalent upper limits on the size of the MRU list, in terms of entries or kilobytes.
 The acutal limit will be up to
-incalloc
+incalloc
 entries or
-incmem
+incmem
 kilobytes larger.
 As with all of the
-mru
+mru
 options offered in units of entries or kilobytes, if both
-maxdepth
+maxdepth
 and
-maxmem are used, the last one used controls.
+maxmem are used, the last one used controls.
 The default is 1024 kilobytes.
 
    
-
    mindepth count
    
+
    mindepth count
    
 
    Lower limit on the MRU list size.
 When the MRU list has fewer than
-mindepth
+mindepth
 entries, existing entries are never removed to make room for newer ones,
 regardless of their age.
 The default is 600 entries.
 
    
-
    maxage seconds
    
+
    maxage seconds
    
 
    Once the MRU list has
-mindepth
+mindepth
 entries and an additional client is to ba added to the list,
 if the oldest entry was updated more than
-maxage
+maxage
 seconds ago, that entry is removed and its storage is reused.
 If the oldest entry was updated more recently the MRU list is grown,
 subject to 
-maxdepth / moxmem.
+maxdepth / moxmem.
 The default is 64 seconds.
 
    
-
    initalloc count
    
-
    initmem kilobytes
    
+
    initalloc count
    
+
    initmem kilobytes
    
 
    Initial memory allocation at the time the monitoringfacility is first enabled,
 in terms of the number of entries or kilobytes.
 The default is 4 kilobytes.
 
    
-
    incalloc count
    
-
    incmem kilobytes
    
+
    incalloc count
    
+
    incmem kilobytes
    
 
    Size of additional memory allocations when growing the MRU list, in entries or kilobytes.
 The default is 4 kilobytes.
 
    
 
    
 
    
-
    nonvolatile threshold
    
+
    nonvolatile threshold
    
 
    Specify the
-threshold
+threshold
 delta in seconds before an hourly change to the
-driftfile
+driftfile
 (frequency file) will be written, with a default value of 1e-7 (0.1 PPM).
 The frequency file is inspected each hour.
 If the difference between the current frequency and the last value written
 exceeds the threshold, the file is written and the
-threshold
+threshold
 becomes the new threshold value.
 If the threshold is not exceeeded, it is reduced by half.
 This is intended to reduce the number of file writes 
 for embedded systems with nonvolatile memory.
 
    
-
    phone dial ...
    
+
    phone dial ...
    
 
    This command is used in conjunction with
 the ACTS modem driver (type 18)
 or the JJY driver (type 40, mode 100 - 180).
@@ -3041,9 +3094,9 @@ one telephone number used to dial the telephone JJY service.
 The Hayes command ATDT is normally prepended to the number.
 The number can contain other modem control codes as well.
 
    
-
    pollskewlist [poll early late] ... [default early late]
    
+
    pollskewlist [poll early late] ... [default early late]
    
 
    Enable skewing of our poll requests to our servers.
-poll
+poll
 is a number between 3 and 17 inclusive, identifying a specific poll interval.
 A poll interval is 2^n seconds in duration,
 so a poll value of 3 corresponds to 8 seconds
@@ -3059,119 +3112,119 @@ Ar late
 specifies how late the poll may be delayed.
 With no arguments, internally specified default values are chosen.
 
    
-
    reset [allpeers] [auth] [ctl] [io] [mem] [sys] [timer]
    
+
    reset [allpeers] [auth] [ctl] [io] [mem] [sys] [timer]
    
 
    Reset one or more groups of counters maintained by
-ntpd
+ntpd
 and exposed by
-ntpq
+ntpq
 and
-ntpdc.
+ntpdc.
 
    
-
    rlimit [memlock Nmegabytes | stacksize N4kPages filenum Nfiledescriptors]
    
-
    
-
    memlock Nmegabytes
    
+
    rlimit [memlock Nmegabytes | stacksize N4kPages filenum Nfiledescriptors]
    
+
    
+
    memlock Nmegabytes
    
 
    Specify the number of megabytes of memory that should be
 allocated and locked.
 Probably only available under Linux, this option may be useful
 when dropping root (the
--i
+-i
 option).
 The default is 32 megabytes on non-Linux machines, and -1 under Linux.
 -1 means "do not lock the process into memory".
 0 means "lock whatever memory the process wants into memory".
 
    
-
    stacksize N4kPages
    
+
    stacksize N4kPages
    
 
    Specifies the maximum size of the process stack on systems with the
-mlockall()
+mlockall()
 function.
 Defaults to 50 4k pages (200 4k pages in OpenBSD).
 
    
-
    filenum Nfiledescriptors
    
+
    filenum Nfiledescriptors
    
 
    Specifies the maximum number of file descriptors ntpd may have open at once.
 Defaults to the system default.
 
    
 
    
 
    
-
    saveconfigdir directory_path
    
+
    saveconfigdir directory_path
    
 
    Specify the directory in which to write configuration snapshots
 requested with
 .Cm ntpq ’s
-saveconfig
+saveconfig
 command.
 If
-saveconfigdir
+saveconfigdir
 does not appear in the configuration file,
-saveconfig
+saveconfig
 requests are rejected by
-ntpd.
+ntpd.
 
    
-
    saveconfig filename
    
+
    saveconfig filename
    
 
    Write the current configuration, including any runtime
 modifications given with
-:config
+:config
 or
-config-from-file
+config-from-file
 to the
-ntpd
+ntpd
 host’s
-filename
+filename
 in the
-saveconfigdir.
+saveconfigdir.
 This command will be rejected unless the
-saveconfigdir
+saveconfigdir
 directive appears in
 .Cm ntpd ’s
 configuration file.
-filename
+filename
 can use
-strftime(3)
+strftime(3)
 format directives to substitute the current date and time,
 for example,
-saveconfig\ ntp-%Y%m%d-%H%M%S.conf.
+saveconfig\ ntp-%Y%m%d-%H%M%S.conf.
 The filename used is stored in the system variable
-savedconfig.
+savedconfig.
 Authentication is required.
 
    
-
    setvar variable [default]
    
+
    setvar variable [default]
    
 
    This command adds an additional system variable.
 These
 variables can be used to distribute additional information such as
 the access policy.
 If the variable of the form
-name=value
+name=value
 is followed by the
-default
+default
 keyword, the
 variable will be listed as part of the default system variables
-(rv command)).
+(rv command)).
 These additional variables serve
 informational purposes only.
 They are not related to the protocol
 other that they can be listed.
 The known protocol variables will
 always override any variables defined via the
-setvar
+setvar
 mechanism.
 There are three special variables that contain the names
 of all variable of the same group.
 The
-sys_var_list
+sys_var_list
 holds
 the names of all system variables.
 The
-peer_var_list
+peer_var_list
 holds
 the names of all peer variables and the
-clock_var_list
+clock_var_list
 holds the names of the reference clock variables.
 
    
-
    sysinfo
    
+
    sysinfo
    
 
    Display operational summary.
 
    
-
    sysstats
    
+
    sysstats
    
 
    Show statistics counters maintained in the protocol module.
 
    
-
    tinker [allan allan | dispersion dispersion | freq freq | huffpuff huffpuff | panic panic | step step | stepback stepback | stepfwd stepfwd | stepout stepout]
    
+
    tinker [allan allan | dispersion dispersion | freq freq | huffpuff huffpuff | panic panic | step step | stepback stepback | stepfwd stepfwd | stepout stepout]
    
 
    This command can be used to alter several system variables in
 very exceptional circumstances.
 It should occur in the
@@ -3190,25 +3243,25 @@ Emphasis added: twisters are on their own and can expect
 no help from the support group.
 
    
 
    The variables operate as follows:
-
    
-
    allan allan
    
+
    
+
    allan allan
    
 
    The argument becomes the new value for the minimum Allan
 intercept, which is a parameter of the PLL/FLL clock discipline
 algorithm.
 The value in log2 seconds defaults to 7 (1024 s), which is also the lower
 limit.
 
    
-
    dispersion dispersion
    
+
    dispersion dispersion
    
 
    The argument becomes the new value for the dispersion increase rate,
 normally .000015 s/s.
 
    
-
    freq freq
    
+
    freq freq
    
 
    The argument becomes the initial value of the frequency offset in
 parts-per-million.
 This overrides the value in the frequency file, if
 present, and avoids the initial training state if it is not.
 
    
-
    huffpuff huffpuff
    
+
    huffpuff huffpuff
    
 
    The argument becomes the new value for the experimental
 huff-n’-puff filter span, which determines the most recent interval
 the algorithm will search for a minimum delay.
@@ -3218,13 +3271,13 @@ There
 is no default, since the filter is not enabled unless this command
 is given.
 
    
-
    panic panic
    
+
    panic panic
    
 
    The argument is the panic threshold, normally 1000 s.
 If set to zero,
 the panic sanity check is disabled and a clock offset of any value will
 be accepted.
 
    
-
    step step
    
+
    step step
    
 
    The argument is the step threshold, which by default is 0.128 s.
 It can
 be set to any positive number in seconds.
@@ -3234,7 +3287,7 @@ Note: The kernel time discipline is
 disabled if the step threshold is set to zero or greater than the
 default.
 
    
-
    stepback stepback
    
+
    stepback stepback
    
 
    The argument is the step threshold for the backward direction,
 which by default is 0.128 s.
 It can
@@ -3246,10 +3299,10 @@ disabled if
 each direction of step threshold are either
 set to zero or greater than .5 second.
 
    
-
    stepfwd stepfwd
    
+
    stepfwd stepfwd
    
 
    As for stepback, but for the forward direction.
 
    
-
    stepout stepout
    
+
    stepout stepout
    
 
    The argument is the stepout timeout, which by default is 900 s.
 It can
 be set to any positive number in seconds.
@@ -3258,20 +3311,20 @@ pulses will not be suppressed.
 
    
 
    
 
    
-
    writevar assocID\ name = value [,...]
    
+
    writevar assocID\ name = value [,...]
    
 
    Write (create or update) the specified variables.
 If the
-assocID
+assocID
 is zero, the variablea re from the
 system variables
 name space, otherwise they are from the
 peer variables
 name space.
 The
-assocID
+assocID
 is required, as the same name can occur in both name spaces.
 
    
-
    trap host_address [port port_number] [interface interface_address]
    
+
    trap host_address [port port_number] [interface interface_address]
    
 
    This command configures a trap receiver at the given host
 address and port number for sending messages with the specified
 local interface address.
@@ -3283,11 +3336,11 @@ message is sent through.
 Note that on a multihomed host the
 interface used may vary from time to time with routing changes.
 
    
-
    ttl hop ...
    
+
    ttl hop ...
    
 
    This command specifies a list of TTL values in increasing order.
 Up to 8 values can be specified.
 In
-manycast
+manycast
 mode these values are used in-turn in an expanding-ring search.
 The default is eight multiples of 32 starting at 31.
 
    
@@ -3298,7 +3351,7 @@ programs may also request their own trap dynamically, configuring a
 trap receiver will ensure that no messages are lost when the server
 is started.
 
    
-
    hop ...
    
+
    hop ...
    
 
    This command specifies a list of TTL values in increasing order, up to 8
 values can be specified.
 In manycast mode these values are used in turn in
@@ -3308,88 +3361,87 @@ The default is eight multiples of 32 starting at
 
    
 
    
 
-
    This section was generated by AutoGen,
-using the agtexi-cmd template and the option descriptions for the ntp.conf program.
+
    This section was generated by AutoGen,
+using the agtexi-cmd template and the option descriptions for the ntp.conf program.
 This software is released under the NTP license, <http://ntp.org/license>.
 
    
-
-
-
-
-
-
    ntp.conf Files  Files
-
    ntp.conf See Also  See Also
-
    ntp.conf Bugs  Bugs
-
    ntp.conf Notes  Notes
-
    
 
 
    
-
    
+
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntp.conf Notes   
    
+Next: , Previous: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.8 ntp.conf Files
    
-
    
-
    /etc/ntp.conf
    
+
    1.1.8 ntp.conf Files
    
+
    
+
    /etc/ntp.conf
    
 
    the default name of the configuration file
 
    
-
    ntp.keys
    
+
    ntp.keys
    
 
    private MD5 keys
 
    
-
    ntpkey
    
+
    ntpkey
    
 
    RSA private key
 
    
-
    ntpkey_host
    
+
    ntpkey_host
    
 
    RSA public key
 
    
-
    ntp_dh
    
+
    ntp_dh
    
 
    Diffie-Hellman agreement parameters
 
    
 
    
 
    
-
    
+
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntp.conf Notes   
    
+Next: , Previous: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.9 ntp.conf See Also
    
-
    ntpd(1ntpdmdoc),
-ntpdc(1ntpdcmdoc),
-ntpq(1ntpqmdoc)
+
    1.1.9 ntp.conf See Also
    
+
    ntpd(1ntpdmdoc),
+ntpdc(1ntpdcmdoc),
+ntpq(1ntpqmdoc)
 
    
 
    In addition to the manual pages provided,
 comprehensive documentation is available on the world wide web
 at
-http://www.ntp.org/.
+http://www.ntp.org/.
 A snapshot of this documentation is available in HTML format in
-/usr/share/doc/ntp.
+/usr/share/doc/ntp.
 
    
 
    
 
    
-
    David L. Mills, Network Time Protocol (Version 4), RFC5905
+
    David L. Mills, Network Time Protocol (Version 4), RFC5905
 
    
-
    
+
    
+
    
+
    
 
    
-Previous: , Up: ntp.conf Notes   
    
+Next: ntp.conf Notes, Previous: , Up: Notes about ntp.conf   
    
 
    
-
    1.1.10 ntp.conf Bugs
    
+
    1.1.10 ntp.conf Bugs
    
 
    The syntax checking is not picky; some combinations of
 ridiculous and even hilarious options and modes may not be
 detected.
 
    
 
    The
-ntpkey_host
+ntpkey_host
 files are really digital
 certificates.
 These should be obtained via secure directory
 services when they become universally available.
 
    
-
    
-
    
-   
    
 
    
-
    1.1.11 ntp.conf Notes
    
+
    
+
    
+
    
+
    1.1.11 ntp.conf Notes
    
 
    This document was derived from FreeBSD.
-
    
+
    
+
    
+
    
+
    
 
 
 
diff --git a/ntpd/ntp.conf.man.in b/ntpd/ntp.conf.man.in
index 7d85e612e..49ee85b5a 100644
--- a/ntpd/ntp.conf.man.in
+++ b/ntpd/ntp.conf.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp.conf 5 "30 Sep 2023" "4.2.8p17" "File Formats"
+.TH ntp.conf 5 "07 Jan 2024" "4.2.8p17" "File Formats"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed September 30, 2023 at 03:20:48 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:34:31 AM by AutoGen 5.18.16
 .\" From the definitions ntp.conf.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -3451,7 +3451,7 @@ RFC5905
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH BUGS
 The syntax checking is not picky; some combinations of
diff --git a/ntpd/ntp.conf.mdoc.in b/ntpd/ntp.conf.mdoc.in
index 6b8b5e607..e0b5dce55 100644
--- a/ntpd/ntp.conf.mdoc.in
+++ b/ntpd/ntp.conf.mdoc.in
@@ -1,9 +1,9 @@
-.Dd September 30 2023
+.Dd January 7 2024
 .Dt NTP_CONF 5 File Formats
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  September 30, 2023 at 03:20:43 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:20 AM by AutoGen 5.18.16
 .\"  From the definitions    ntp.conf.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -3296,7 +3296,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh BUGS
 The syntax checking is not picky; some combinations of
diff --git a/ntpd/ntp.keys.5man b/ntpd/ntp.keys.5man
index 24dbfcf03..13ee481a6 100644
--- a/ntpd/ntp.keys.5man
+++ b/ntpd/ntp.keys.5man
@@ -1,8 +1,8 @@
-.TH ntp.keys 5man "06 Jun 2023" "4.2.8p17" "File Formats"
+.TH ntp.keys 5man "07 Jan 2024" "4.2.8p17" "File Formats"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.man)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:37:47 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:33 AM by AutoGen 5.18.16
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agman-file.tpl
 .Sh NAME
@@ -176,7 +176,7 @@ the default name of the configuration file
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpd/ntp.keys.5mdoc b/ntpd/ntp.keys.5mdoc
index 100320fd2..26fd7e066 100644
--- a/ntpd/ntp.keys.5mdoc
+++ b/ntpd/ntp.keys.5mdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTP_KEYS 5mdoc File Formats
-.Os FreeBSD 12.1-RELEASE_SI
+.Os FreeBSD 11.2-RELEASE_SI
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:37:34 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:22 AM by AutoGen 5.18.16
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agmdoc-file.tpl
 .Sh NAME
@@ -163,7 +163,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpd/ntp.keys.html b/ntpd/ntp.keys.html
index 2d53d91f4..42c013701 100644
--- a/ntpd/ntp.keys.html
+++ b/ntpd/ntp.keys.html
@@ -1,6 +1,6 @@
-
+
 
-
+
 
 
 NTP Symmetric Key
@@ -10,24 +10,19 @@
 
 
 
+
+
 
 
+
+
 
 
@@ -35,63 +30,57 @@ ul.no-bullet {list-style: none}
 
 
 
-
    NTP Symmetric Key
    
 
 
 
 
 
-
    
+
    
+
    
 
    
-Next: , Previous: , Up: (dir)   
    
+Next: , Previous: , Up: (dir)   
    
 
    
-
    NTP’s Symmetric Key File User Manual
    
+
    NTP’s Symmetric Key File User Manual
    
 
 
    This document describes the symmetric key file for the NTP Project’s
-ntpd program.
+ntpd program.
 
    
-
    This document applies to version 4.2.8p17 of ntp.keys.
+
    This document applies to version 4.2.8p17 of ntp.keys.
 
    
-
+
+
+
    
 
    Short Table of Contents
    
 
 
    
-
    
-
-
-
-
-
-
    ntp.keys Description  
-
    ntp.keys Notes  
-
    
-
+
    
 
    
-
    
+
    
+
    
 
    
-Previous: , Up: Top   
    
+Previous: , Up: NTP’s Symmetric Key File User Manual   
    
 
    
-
    1 Description
    
+
    1 Description
    
 
-
    The name and location of the symmetric key file for ntpd can
-be specified in a configuration file, by default /etc/ntp.keys.
+
    The name and location of the symmetric key file for ntpd can
+be specified in a configuration file, by default /etc/ntp.keys.
 
    
-
-
-
    Notes about ntp.keys  
-
    
-
+
 
    
-
    
+
    
+
    
 
    
-Previous: , Up: ntp.keys Description   
    
+Up: Description   
    
 
    
-
    1.1 Notes about ntp.keys
    
-
-
+
    1.1 Notes about ntp.keys
    
+
+
 
 
 
@@ -99,14 +88,14 @@ Previous: 
    
 
    
-
    
+
    
+
    
 
    
-Next: , Up: ntp.keys Notes   
    
+Next: , Up: Notes about ntp.keys   
    
 
    
-
    1.1.1 ntp.keys Files
    
-
    
-
    /etc/ntp.keys
    
+
    1.1.1 ntp.keys Files
    
+
    
+
    /etc/ntp.keys
    
 
    the default name of the configuration file
 
    
 
    
 
    
-
    
+
    
+
    
+
    
 
    
-Previous: , Up: ntp.keys Notes   
    
+Next: ntp.keys Notes, Previous: , Up: Notes about ntp.keys   
    
 
    
-
    1.1.2 ntp.keys See Also
    
-
    ntp.conf(5),
-ntpd(1ntpdmdoc),
-ntpdate(1ntpdatemdoc),
-ntpdc(1ntpdcmdoc),
-sntp(1sntpmdoc)
+
    1.1.2 ntp.keys See Also
    
+
    ntp.conf(5),
+ntpd(1ntpdmdoc),
+ntpdate(1ntpdatemdoc),
+ntpdc(1ntpdcmdoc),
+sntp(1sntpmdoc)
 
    
-
    
-
    
-   
    
 
    
-
    1.1.3 ntp.keys Notes
    
+
    
+
    
+
    
+
    1.1.3 ntp.keys Notes
    
 
    This document was derived from FreeBSD.
-
    
+
    
+
    
+
    
+
    
 
 
 
diff --git a/ntpd/ntp.keys.man.in b/ntpd/ntp.keys.man.in
index c646bb11e..0690c6789 100644
--- a/ntpd/ntp.keys.man.in
+++ b/ntpd/ntp.keys.man.in
@@ -1,8 +1,8 @@
-.TH ntp.keys 5 "06 Jun 2023" "4.2.8p17" "File Formats"
+.TH ntp.keys 5 "07 Jan 2024" "4.2.8p17" "File Formats"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.man)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:37:47 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:33 AM by AutoGen 5.18.16
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agman-file.tpl
 .Sh NAME
@@ -176,7 +176,7 @@ the default name of the configuration file
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpd/ntp.keys.mdoc.in b/ntpd/ntp.keys.mdoc.in
index fdeaeba4c..09ed8cdf3 100644
--- a/ntpd/ntp.keys.mdoc.in
+++ b/ntpd/ntp.keys.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTP_KEYS 5 File Formats
-.Os FreeBSD 12.1-RELEASE_SI
+.Os FreeBSD 11.2-RELEASE_SI
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:37:34 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:22 AM by AutoGen 5.18.16
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agmdoc-file.tpl
 .Sh NAME
@@ -163,7 +163,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpd/ntpd-opts.c b/ntpd/ntpd-opts.c
index 14774d684..4a58c936e 100644
--- a/ntpd/ntpd-opts.c
+++ b/ntpd/ntpd-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpd-opts.c)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:36:50 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:33:48 AM by AutoGen 5.18.16
  *  From the definitions    ntpd-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpd program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -81,7 +81,7 @@ extern FILE * option_usage_fp;
  */
 static char const ntpd_opt_strs[3133] =
 /*     0 */ "ntpd 4.2.8p17\n"
-            "Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+            "Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -1535,7 +1535,7 @@ static void bogus_function(void) {
    */
   /* referenced via ntpdOptions.pzCopyright */
   puts(_("ntpd 4.2.8p17\n\
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
diff --git a/ntpd/ntpd-opts.h b/ntpd/ntpd-opts.h
index 3541255bb..5df035a40 100644
--- a/ntpd/ntpd-opts.h
+++ b/ntpd/ntpd-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpd-opts.h)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:36:50 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:33:48 AM by AutoGen 5.18.16
  *  From the definitions    ntpd-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpd program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
diff --git a/ntpd/ntpd.1ntpdman b/ntpd/ntpd.1ntpdman
index 237a9179f..54491b941 100644
--- a/ntpd/ntpd.1ntpdman
+++ b/ntpd/ntpd.1ntpdman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpd 1ntpdman "06 Jun 2023" "4.2.8p17" "User Commands"
+.TH ntpd 1ntpdman "07 Jan 2024" "4.2.8p17" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:37:49 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:34:34 AM by AutoGen 5.18.16
 .\" From the definitions ntpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -979,7 +979,7 @@ RFC5908
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH BUGS
 The
diff --git a/ntpd/ntpd.1ntpdmdoc b/ntpd/ntpd.1ntpdmdoc
index 536e7f672..34b32f98e 100644
--- a/ntpd/ntpd.1ntpdmdoc
+++ b/ntpd/ntpd.1ntpdmdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTPD 1ntpdmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:37:36 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:23 AM by AutoGen 5.18.16
 .\"  From the definitions    ntpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -886,7 +886,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh BUGS
 The
diff --git a/ntpd/ntpd.html b/ntpd/ntpd.html
index 3947f57f1..c2e5f7dc6 100644
--- a/ntpd/ntpd.html
+++ b/ntpd/ntpd.html
@@ -1,6 +1,6 @@
-
+
 
-
+
 
 
 ntpd: Network Time Protocol (NTP) Daemon User’s Manual
@@ -10,24 +10,20 @@
 
 
 
+
+
 
 
+
+
 
 
@@ -35,19 +31,19 @@ ul.no-bullet {list-style: none}
 
 
 
-
    ntpd: Network Time Protocol (NTP) Daemon User’s Manual
    
 
 
 
 
 
-
    
+
    
+
    
 
    
-Next: , Previous: , Up: (dir)   
    
+Next: , Previous: , Up: (dir)   
    
 
    
-
    ntpd: Network Time Protocol (NTP) Daemon User Manual
    
+
    ntpd: Network Time Protocol (NTP) Daemon User Manual
    
 
-
    The ntpd program is an operating system daemon that synchronizes the
+
    The ntpd program is an operating system daemon that synchronizes the
 system clock to remote NTP time servers or local reference clocks.
 It is a complete implementation of NTP version 4 defined by RFC-5905, but
 also retains compatible with version 3 defined by RFC-1305 and versions
@@ -56,35 +52,28 @@ The program can operate in any of several modes, including client/server,
 symmetric and broadcast modes, and with both symmetric-key and public-key
 cryptography.
 
    
-
    This document applies to version 4.2.8p17 of ntpd.
+
    This document applies to version 4.2.8p17 of ntpd.
 
    
-
+
+
+
    
 
    Short Table of Contents
    
 
 
    
-
    
-
-
-
-
-
-
-
    ntpd Description  Description
-
    ntpd Invocation  Invoking ntpd
-
    Usage  Usage
-
    
-
+
    
 
    
-
    
+
    
+
    
 
    
-Next: , Up: Top   
    
+Up: ntpd: Network Time Protocol (NTP) Daemon User Manual   
    
 
    
-
    1 Description
    
+
    1 Description
    
 
-
    The ntpd program ordinarily requires
+
    The ntpd program ordinarily requires
 a configuration file described at ‘ntp.conf’.
 This configuration file contains configuration commands described on
 the pages listed above.
@@ -93,38 +82,36 @@ automatically.
 This makes it possible to deploy a fleet of workstations without
 specifying configuration details specific to the local environment.
 
    
-
    The ntpd program normally operates continuously while adjusting the
+
    The ntpd program normally operates continuously while adjusting the
 system time and frequency, but in some cases this might not be
 practical.
-With the -q option ntpd operates as in continuous mode, but
+With the -q option ntpd operates as in continuous mode, but
 exits just after setting the clock for the first time.
-Most applications will probably want to specify the iburst
-option with the server command.
+Most applications will probably want to specify the iburst
+option with the server command.
 With this option an initial volley of messages is exchanged to
 groom the data and set the clock in about ten seconds’ time.
 If nothing is heard after a few minutes’ time,
 the daemon times out and exits without setting the clock.
 
    
-
-
-
-
    Invoking ntpd  
-
    Usage  
-
    
-
+
 
    
-
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntpd Description   
    
+Next: , Up: Description   
    
 
    
-
    1.1 Invoking ntpd
    
-
-
+
    1.1 Invoking ntpd
    
+
+
 
 
 
 
    The
-ntpd
+ntpd
 utility is an operating system daemon which sets
 and maintains the system time of day in synchronism with Internet
 standard time servers.
@@ -135,7 +122,7 @@ version 3, as defined by RFC-1305, and versions 1
 and 2, as defined by RFC-1059 and RFC-1119, respectively.
 
    
 
    The
-ntpd
+ntpd
 utility does most computations in 64-bit floating point
 arithmetic and does relatively clumsy 64-bit fixed point operations
 only when necessary to preserve the ultimate precision, about 232
@@ -145,9 +132,9 @@ ordinary workstations and networks of today, it may be required
 with future gigahertz CPU clocks and gigabit LANs.
 
    
 
    Ordinarily,
-ntpd
+ntpd
 reads the
-ntp.conf(5)
+ntp.conf(5)
 configuration file at startup time in order to determine the
 synchronization sources and operating modes.
 It is also possible to
@@ -159,140 +146,104 @@ broadcast/multicast client, with all peers being determined by
 listening to broadcasts at run time.
 
    
 
    If NetInfo support is built into
-ntpd
+ntpd
 then
-ntpd
+ntpd
 will attempt to read its configuration from the
 NetInfo if the default
-ntp.conf(5)
+ntp.conf(5)
 file cannot be read and no file is
 specified by the
--c
+-c
 option.
 
    
 
    Various internal
-ntpd
+ntpd
 variables can be displayed and
 configuration options altered while the
-ntpd
+ntpd
 is running
 using the
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 utility programs.
 
    
 
    When
-ntpd
+ntpd
 starts it looks at the value of
-umask(2),
+umask(2),
 and if zero
-ntpd
+ntpd
 will set the
-umask(2)
+umask(2)
 to 022.
 
    
-
    This section was generated by AutoGen,
-using the agtexi-cmd template and the option descriptions for the ntpd program.
+
    This section was generated by AutoGen,
+using the agtexi-cmd template and the option descriptions for the ntpd program.
 This software is released under the NTP license, <http://ntp.org/license>.
 
    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
    ntpd usage  ntpd help/usage (--help)
-
    ntpd ipv4  ipv4 option (-4)
-
    ntpd ipv6  ipv6 option (-6)
-
    ntpd authreq  authreq option (-a)
-
    ntpd authnoreq  authnoreq option (-A)
-
    ntpd configfile  configfile option (-c)
-
    ntpd driftfile  driftfile option (-f)
-
    ntpd panicgate  panicgate option (-g)
-
    ntpd force-step-once  force-step-once option (-G)
-
    ntpd jaildir  jaildir option (-i)
-
    ntpd interface  interface option (-I)
-
    ntpd keyfile  keyfile option (-k)
-
    ntpd logfile  logfile option (-l)
-
    ntpd novirtualips  novirtualips option (-L)
-
    ntpd modifymmtimer  modifymmtimer option (-M)
-
    ntpd nice  nice option (-N)
-
    ntpd pidfile  pidfile option (-p)
-
    ntpd priority  priority option (-P)
-
    ntpd quit  quit option (-q)
-
    ntpd propagationdelay  propagationdelay option (-r)
-
    ntpd saveconfigquit  saveconfigquit option
-
    ntpd statsdir  statsdir option (-s)
-
    ntpd trustedkey  trustedkey option (-t)
-
    ntpd user  user option (-u)
-
    ntpd updateinterval  updateinterval option (-U)
-
    ntpd wait-sync  wait-sync option (-w)
-
    ntpd slew  slew option (-x)
-
    ntpd usepcc  usepcc option
-
    ntpd pccfreq  pccfreq option
-
    ntpd mdns  mdns option (-m)
-
    ntpd config  presetting/configuring ntpd
-
    ntpd exit status  exit status
-
    ntpd Usage  Usage
-
    ntpd Files  Files
-
    ntpd See Also  See Also
-
    ntpd Bugs  Bugs
-
    ntpd Notes  Notes
-
    
 
+
 
    
-
    
+
    
+
    
 
    
-Next: , Up: ntpd Invocation   
    
+Next: , Up: Invoking ntpd   
    
 
    
-
    1.1.1 ntpd help/usage (--help)
    
-
+
    1.1.1 ntpd help/usage (--help)
    
+
 
 
    This is the automatically generated usage text for ntpd.
 
    
-
    The text printed is the same whether selected with the help option
-(--help) or the more-help option (--more-help).  more-help will print
+
    The text printed is the same whether selected with the help option
+(--help) or the more-help option (--more-help).  more-help will print
 the usage text by passing it through a pager program.
-more-help is disabled on platforms without a working
-fork(2) function.  The PAGER environment variable is
-used to select the program, defaulting to more.  Both will exit
+more-help is disabled on platforms without a working
+fork(2) function.  The PAGER environment variable is
+used to select the program, defaulting to more.  Both will exit
 with a status code of 0.
 
    
 
    
-
    ntpd - NTP daemon program - Ver. 4.2.8p17
+
    ntpd - NTP daemon program - Ver. 4.2.8p17
 Usage:  ntpd [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \
                 [ <server1> ... <serverN> ]
   Flg Arg Option-Name    Description
@@ -364,54 +315,60 @@ Please send bug reports to:  <https://bugs.ntp.org, bugs@ntp.org>
 
    
 
 
    
-
    
+
    
+
    
+
    
 
    
-Next: , Previous: , Up: ntpd Invocation   
    
+Next: , Previous: , Up: Invoking ntpd   
    
 
    
-
    1.1.2 ipv4 option (-4)
    
-
+
    1.1.2 ipv4 option (-4)
    
+
 
 
    This is the “force ipv4 dns name resolution” option.
 
    
 
    This option has some usage constraints.  It:
-
      
-
    •  must not appear in combination with any of the following options:
+
        
+
      • must not appear in combination with any of the following options:
 ipv6.
 
      
 
 
      Force DNS resolution of following host names on the command line
 to the IPv4 namespace.
 
      
-
      
+
      
+
      
+
      
 
      
-Next: , Previous: , Up: ntpd Invocation   
      
+Next: , Previous: , Up: Invoking ntpd   
      
 
      
-
      1.1.3 ipv6 option (-6)
      
-
+
      1.1.3 ipv6 option (-6)
      
+
 
 
      This is the “force ipv6 dns name resolution” option.
 
      
 
      This option has some usage constraints.  It:
-
        
-
      •  must not appear in combination with any of the following options:
+
          
+
        • must not appear in combination with any of the following options:
 ipv4.
 
        
 
 
        Force DNS resolution of following host names on the command line
 to the IPv6 namespace.
 
        
-
        
+
        
+
        
+
        
 
        
-Next: , Previous: , Up: ntpd Invocation   
        
+Next: , Previous: , Up: Invoking ntpd   
        
 
        
-
        1.1.4 authreq option (-a)
        
-
+
        1.1.4 authreq option (-a)
        
+
 
 
        This is the “require crypto authentication” option.
 
        
 
        This option has some usage constraints.  It:
-
          
-
        •  must not appear in combination with any of the following options:
+
            
+
          • must not appear in combination with any of the following options:
 authnoreq.
 
          
 
@@ -419,18 +376,20 @@ authnoreq.
 multicast client and symmetric passive associations.
 This is the default.
 
          
-
          
+
          
+
          
+
          
 
          
-Next: , Previous: , Up: ntpd Invocation   
          
+Next: , Previous: , Up: Invoking ntpd   
          
 
          
-
          1.1.5 authnoreq option (-A)
          
-
+
          1.1.5 authnoreq option (-A)
          
+
 
 
          This is the “do not require crypto authentication” option.
 
          
 
          This option has some usage constraints.  It:
-
            
-
          •  must not appear in combination with any of the following options:
+
              
+
            • must not appear in combination with any of the following options:
 authreq.
 
            
 
@@ -438,74 +397,82 @@ authreq.
 multicast client and symmetric passive associations.
 This is almost never a good idea.
 
            
-
            
+
            
+
            
+
            
 
            
-Next: , Previous: , Up: ntpd Invocation   
            
+Next: , Previous: , Up: Invoking ntpd   
            
 
            
-
            1.1.6 configfile option (-c)
            
-
+
            1.1.6 configfile option (-c)
            
+
 
 
            This is the “configuration file name” option.
 This option takes a string argument.
 The name and path of the configuration file,
-/etc/ntp.conf
+/etc/ntp.conf
 by default.
 
            
-
            
+
            
+
            
+
            
 
            
-Next: , Previous: , Up: ntpd Invocation   
            
+Next: , Previous: , Up: Invoking ntpd   
            
 
            
-
            1.1.7 driftfile option (-f)
            
-
+
            1.1.7 driftfile option (-f)
            
+
 
 
            This is the “frequency drift file name” option.
 This option takes a string argument.
 The name and path of the frequency file,
-/etc/ntp.drift
+/etc/ntp.drift
 by default.
 This is the same operation as the
-driftfile driftfile
+driftfile driftfile
 configuration specification in the
-/etc/ntp.conf
+/etc/ntp.conf
 file.
 
            
-
            
+
            
+
            
+
            
 
            
-Next: , Previous: , Up: ntpd Invocation   
            
+Next: , Previous: , Up: Invoking ntpd   
            
 
            
-
            1.1.8 panicgate option (-g)
            
-
+
            1.1.8 panicgate option (-g)
            
+
 
 
            This is the “allow the first adjustment to be big” option.
 
            
 
            This option has some usage constraints.  It:
-
              
-
            •  may appear an unlimited number of times.
+
                
+
              • may appear an unlimited number of times.
 
              
 
 
              Normally,
-ntpd
+ntpd
 exits with a message to the system log if the offset exceeds the panic threshold, which is 1000 s by default. This option allows the time to be set to any value without restriction; however, this can happen only once. If the threshold is exceeded after that,
-ntpd
+ntpd
 will exit with a message to the system log. This option can be used with the
--q
+-q
 and
--x
+-x
 options.
 See the
-tinker
+tinker
 configuration file directive for other options.
 
              
-
              
+
              
+
              
+
              
 
              
-Next: , Previous: , Up: ntpd Invocation   
              
+Next: , Previous: , Up: Invoking ntpd   
              
 
              
-
              1.1.9 force-step-once option (-G)
              
-
+
              1.1.9 force-step-once option (-G)
              
+
 
 
              This is the “step any initial offset correction.” option.
 Normally,
-ntpd
+ntpd
 steps the time if the time offset exceeds the step threshold,
 which is 128 ms by default, and otherwise slews the time.
 This option forces the initial offset correction to be stepped,
@@ -513,280 +480,312 @@ so the highest time accuracy can be achieved quickly.
 However, this may also cause the time to be stepped back
 so this option must not be used if
 applications requiring monotonic time are running.
-See the tinker configuration file directive for other options.
+See the tinker configuration file directive for other options.
 
              
-
              
+
              
+
              
+
              
 
              
-Next: , Previous: , Up: ntpd Invocation   
              
+Next: , Previous: , Up: Invoking ntpd   
              
 
              
-
              1.1.10 jaildir option (-i)
              
-
+
              1.1.10 jaildir option (-i)
              
+
 
 
              This is the “jail directory” option.
 This option takes a string argument.
 
              
 
              This option has some usage constraints.  It:
-
                
-
              •  must be compiled in by defining HAVE_DROPROOT during the compilation.
+
                  
+
                • must be compiled in by defining HAVE_DROPROOT during the compilation.
 
                
 
 
                Chroot the server to the directory
-jaildir
+jaildir
 .
 This option also implies that the server attempts to drop root privileges at startup.
 You may need to also specify a
--u
+-u
 option.
 This option is only available if the OS supports adjusting the clock
 without full root privileges.
 This option is supported under NetBSD (configure with
---enable-clockctl) or Linux (configure with
---enable-linuxcaps) or Solaris (configure with --enable-solarisprivs).
+--enable-clockctl) or Linux (configure with
+--enable-linuxcaps) or Solaris (configure with --enable-solarisprivs).
 
                
-
                
+
                
+
                
+
                
 
                
-Next: , Previous: , Up: ntpd Invocation   
                
+Next: , Previous: , Up: Invoking ntpd   
                
 
                
-
                1.1.11 interface option (-I)
                
-
+
                1.1.11 interface option (-I)
                
+
 
 
                This is the “listen on an interface name or address” option.
-This option takes a string argument iface.
+This option takes a string argument iface.
 
                
 
                This option has some usage constraints.  It:
-
                  
-
                •  may appear an unlimited number of times.
+
                    
+
                  • may appear an unlimited number of times.
 
                  
 
 
                  Open the network address given, or all the addresses associated with the
 given interface name.  This option may appear multiple times.  This option
 also implies not opening other addresses, except wildcard and localhost.
 This option is deprecated. Please consider using the configuration file
-interface command, which is more versatile.
+interface command, which is more versatile.
 
                  
-
                  
+
                  
+
                  
+
                  
 
                  
-Next: , Previous: , Up: ntpd Invocation   
                  
+Next: , Previous: , Up: Invoking ntpd   
                  
 
                  
-
                  1.1.12 keyfile option (-k)
                  
-
+
                  1.1.12 keyfile option (-k)
                  
+
 
 
                  This is the “path to symmetric keys” option.
 This option takes a string argument.
 Specify the name and path of the symmetric key file.
-/etc/ntp.keys
+/etc/ntp.keys
 is the default.
 This is the same operation as the
-keys keyfile
+keys keyfile
 configuration file directive.
 
                  
-
                  
+
                  
+
                  
+
                  
 
                  
-Next: , Previous: , Up: ntpd Invocation   
                  
+Next: , Previous: , Up: Invoking ntpd   
                  
 
                  
-
                  1.1.13 logfile option (-l)
                  
-
+
                  1.1.13 logfile option (-l)
                  
+
 
 
                  This is the “path to the log file” option.
 This option takes a string argument.
 Specify the name and path of the log file.
 The default is the system log file.
 This is the same operation as the
-logfile logfile
+logfile logfile
 configuration file directive.
 
                  
-
                  
+
                  
+
                  
+
                  
 
                  
-Next: , Previous: , Up: ntpd Invocation   
                  
+Next: , Previous: , Up: Invoking ntpd   
                  
 
                  
-
                  1.1.14 novirtualips option (-L)
                  
-
+
                  1.1.14 novirtualips option (-L)
                  
+
 
 
                  This is the “do not listen to virtual interfaces” option.
 Do not listen to virtual interfaces, defined as those with
 names containing a colon.  This option is deprecated.  Please
-consider using the configuration file interface command, which
+consider using the configuration file interface command, which
 is more versatile.
 
                  
-
                  
+
                  
+
                  
+
                  
 
                  
-Next: , Previous: , Up: ntpd Invocation   
                  
+Next: , Previous: , Up: Invoking ntpd   
                  
 
                  
-
                  1.1.15 modifymmtimer option (-M)
                  
-
+
                  1.1.15 modifymmtimer option (-M)
                  
+
 
 
                  This is the “modify multimedia timer (windows only)” option.
 
                  
 
                  This option has some usage constraints.  It:
-
                    
-
                  •  must be compiled in by defining SYS_WINNT during the compilation.
+
                      
+
                    • must be compiled in by defining SYS_WINNT during the compilation.
 
                    
 
 
                    Set the Windows Multimedia Timer to highest resolution.  This
 ensures the resolution does not change while ntpd is running,
 avoiding timekeeping glitches associated with changes.
 
                    
-
                    
+
                    
+
                    
+
                    
 
                    
-Next: , Previous: , Up: ntpd Invocation   
                    
+Next: , Previous: , Up: Invoking ntpd   
                    
 
                    
-
                    1.1.16 nice option (-N)
                    
-
+
                    1.1.16 nice option (-N)
                    
+
 
 
                    This is the “run at high priority” option.
 To the extent permitted by the operating system, run
-ntpd
+ntpd
 at the highest priority.
 
                    
-
                    
+
                    
+
                    
+
                    
 
                    
-Next: , Previous: , Up: ntpd Invocation   
                    
+Next: , Previous: , Up: Invoking ntpd   
                    
 
                    
-
                    1.1.17 pidfile option (-p)
                    
-
+
                    1.1.17 pidfile option (-p)
                    
+
 
 
                    This is the “path to the pid file” option.
 This option takes a string argument.
 Specify the name and path of the file used to record
-ntpd’s
+ntpd’s
 process ID.
 This is the same operation as the
-pidfile pidfile
+pidfile pidfile
 configuration file directive.
 
                    
-
                    
+
                    
+
                    
+
                    
 
                    
-Next: , Previous: , Up: ntpd Invocation   
                    
+Next: , Previous: , Up: Invoking ntpd   
                    
 
                    
-
                    1.1.18 priority option (-P)
                    
-
+
                    1.1.18 priority option (-P)
                    
+
 
 
                    This is the “process priority” option.
 This option takes a number argument.
 To the extent permitted by the operating system, run
-ntpd
+ntpd
 at the specified
-sched_setscheduler(SCHED_FIFO)
+sched_setscheduler(SCHED_FIFO)
 priority.
 
                    
-
                    
+
                    
+
                    
+
                    
 
                    
-Next: , Previous: , Up: ntpd Invocation   
                    
+Next: , Previous: , Up: Invoking ntpd   
                    
 
                    
-
                    1.1.19 quit option (-q)
                    
-
+
                    1.1.19 quit option (-q)
                    
+
 
 
                    This is the “set the time and quit” option.
 
                    
 
                    This option has some usage constraints.  It:
-
                      
-
                    •  must not appear in combination with any of the following options:
+
                        
+
                      • must not appear in combination with any of the following options:
 saveconfigquit, wait-sync.
 
                      
 
-
                      ntpd
+
                      ntpd
 will not daemonize and will exit after the clock is first
 synchronized.  This behavior mimics that of the
-ntpdate
+ntpdate
 program, which will soon be replaced with a shell script.
 The
--g
+-g
 and
--x
+-x
 options can be used with this option.
 Note: The kernel time discipline is disabled with this option.
 
                      
-
                      
+
                      
+
                      
+
                      
 
                      
-Next: , Previous: , Up: ntpd Invocation   
                      
+Next: , Previous: , Up: Invoking ntpd   
                      
 
                      
-
                      1.1.20 propagationdelay option (-r)
                      
-
+
                      1.1.20 propagationdelay option (-r)
                      
+
 
 
                      This is the “broadcast/propagation delay” option.
 This option takes a string argument.
 Specify the default propagation delay from the broadcast/multicast server to this client. This is necessary only if the delay cannot be computed automatically by the protocol.
 
                      
-
                      
+
                      
+
                      
+
                      
 
                      
-Next: , Previous: , Up: ntpd Invocation   
                      
+Next: , Previous: , Up: Invoking ntpd   
                      
 
                      
-
                      1.1.21 saveconfigquit option
                      
-
+
                      1.1.21 saveconfigquit option
                      
+
 
 
                      This is the “save parsed configuration and quit” option.
 This option takes a string argument.
 
                      
 
                      This option has some usage constraints.  It:
-
                        
-
                      •  must be compiled in by defining SAVECONFIG during the compilation.
-
                      •  must not appear in combination with any of the following options:
+
                          
+
                        • must be compiled in by defining SAVECONFIG during the compilation.
+
                        • must not appear in combination with any of the following options:
 quit, wait-sync.
 
                        
 
-
                        Cause ntpd to parse its startup configuration file and save an
+
                        Cause ntpd to parse its startup configuration file and save an
 equivalent to the given filename and exit.  This option was
 designed for automated testing.
 
                        
-
                        
+
                        
+
                        
+
                        
 
                        
-Next: , Previous: , Up: ntpd Invocation   
                        
+Next: , Previous: , Up: Invoking ntpd   
                        
 
                        
-
                        1.1.22 statsdir option (-s)
                        
-
+
                        1.1.22 statsdir option (-s)
                        
+
 
 
                        This is the “statistics file location” option.
 This option takes a string argument.
 Specify the directory path for files created by the statistics facility.
 This is the same operation as the
-statsdir statsdir
+statsdir statsdir
 configuration file directive.
 
                        
-
                        
+
                        
+
                        
+
                        
 
                        
-Next: , Previous: , Up: ntpd Invocation   
                        
+Next: , Previous: , Up: Invoking ntpd   
                        
 
                        
-
                        1.1.23 trustedkey option (-t)
                        
-
+
                        1.1.23 trustedkey option (-t)
                        
+
 
 
                        This is the “trusted key number” option.
-This option takes a string argument tkey.
+This option takes a string argument tkey.
 
                        
 
                        This option has some usage constraints.  It:
-
                          
-
                        •  may appear an unlimited number of times.
+
                            
+
                          • may appear an unlimited number of times.
 
                          
 
 
                          Add the specified key number to the trusted key list.
 
                          
-
                          
+
                          
+
                          
+
                          
 
                          
-Next: , Previous: , Up: ntpd Invocation   
                          
+Next: , Previous: , Up: Invoking ntpd   
                          
 
                          
-
                          1.1.24 user option (-u)
                          
-
+
                          1.1.24 user option (-u)
                          
+
 
 
                          This is the “run as userid (or userid:groupid)” option.
 This option takes a string argument.
 
                          
 
                          This option has some usage constraints.  It:
-
                            
-
                          •  must be compiled in by defining HAVE_DROPROOT during the compilation.
+
                              
+
                            • must be compiled in by defining HAVE_DROPROOT during the compilation.
 
                            
 
 
                            Specify a user, and optionally a group, to switch to.
 This option is only available if the OS supports adjusting the clock
 without full root privileges.
 This option is supported under NetBSD (configure with
---enable-clockctl) or Linux (configure with
---enable-linuxcaps) or Solaris (configure with --enable-solarisprivs).
+--enable-clockctl) or Linux (configure with
+--enable-linuxcaps) or Solaris (configure with --enable-solarisprivs).
 
                            
-
                            
+
                            
+
                            
+
                            
 
                            
-Next: , Previous: , Up: ntpd Invocation   
                            
+Next: , Previous: , Up: Invoking ntpd   
                            
 
                            
-
                            1.1.25 updateinterval option (-U)
                            
-
+
                            1.1.25 updateinterval option (-U)
                            
+
 
 
                            This is the “interval in seconds between scans for new or dropped interfaces” option.
 This option takes a number argument.
@@ -795,38 +794,42 @@ For systems with routing socket support the scans will be performed shortly afte
 has been detected by the system.
 Use 0 to disable scanning. 60 seconds is the minimum time between scans.
 
                            
-
                            
+
                            
+
                            
+
                            
 
                            
-Next: , Previous: , Up: ntpd Invocation   
                            
+Next: , Previous: , Up: Invoking ntpd   
                            
 
                            
-
                            1.1.26 wait-sync option (-w)
                            
-
+
                            1.1.26 wait-sync option (-w)
                            
+
 
 
                            This is the “seconds to wait for first clock sync” option.
 This option takes a number argument.
 
                            
 
                            This option has some usage constraints.  It:
-
                              
-
                            •  must be compiled in by defining HAVE_WORKING_FORK during the compilation.
-
                            •  must not appear in combination with any of the following options:
+
                                
+
                              • must be compiled in by defining HAVE_WORKING_FORK during the compilation.
+
                              • must not appear in combination with any of the following options:
 nofork, quit, saveconfigquit.
 
                              
 
-
                              If greater than zero, alters ntpd’s behavior when forking to
+
                              If greater than zero, alters ntpd’s behavior when forking to
 daemonize.  Instead of exiting with status 0 immediately after
 the fork, the parent waits up to the specified number of
 seconds for the child to first synchronize the clock.  The exit
 status is zero (success) if the clock was synchronized,
-otherwise it is ETIMEDOUT.
-This provides the option for a script starting ntpd to easily
+otherwise it is ETIMEDOUT.
+This provides the option for a script starting ntpd to easily
 wait for the first set of the clock before proceeding.
 
                              
-
                              
+
                              
+
                              
+
                              
 
                              
-Next: , Previous: , Up: ntpd Invocation   
                              
+Next: , Previous: , Up: Invoking ntpd   
                              
 
                              
-
                              1.1.27 slew option (-x)
                              
-
+
                              1.1.27 slew option (-x)
                              
+
 
 
                              This is the “slew up to 600 seconds” option.
 Normally, the time is slewed if the offset is less than the step threshold, which is 128 ms by default, and stepped if above the threshold.
@@ -834,65 +837,71 @@ This option sets the threshold to 600 s, which is well within the accuracy windo
 Note: Since the slew rate of typical Unix kernels is limited to 0.5 ms/s, each second of adjustment requires an amortization interval of 2000 s.
 Thus, an adjustment as much as 600 s will take almost 14 days to complete.
 This option can be used with the
--g
+-g
 and
--q
+-q
 options.
 See the
-tinker
+tinker
 configuration file directive for other options.
 Note: The kernel time discipline is disabled with this option.
 
                              
-
                              
+
                              
+
                              
+
                              
 
                              
-Next: , Previous: , Up: ntpd Invocation   
                              
+Next: , Previous: , Up: Invoking ntpd   
                              
 
                              
-
                              1.1.28 usepcc option
                              
-
+
                              1.1.28 usepcc option
                              
+
 
 
                              This is the “use cpu cycle counter (windows only)” option.
 
                              
 
                              This option has some usage constraints.  It:
-
                                
-
                              •  must be compiled in by defining SYS_WINNT during the compilation.
+
                                  
+
                                • must be compiled in by defining SYS_WINNT during the compilation.
 
                                
 
-
                                Attempt to substitute the CPU counter for QueryPerformanceCounter.
-The CPU counter and QueryPerformanceCounter are compared, and if
+
                                Attempt to substitute the CPU counter for QueryPerformanceCounter.
+The CPU counter and QueryPerformanceCounter are compared, and if
 they have the same frequency, the CPU counter (RDTSC on x86) is
 used directly, saving the overhead of a system call.
 
                                
-
                                
+
                                
+
                                
+
                                
 
                                
-Next: , Previous: , Up: ntpd Invocation   
                                
+Next: , Previous: , Up: Invoking ntpd   
                                
 
                                
-
                                1.1.29 pccfreq option
                                
-
+
                                1.1.29 pccfreq option
                                
+
 
 
                                This is the “force cpu cycle counter use (windows only)” option.
 This option takes a string argument.
 
                                
 
                                This option has some usage constraints.  It:
-
                                  
-
                                •  must be compiled in by defining SYS_WINNT during the compilation.
+
                                    
+
                                  • must be compiled in by defining SYS_WINNT during the compilation.
 
                                  
 
-
                                  Force substitution the CPU counter for QueryPerformanceCounter.
+
                                  Force substitution the CPU counter for QueryPerformanceCounter.
 The CPU counter (RDTSC on x86) is used unconditionally with the
 given frequency (in Hz).
 
                                  
-
                                  
+
                                  
+
                                  
+
                                  
 
                                  
-Next: , Previous: , Up: ntpd Invocation   
                                  
+Next: , Previous: , Up: Invoking ntpd   
                                  
 
                                  
-
                                  1.1.30 mdns option (-m)
                                  
-
+
                                  1.1.30 mdns option (-m)
                                  
+
 
 
                                  This is the “register with mdns as a ntp server” option.
 
                                  
 
                                  This option has some usage constraints.  It:
-
                                    
-
                                  •  must be compiled in by defining HAVE_DNSREGISTRATION during the compilation.
+
                                      
+
                                    • must be compiled in by defining HAVE_DNSREGISTRATION during the compilation.
 
                                    
 
 
                                    Registers as an NTP server with the local mDNS server which allows
@@ -900,107 +909,127 @@ the server to be discovered via mDNS client lookup.
 
                                    
 
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
 
                                    
-Next: , Previous: , Up: ntpd Invocation   
                                    
+Next: , Previous: , Up: Invoking ntpd   
                                    
 
                                    
-
                                    1.1.31 presetting/configuring ntpd
                                    
+
                                    1.1.31 presetting/configuring ntpd
                                    
 
-
                                    Any option that is not marked as not presettable may be preset by
-loading values from environment variables named NTPD and NTPD_<OPTION_NAME>.  <OPTION_NAME> must be one of
+
                                    Any option that is not marked as not presettable may be preset by
+loading values from environment variables named NTPD and NTPD_<OPTION_NAME>.  <OPTION_NAME> must be one of
 the options listed above in upper case and segmented with underscores.
-The NTPD variable will be tokenized and parsed like
+The NTPD variable will be tokenized and parsed like
 the command line.  The remaining variables are tested for existence and their
 values are treated like option arguments.
 
                                    
 
 
                                    The command line options relating to configuration and/or usage help are:
 
                                    
-
                                    version (-)
                                    
+
                                    version (-)
                                    
 
 
                                    Print the program version to standard out, optionally with licensing
 information, then exit 0.  The optional argument specifies how much licensing
 detail to provide.  The default is to print just the version.  The licensing information may be selected with an option argument.
 Only the first letter of the argument is examined:
 
                                    
-
                                    
-
                                    version
                                    
+
                                    
+
                                    version
                                    
 
                                    Only print the version.  This is the default.
 
                                    
-
                                    copyright
                                    
+
                                    copyright
                                    
 
                                    Name the copyright usage licensing terms.
 
                                    
-
                                    verbose
                                    
+
                                    verbose
                                    
 
                                    Print the full copyright usage licensing terms.
 
                                    
 
                                    
 
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
 
                                    
-Next: , Previous: , Up: ntpd Invocation   
                                    
+Next: , Previous: , Up: Invoking ntpd   
                                    
 
                                    
-
                                    1.1.32 ntpd exit status
                                    
+
                                    1.1.32 ntpd exit status
                                    
 
 
                                    One of the following exit values will be returned:
-
                                    
-
                                    0 (EXIT_SUCCESS)
                                    
+
                                    
+
                                    0 (EXIT_SUCCESS)
                                    
 
                                    Successful program execution.
 
                                    
-
                                    1 (EXIT_FAILURE)
                                    
+
                                    1 (EXIT_FAILURE)
                                    
 
                                    The operation failed or the command syntax was not valid.
 
                                    
 
                                    
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
 
                                    
-Next: , Previous: , Up: ntpd Invocation   
                                    
+Next: , Previous: , Up: Invoking ntpd   
                                    
 
                                    
-
                                    1.1.33 ntpd Usage
                                    
+
                                    1.1.33 ntpd Usage
                                    
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
 
                                    
-Next: , Previous: , Up: ntpd Invocation   
                                    
+Next: , Previous: , Up: Invoking ntpd   
                                    
 
                                    
-
                                    1.1.34 ntpd Files
                                    
+
                                    1.1.34 ntpd Files
                                    
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
 
                                    
-Next: , Previous: , Up: ntpd Invocation   
                                    
+Next: , Previous: , Up: Invoking ntpd   
                                    
 
                                    
-
                                    1.1.35 ntpd See Also
                                    
+
                                    1.1.35 ntpd See Also
                                    
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
 
                                    
-Next: , Previous: , Up: ntpd Invocation   
                                    
+Next: , Previous: , Up: Invoking ntpd   
                                    
 
                                    
-
                                    1.1.36 ntpd Bugs
                                    
+
                                    1.1.36 ntpd Bugs
                                    
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
 
                                    
-Previous: , Up: ntpd Invocation   
                                    
+Previous: , Up: Invoking ntpd   
                                    
 
                                    
-
                                    1.1.37 ntpd Notes
                                    
+
                                    1.1.37 ntpd Notes
                                    
 
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
+
                                    
 
                                    
-Previous: , Up: ntpd Description   
                                    
+Previous: , Up: Description   
                                    
 
                                    
-
                                    1.2 Usage
                                    
+
                                    1.2 Usage
                                    
 
-
+
                                    
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
                                    
 
                                    WhatDefaultFlagOption
                                    configuration file/etc/ntp.conf-cconffile
                                    frequency filenone-fdriftfile
                                    leapseconds filenoneleapfile
                                    process ID filenone-ppidfile
                                    log filesystem log-llogfile
                                    include filenonenoneincludefile
                                    statistics path/var/NTP-sstatsdir
                                    keys path/usr/local/etc-kkeysdir
                                    configuration file/etc/ntp.conf-cconffile
                                    frequency filenone-fdriftfile
                                    leapseconds filenoneleapfile
                                    process ID filenone-ppidfile
                                    log filesystem log-llogfile
                                    include filenonenoneincludefile
                                    statistics path/var/NTP-sstatsdir
                                    keys path/usr/local/etc-kkeysdir
                                    
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
 
 
 
diff --git a/ntpd/ntpd.man.in b/ntpd/ntpd.man.in
index addee5d56..0571eb398 100644
--- a/ntpd/ntpd.man.in
+++ b/ntpd/ntpd.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpd @NTPD_MS@ "06 Jun 2023" "4.2.8p17" "User Commands"
+.TH ntpd @NTPD_MS@ "07 Jan 2024" "4.2.8p17" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:37:49 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:34:34 AM by AutoGen 5.18.16
 .\" From the definitions ntpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -979,7 +979,7 @@ RFC5908
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH BUGS
 The
diff --git a/ntpd/ntpd.mdoc.in b/ntpd/ntpd.mdoc.in
index 6d99fbcf5..bada4d1ff 100644
--- a/ntpd/ntpd.mdoc.in
+++ b/ntpd/ntpd.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTPD @NTPD_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:37:36 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:23 AM by AutoGen 5.18.16
 .\"  From the definitions    ntpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -886,7 +886,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh BUGS
 The
diff --git a/ntpdc/invoke-ntpdc.texi b/ntpdc/invoke-ntpdc.texi
index 30b4a66d6..cbe82faf2 100644
--- a/ntpdc/invoke-ntpdc.texi
+++ b/ntpdc/invoke-ntpdc.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpdc.texi)
 #
-# It has been AutoGen-ed  June  6, 2023 at 04:37:59 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  7, 2024 at 12:34:42 AM by AutoGen 5.18.16
 # From the definitions    ntpdc-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
diff --git a/ntpdc/ntpdc-opts.c b/ntpdc/ntpdc-opts.c
index 536d1b970..e025300d7 100644
--- a/ntpdc/ntpdc-opts.c
+++ b/ntpdc/ntpdc-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.c)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:37:53 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:35:52 AM by AutoGen 5.18.16
  *  From the definitions    ntpdc-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpdc program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -75,7 +75,7 @@ extern FILE * option_usage_fp;
  */
 static char const ntpdc_opt_strs[2005] =
 /*     0 */ "ntpdc 4.2.8p17\n"
-            "Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+            "Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -829,7 +829,7 @@ static void bogus_function(void) {
    */
   /* referenced via ntpdcOptions.pzCopyright */
   puts(_("ntpdc 4.2.8p17\n\
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
diff --git a/ntpdc/ntpdc-opts.h b/ntpdc/ntpdc-opts.h
index 47d3f481a..37b0b596c 100644
--- a/ntpdc/ntpdc-opts.h
+++ b/ntpdc/ntpdc-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.h)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:37:52 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:35:51 AM by AutoGen 5.18.16
  *  From the definitions    ntpdc-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpdc program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
diff --git a/ntpdc/ntpdc.1ntpdcman b/ntpdc/ntpdc.1ntpdcman
index f101aadac..5276dc16f 100644
--- a/ntpdc/ntpdc.1ntpdcman
+++ b/ntpdc/ntpdc.1ntpdcman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpdc 1ntpdcman "06 Jun 2023" "4.2.8p17" "User Commands"
+.TH ntpdc 1ntpdcman "07 Jan 2024" "4.2.8p17" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:38:01 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:34:44 AM by AutoGen 5.18.16
 .\" From the definitions ntpdc-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -854,7 +854,7 @@ RFC1305
 .SH AUTHORS
 The formatting directives in this document came from FreeBSD.
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH BUGS
 The
diff --git a/ntpdc/ntpdc.1ntpdcmdoc b/ntpdc/ntpdc.1ntpdcmdoc
index 376443dae..b59935c91 100644
--- a/ntpdc/ntpdc.1ntpdcmdoc
+++ b/ntpdc/ntpdc.1ntpdcmdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTPDC 1ntpdcmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:37:57 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:40 AM by AutoGen 5.18.16
 .\"  From the definitions    ntpdc-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -792,7 +792,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh AUTHORS
 The formatting directives in this document came from FreeBSD.
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh BUGS
 The
diff --git a/ntpdc/ntpdc.html b/ntpdc/ntpdc.html
index 1a566baca..c840eaacb 100644
--- a/ntpdc/ntpdc.html
+++ b/ntpdc/ntpdc.html
@@ -1,6 +1,6 @@
-
+
 
-
+
 
 
 ntpdc: NTPD Control User’s Manual
@@ -10,24 +10,19 @@
 
 
 
+
+
 
 
+
+
 
 
@@ -35,60 +30,53 @@ ul.no-bullet {list-style: none}
 
 
 
-
                                    ntpdc: NTPD Control User’s Manual
                                    
 
 
 
 
 
-
                                    
+
                                    
+
                                    
 
                                    
-Next: , Previous: , Up: (dir)   
                                    
+Next: , Previous: , Up: (dir)   
                                    
 
                                    
-
                                    ntpdc: NTPD Control User Manual
                                    
+
                                    ntpdc: NTPD Control User Manual
                                    
 
-
                                    This document describes the use of the NTP Project’s ntpdc program,
+
                                    This document describes the use of the NTP Project’s ntpdc program,
 that can be used to query a Network Time Protocol (NTP) server and
 display the time offset of the system clock relative to the server
 clock.  Run as root, it can correct the system clock to this offset as
 well.  It can be run as an interactive command or from a cron job.
 
                                    
-
                                    This document applies to version 4.2.8p17 of ntpdc.
+
                                    This document applies to version 4.2.8p17 of ntpdc.
 
                                    
 
                                    The program implements the SNTP protocol as defined by RFC 5905, the NTPv4
 IETF specification.
 
                                    
-
+
+
+
                                    
 
                                    Short Table of Contents
                                    
 
 
                                    
-
                                    
-
-
-
-
-
-
-
                                    ntpdc Description  Description
-
                                    ntpdc Invocation  Invoking ntpdc
-
                                    Usage  Usage
-
                                    
-
+
                                    
 
                                    
-
                                    
+
                                    
+
                                    
 
                                    
-Next: , Up: Top   
                                    
+Up: ntpdc: NTPD Control User Manual   
                                    
 
                                    
-
                                    1 Description
                                    
+
                                    1 Description
                                    
 
-
                                    By default, ntpdc writes the local data and time (i.e., not UTC) to the
+
                                    By default, ntpdc writes the local data and time (i.e., not UTC) to the
 standard output in the format:
 
                                    
 
                                    
-
                                    1996-10-15 20:17:25.123 (+0800) +4.567 +/- 0.089 secs
+
                                    1996-10-15 20:17:25.123 (+0800) +4.567 +/- 0.089 secs
 
                                    
 
 
                                    where
@@ -98,34 +86,32 @@ and
 the +4.567 +/- 0.089 secs indicates the time offset and
 error bound of the system clock relative to the server clock.
 
                                    
-
-
-
-
                                    Invoking ntpdc  
-
                                    Usage  
-
                                    
-
+
 
                                    
-
                                    
+
                                    
+
                                    
 
                                    
-Next: , Previous: , Up: ntpdc Description   
                                    
+Next: , Up: Description   
                                    
 
                                    
-
                                    1.1 Invoking ntpdc
                                    
-
-
+
                                    1.1 Invoking ntpdc
                                    
+
+
 
 
 
-
                                    ntpdc
+
                                    ntpdc
 is deprecated.
 Please use
-ntpq(1ntpqmdoc) instead - it can do everything
-ntpdc
+ntpq(1ntpqmdoc) instead - it can do everything
+ntpdc
 used to do, and it does so using a much more sane interface.
 
                                    
-
                                    ntpdc
+
                                    ntpdc
 is a utility program used to query
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 about its
 current state and to request changes in that state.
 It uses NTP mode 7 control message formats described in the source code.
@@ -134,72 +120,57 @@ be run either in interactive mode or controlled using command line
 arguments.
 Extensive state and statistics information is available
 through the
-ntpdc
+ntpdc
 interface.
 In addition, nearly all the
 configuration options which can be specified at startup using
 ntpd’s configuration file may also be specified at run time using
-ntpdc
+ntpdc
 
                                    
-
                                    This section was generated by AutoGen,
-using the agtexi-cmd template and the option descriptions for the ntpdc program.
+
                                    This section was generated by AutoGen,
+using the agtexi-cmd template and the option descriptions for the ntpdc program.
 This software is released under the NTP license, <http://ntp.org/license>.
 
                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                    ntpdc usage  ntpdc help/usage (--help)
-
                                    ntpdc ipv4  ipv4 option (-4)
-
                                    ntpdc ipv6  ipv6 option (-6)
-
                                    ntpdc command  command option (-c)
-
                                    ntpdc interactive  interactive option (-i)
-
                                    ntpdc listpeers  listpeers option (-l)
-
                                    ntpdc numeric  numeric option (-n)
-
                                    ntpdc peers  peers option (-p)
-
                                    ntpdc showpeers  showpeers option (-s)
-
                                    ntpdc unconnected  unconnected option (-u)
-
                                    ntpdc config  presetting/configuring ntpdc
-
                                    ntpdc exit status  exit status
-
                                    ntpdc Usage  Usage
-
                                    ntpdc See Also  See Also
-
                                    ntpdc Authors  Authors
-
                                    ntpdc Bugs  Bugs
-
                                    
 
+
 
                                    
-
                                    
+
                                    
+
                                    
 
                                    
-Next: , Up: ntpdc Invocation   
                                    
+Next: , Up: Invoking ntpdc   
                                    
 
                                    
-
                                    1.1.1 ntpdc help/usage (--help)
                                    
-
+
                                    1.1.1 ntpdc help/usage (--help)
                                    
+
 
 
                                    This is the automatically generated usage text for ntpdc.
 
                                    
-
                                    The text printed is the same whether selected with the help option
-(--help) or the more-help option (--more-help).  more-help will print
+
                                    The text printed is the same whether selected with the help option
+(--help) or the more-help option (--more-help).  more-help will print
 the usage text by passing it through a pager program.
-more-help is disabled on platforms without a working
-fork(2) function.  The PAGER environment variable is
-used to select the program, defaulting to more.  Both will exit
+more-help is disabled on platforms without a working
+fork(2) function.  The PAGER environment variable is
+used to select the program, defaulting to more.  Both will exit
 with a status code of 0.
 
                                    
 
                                    
-
                                    ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p17
+
                                    ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p17
 Usage:  ntpdc [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]
   Flg Arg Option-Name    Description
    -4 no  ipv4           Force IPv4 DNS name resolution
@@ -247,150 +218,168 @@ Please send bug reports to:  <https://bugs.ntp.org, bugs@ntp.org>
 
                                    
 
 
                                    
-
                                    
+
                                    
+
                                    
+
                                    
 
                                    
-Next: , Previous: , Up: ntpdc Invocation   
                                    
+Next: , Previous: , Up: Invoking ntpdc   
                                    
 
                                    
-
                                    1.1.2 ipv4 option (-4)
                                    
-
+
                                    1.1.2 ipv4 option (-4)
                                    
+
 
 
                                    This is the “force ipv4 dns name resolution” option.
 
                                    
 
                                    This option has some usage constraints.  It:
-
                                      
-
                                    •  must not appear in combination with any of the following options:
+
                                        
+
                                      • must not appear in combination with any of the following options:
 ipv6.
 
                                      
 
 
                                      Force DNS resolution of following host names on the command line
 to the IPv4 namespace.
 
                                      
-
                                      
+
                                      
+
                                      
+
                                      
 
                                      
-Next: , Previous: , Up: ntpdc Invocation   
                                      
+Next: , Previous: , Up: Invoking ntpdc   
                                      
 
                                      
-
                                      1.1.3 ipv6 option (-6)
                                      
-
+
                                      1.1.3 ipv6 option (-6)
                                      
+
 
 
                                      This is the “force ipv6 dns name resolution” option.
 
                                      
 
                                      This option has some usage constraints.  It:
-
                                        
-
                                      •  must not appear in combination with any of the following options:
+
                                          
+
                                        • must not appear in combination with any of the following options:
 ipv4.
 
                                        
 
 
                                        Force DNS resolution of following host names on the command line
 to the IPv6 namespace.
 
                                        
-
                                        
+
                                        
+
                                        
+
                                        
 
                                        
-Next: , Previous: , Up: ntpdc Invocation   
                                        
+Next: , Previous: , Up: Invoking ntpdc   
                                        
 
                                        
-
                                        1.1.4 command option (-c)
                                        
-
+
                                        1.1.4 command option (-c)
                                        
+
 
 
                                        This is the “run a command and exit” option.
-This option takes a string argument cmd.
+This option takes a string argument cmd.
 
                                        
 
                                        This option has some usage constraints.  It:
-
                                          
-
                                        •  may appear an unlimited number of times.
+
                                            
+
                                          • may appear an unlimited number of times.
 
                                          
 
 
                                          The following argument is interpreted as an interactive format command
 and is added to the list of commands to be executed on the specified
 host(s).
 
                                          
-
                                          
+
                                          
+
                                          
+
                                          
 
                                          
-Next: , Previous: , Up: ntpdc Invocation   
                                          
+Next: , Previous: , Up: Invoking ntpdc   
                                          
 
                                          
-
                                          1.1.5 interactive option (-i)
                                          
-
+
                                          1.1.5 interactive option (-i)
                                          
+
 
 
                                          This is the “force ntpq to operate in interactive mode” option.
 
                                          
 
                                          This option has some usage constraints.  It:
-
                                            
-
                                          •  must not appear in combination with any of the following options:
+
                                              
+
                                            • must not appear in combination with any of the following options:
 command, listpeers, peers, showpeers.
 
                                            
 
 
                                            Force ntpq to operate in interactive mode.  Prompts will be written
 to the standard output and commands read from the standard input.
 
                                            
-
                                            
+
                                            
+
                                            
+
                                            
 
                                            
-Next: , Previous: , Up: ntpdc Invocation   
                                            
+Next: , Previous: , Up: Invoking ntpdc   
                                            
 
                                            
-
                                            1.1.6 listpeers option (-l)
                                            
-
+
                                            1.1.6 listpeers option (-l)
                                            
+
 
 
                                            This is the “print a list of the peers” option.
 
                                            
 
                                            This option has some usage constraints.  It:
-
                                              
-
                                            •  must not appear in combination with any of the following options:
+
                                                
+
                                              • must not appear in combination with any of the following options:
 command.
 
                                              
 
 
                                              Print a list of the peers known to the server as well as a summary of
 their state. This is equivalent to the ’listpeers’ interactive command.
 
                                              
-
                                              
+
                                              
+
                                              
+
                                              
 
                                              
-Next: , Previous: , Up: ntpdc Invocation   
                                              
+Next: , Previous: , Up: Invoking ntpdc   
                                              
 
                                              
-
                                              1.1.7 numeric option (-n)
                                              
-
+
                                              1.1.7 numeric option (-n)
                                              
+
 
 
                                              This is the “numeric host addresses” option.
 Output all host addresses in dotted-quad numeric format rather than
 converting to the canonical host names. 
 
                                              
-
                                              
+
                                              
+
                                              
+
                                              
 
                                              
-Next: , Previous: , Up: ntpdc Invocation   
                                              
+Next: , Previous: , Up: Invoking ntpdc   
                                              
 
                                              
-
                                              1.1.8 peers option (-p)
                                              
-
+
                                              1.1.8 peers option (-p)
                                              
+
 
 
                                              This is the “print a list of the peers” option.
 
                                              
 
                                              This option has some usage constraints.  It:
-
                                                
-
                                              •  must not appear in combination with any of the following options:
+
                                                  
+
                                                • must not appear in combination with any of the following options:
 command.
 
                                                
 
 
                                                Print a list of the peers known to the server as well as a summary
 of their state. This is equivalent to the ’peers’ interactive command.
 
                                                
-
                                                
+
                                                
+
                                                
+
                                                
 
                                                
-Next: , Previous: , Up: ntpdc Invocation   
                                                
+Next: , Previous: , Up: Invoking ntpdc   
                                                
 
                                                
-
                                                1.1.9 showpeers option (-s)
                                                
-
+
                                                1.1.9 showpeers option (-s)
                                                
+
 
 
                                                This is the “show a list of the peers” option.
 
                                                
 
                                                This option has some usage constraints.  It:
-
                                                  
-
                                                •  must not appear in combination with any of the following options:
+
                                                    
+
                                                  • must not appear in combination with any of the following options:
 command.
 
                                                  
 
 
                                                  Print a list of the peers known to the server as well as a summary
 of their state. This is equivalent to the ’dmpeers’ interactive command.
 
                                                  
-
                                                  
+
                                                  
+
                                                  
+
                                                  
 
                                                  
-Next: , Previous: , Up: ntpdc Invocation   
                                                  
+Next: , Previous: , Up: Invoking ntpdc   
                                                  
 
                                                  
-
                                                  1.1.10 unconnected option (-u)
                                                  
-
+
                                                  1.1.10 unconnected option (-u)
                                                  
+
 
 
                                                  This is the “use unconnected udp to communicate with ntpd (default on windows)” option.
 Open an unconnected UDP association to ntpd (the default
@@ -398,29 +387,31 @@ on Windows).
 
                                                  
 
 
                                                  
-
                                                  
+
                                                  
+
                                                  
+
                                                  
 
                                                  
-Next: , Previous: , Up: ntpdc Invocation   
                                                  
+Next: , Previous: , Up: Invoking ntpdc   
                                                  
 
                                                  
-
                                                  1.1.11 presetting/configuring ntpdc
                                                  
+
                                                  1.1.11 presetting/configuring ntpdc
                                                  
 
-
                                                  Any option that is not marked as not presettable may be preset by
-loading values from configuration ("rc" or "ini") files, and values from environment variables named NTPDC and NTPDC_<OPTION_NAME>.  <OPTION_NAME> must be one of
+
                                                  Any option that is not marked as not presettable may be preset by
+loading values from configuration ("rc" or "ini") files, and values from environment variables named NTPDC and NTPDC_<OPTION_NAME>.  <OPTION_NAME> must be one of
 the options listed above in upper case and segmented with underscores.
-The NTPDC variable will be tokenized and parsed like
+The NTPDC variable will be tokenized and parsed like
 the command line.  The remaining variables are tested for existence and their
 values are treated like option arguments.
 
                                                  
 
-
                                                  libopts will search in 2 places for configuration files:
-
                                                    
-
                                                  •  $HOME
-
                                                  •  $PWD
+
                                                    libopts will search in 2 places for configuration files:
+
                                                      
+
                                                    • $HOME
+
                                                    • $PWD
 
                                                    
-
                                                    The environment variables HOME, and PWD
-are expanded and replaced when ntpdc runs.
+
                                                    The environment variables HOME, and PWD
+are expanded and replaced when ntpdc runs.
 For any of these that are plain files, they are simply processed.
-For any that are directories, then a file named .ntprc is searched for
+For any that are directories, then a file named .ntprc is searched for
 within that directory and processed.
 
                                                    
 
                                                    Configuration files may be in a wide variety of formats.
@@ -433,122 +424,137 @@ lines by escaping the newline with a backslash.
 Common options are collected at the top, followed by program specific
 segments.  The segments are separated by lines like:
 
                                                    
-
                                                    [NTPDC]
+
                                                    [NTPDC]
 
                                                    
 
                                                    or by
 
                                                    
-
                                                    <?program ntpdc>
+
                                                    <?program ntpdc>
 
                                                    
 
                                                    Do not mix these styles within one configuration file.
 
                                                    
 
                                                    Compound values and carefully constructed string values may also be
 specified using XML syntax:
 
                                                    
-
                                                    <option-name>
+
                                                    <option-name>
    <sub-opt>...&lt;...&gt;...</sub-opt>
 </option-name>
 
                                                    
-
                                                    yielding an option-name.sub-opt string value of
+
                                                    yielding an option-name.sub-opt string value of
 
                                                    
-
                                                    "...<...>..."
+
                                                    "...<...>..."
 
                                                    
-
                                                    AutoOpts does not track suboptions.  You simply note that it is a
-hierarchicly valued option.  AutoOpts does provide a means for searching
+
                                                    AutoOpts does not track suboptions.  You simply note that it is a
+hierarchicly valued option.  AutoOpts does provide a means for searching
 the associated name/value pair list (see: optionFindValue).
 
                                                    
 
                                                    The command line options relating to configuration and/or usage help are:
 
                                                    
-
                                                    version (-)
                                                    
+
                                                    version (-)
                                                    
 
 
                                                    Print the program version to standard out, optionally with licensing
 information, then exit 0.  The optional argument specifies how much licensing
 detail to provide.  The default is to print just the version.  The licensing information may be selected with an option argument.
 Only the first letter of the argument is examined:
 
                                                    
-
                                                    
-
                                                    version
                                                    
+
                                                    
+
                                                    version
                                                    
 
                                                    Only print the version.  This is the default.
 
                                                    
-
                                                    copyright
                                                    
+
                                                    copyright
                                                    
 
                                                    Name the copyright usage licensing terms.
 
                                                    
-
                                                    verbose
                                                    
+
                                                    verbose
                                                    
 
                                                    Print the full copyright usage licensing terms.
 
                                                    
 
                                                    
 
 
                                                    
-
                                                    
+
                                                    
+
                                                    
+
                                                    
 
                                                    
-Next: , Previous: , Up: ntpdc Invocation   
                                                    
+Next: , Previous: , Up: Invoking ntpdc   
                                                    
 
                                                    
-
                                                    1.1.12 ntpdc exit status
                                                    
+
                                                    1.1.12 ntpdc exit status
                                                    
 
 
                                                    One of the following exit values will be returned:
-
                                                    
-
                                                    0 (EXIT_SUCCESS)
                                                    
+
                                                    
+
                                                    0 (EXIT_SUCCESS)
                                                    
 
                                                    Successful program execution.
 
                                                    
-
                                                    1 (EXIT_FAILURE)
                                                    
+
                                                    1 (EXIT_FAILURE)
                                                    
 
                                                    The operation failed or the command syntax was not valid.
 
                                                    
-
                                                    66 (EX_NOINPUT)
                                                    
+
                                                    66 (EX_NOINPUT)
                                                    
 
                                                    A specified configuration file could not be loaded.
 
                                                    
-
                                                    70 (EX_SOFTWARE)
                                                    
+
                                                    70 (EX_SOFTWARE)
                                                    
 
                                                    libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you.
 
                                                    
 
                                                    
 
                                                    
-
                                                    
+
                                                    
+
                                                    
+
                                                    
 
                                                    
-Next: , Previous: , Up: ntpdc Invocation   
                                                    
+Next: , Previous: , Up: Invoking ntpdc   
                                                    
 
                                                    
-
                                                    1.1.13 ntpdc Usage
                                                    
+
                                                    1.1.13 ntpdc Usage
                                                    
 
                                                    
-
                                                    
+
                                                    
+
                                                    
+
                                                    
 
                                                    
-Next: , Previous: , Up: ntpdc Invocation   
                                                    
+Next: , Previous: , Up: Invoking ntpdc   
                                                    
 
                                                    
-
                                                    1.1.14 ntpdc See Also
                                                    
+
                                                    1.1.14 ntpdc See Also
                                                    
 
                                                    
-
                                                    
+
                                                    
+
                                                    
+
                                                    
 
                                                    
-Next: , Previous: , Up: ntpdc Invocation   
                                                    
+Next: , Previous: , Up: Invoking ntpdc   
                                                    
 
                                                    
-
                                                    1.1.15 ntpdc Authors
                                                    
+
                                                    1.1.15 ntpdc Authors
                                                    
 
                                                    
-
                                                    
+
                                                    
+
                                                    
+
                                                    
 
                                                    
-Previous: , Up: ntpdc Invocation   
                                                    
+Previous: , Up: Invoking ntpdc   
                                                    
 
                                                    
-
                                                    1.1.16 ntpdc Bugs
                                                    
+
                                                    1.1.16 ntpdc Bugs
                                                    
 
 
                                                    
-
                                                    
+
                                                    
+
                                                    
+
                                                    
+
                                                    
 
                                                    
-Previous: , Up: ntpdc Description   
                                                    
+Previous: , Up: Description   
                                                    
 
                                                    
-
                                                    1.2 Usage
                                                    
+
                                                    1.2 Usage
                                                    
 
 
                                                    The simplest use of this program is as an unprivileged command to
 check the current time, offset, and error in the local clock.
 For example:
 
                                                    
 
                                                    
-
                                                    ntpdc ntpserver.somewhere
+
                                                    ntpdc ntpserver.somewhere
 
                                                    
 
 
                                                    With suitable privilege, it can be run as a command or in a
-cron job to reset the local clock from a reliable server, like
-the ntpdate and rdate commands.
+cron job to reset the local clock from a reliable server, like
+the ntpdate and rdate commands.
 For example:
 
                                                    
 
                                                    
-
                                                    ntpdc -a ntpserver.somewhere
+
                                                    ntpdc -a ntpserver.somewhere
 
                                                    
-
                                                    
+
                                                    
+
                                                    
+
                                                    
 
 
 
diff --git a/ntpdc/ntpdc.man.in b/ntpdc/ntpdc.man.in
index 151c23b0c..e6162a77a 100644
--- a/ntpdc/ntpdc.man.in
+++ b/ntpdc/ntpdc.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpdc @NTPDC_MS@ "06 Jun 2023" "4.2.8p17" "User Commands"
+.TH ntpdc @NTPDC_MS@ "07 Jan 2024" "4.2.8p17" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:38:01 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:34:44 AM by AutoGen 5.18.16
 .\" From the definitions ntpdc-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -854,7 +854,7 @@ RFC1305
 .SH AUTHORS
 The formatting directives in this document came from FreeBSD.
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH BUGS
 The
diff --git a/ntpdc/ntpdc.mdoc.in b/ntpdc/ntpdc.mdoc.in
index 1a7859c44..6e8fd75ea 100644
--- a/ntpdc/ntpdc.mdoc.in
+++ b/ntpdc/ntpdc.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTPDC @NTPDC_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:37:57 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:40 AM by AutoGen 5.18.16
 .\"  From the definitions    ntpdc-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -792,7 +792,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh AUTHORS
 The formatting directives in this document came from FreeBSD.
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh BUGS
 The
diff --git a/ntpq/invoke-ntpq.texi b/ntpq/invoke-ntpq.texi
index 715dbcba7..915ec5ddb 100644
--- a/ntpq/invoke-ntpq.texi
+++ b/ntpq/invoke-ntpq.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpq.texi)
 #
-# It has been AutoGen-ed  June  6, 2023 at 04:38:12 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  7, 2024 at 12:34:53 AM by AutoGen 5.18.16
 # From the definitions    ntpq-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
diff --git a/ntpq/ntpq-opts.c b/ntpq/ntpq-opts.c
index 3e176c057..1512b6f01 100644
--- a/ntpq/ntpq-opts.c
+++ b/ntpq/ntpq-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpq-opts.c)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:38:03 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:35:55 AM by AutoGen 5.18.16
  *  From the definitions    ntpq-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpq program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -75,7 +75,7 @@ extern FILE * option_usage_fp;
  */
 static char const ntpq_opt_strs[2068] =
 /*     0 */ "ntpq 4.2.8p17\n"
-            "Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+            "Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -874,7 +874,7 @@ static void bogus_function(void) {
    */
   /* referenced via ntpqOptions.pzCopyright */
   puts(_("ntpq 4.2.8p17\n\
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
diff --git a/ntpq/ntpq-opts.h b/ntpq/ntpq-opts.h
index 60d2ba127..b7c15988d 100644
--- a/ntpq/ntpq-opts.h
+++ b/ntpq/ntpq-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpq-opts.h)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:38:02 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:35:55 AM by AutoGen 5.18.16
  *  From the definitions    ntpq-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpq program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
diff --git a/ntpq/ntpq.1ntpqman b/ntpq/ntpq.1ntpqman
index e4f93b336..3792c5e41 100644
--- a/ntpq/ntpq.1ntpqman
+++ b/ntpq/ntpq.1ntpqman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpq 1ntpqman "06 Jun 2023" "4.2.8p17" "User Commands"
+.TH ntpq 1ntpqman "07 Jan 2024" "4.2.8p17" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:38:15 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:34:55 AM by AutoGen 5.18.16
 .\" From the definitions ntpq-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -1585,7 +1585,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpq/ntpq.1ntpqmdoc b/ntpq/ntpq.1ntpqmdoc
index 9ce7db948..3b3ef34f1 100644
--- a/ntpq/ntpq.1ntpqmdoc
+++ b/ntpq/ntpq.1ntpqmdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTPQ 1ntpqmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:38:10 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:51 AM by AutoGen 5.18.16
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -1051,7 +1051,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpq/ntpq.html b/ntpq/ntpq.html
index 1ca91e4f3..04909696a 100644
--- a/ntpq/ntpq.html
+++ b/ntpq/ntpq.html
@@ -1,6 +1,6 @@
-
+
 
-
+
 
 
 ntpq: Network Time Protocol Query User’s Manual
@@ -10,24 +10,20 @@
 
 
 
+
+
 
 
+
+
 
 
@@ -35,110 +31,83 @@ ul.no-bullet {list-style: none}
 
 
 
-
                                                    ntpq: Network Time Protocol Query User’s Manual
                                                    
-
 
 
 
 
-
-
                                                    Short Table of Contents
                                                    
-
-
                                                    
-
-
                                                    
 
 
-
                                                    
+
                                                    
+
                                                    
 
                                                    
-Next: , Previous: , Up: (dir)   
                                                    
+Next: , Previous: , Up: (dir)   
                                                    
 
                                                    
-
                                                    ntpq: Network Time Protocol Query User Manual
                                                    
+
                                                    ntpq: Network Time Protocol Query User Manual
                                                    
 
-
                                                    The ntpq utility program is used to
+
                                                    The ntpq utility program is used to
 monitor the operational status
 and determine the performance of
-ntpd, the NTP daemon.
-
                                                    
-
                                                    This document applies to version 4.2.8p17 of ntpq.
-
                                                    
-
-
-
-
-
-
-
-
-
-
-
                                                    ntpq Description  
-
                                                    ntpq Invocation  Invoking ntpq
-
                                                    Usage  
-
                                                    Internal Commands  
-
                                                    Control Message Commands  
-
                                                    Status Words and Kiss Codes  
-
                                                    System Variables  
-
                                                    Peer Variables  
-
                                                    Clock Variables  
-
                                                    
+ntpd, the NTP daemon.
+
                                                    
+
                                                    This document applies to version 4.2.8p17 of ntpq.
+
                                                    
+
+
                                                    
+
                                                    Short Table of Contents
                                                    
 
+
                                                    
+
+
                                                    
+
                                                    
 
                                                    
-
                                                    
+
                                                    
+
                                                    
 
                                                    
-Next: , Previous: , Up: Top   
                                                    
+Next: , Previous: , Up: ntpq: Network Time Protocol Query User Manual   
                                                    
 
                                                    
-
                                                    1 Description
                                                    
+
                                                    1 Description
                                                    
 
-
                                                    The ntpq utility program is used to monitor NTP daemon ntpd operations and determine performance.
+
                                                    The ntpq utility program is used to monitor NTP daemon ntpd operations and determine performance.
 It uses the standard NTP mode 6 control message formats defined in
 Appendix B of the NTPv3 specification RFC1305.
 The same formats are used in NTPv4, although some of the variable names have changed and new ones added.
 The description on this page is for the NTPv4 variables.
 
                                                    
-
                                                    The program can be run either in interactive mode or controlled using command line arguments.  Requests to read and write arbitrary variables can be assembled, with raw and pretty-printed output options being available.  The ntpq can also obtain and print a list of peers in a common format by sending multiple queries to the server.
-
                                                    
-
                                                    If one or more request options is included on the command line when ntpq is executed, each of the requests will be sent to the NTP servers running on each of the hosts given as command line arguments, or on localhost by default.  If no request options are given, ntpq will attempt to read commands from the standard input and execute these on the NTP server running on the first host given on the command line, again defaulting to localhost when no other host is specified.  ntpq will prompt for commands if the standard input is a terminal device.
-
                                                    
-
                                                    ntpq uses NTP mode 6 packets to communicate with the NTP server, and hence can be used to query any compatible server on the network which permits it.  Note that since NTP is a UDP protocol this communication will be somewhat unreliable, especially over large distances in terms of network topology.  ntpq makes one attempt to retransmit requests, and will time requests out if the remote host is not heard from within a suitable timeout time.
-
                                                    
-
                                                    Note that in contexts where a host name is expected, a -4 qualifier preceding the host name forces DNS resolution to the IPv4 namespace, while a -6 qualifier forces DNS resolution to the IPv6 namespace.
-
                                                    
-
                                                    For examples and usage, see the NTP Debugging Techniques page.
-
                                                    
-
-
-
-
-
-
-
-
-
-
                                                    Invoking ntpq  
-
                                                    Usage  
-
                                                    Internal Commands  
-
                                                    Control Message Commands  
-
                                                    Status Words and Kiss Codes  
-
                                                    System Variables  
-
                                                    Peer Variables  
-
                                                    Clock Variables  
-
                                                    
-
+
                                                    The program can be run either in interactive mode or controlled using command line arguments.  Requests to read and write arbitrary variables can be assembled, with raw and pretty-printed output options being available.  The ntpq can also obtain and print a list of peers in a common format by sending multiple queries to the server.
+
                                                    
+
                                                    If one or more request options is included on the command line when ntpq is executed, each of the requests will be sent to the NTP servers running on each of the hosts given as command line arguments, or on localhost by default.  If no request options are given, ntpq will attempt to read commands from the standard input and execute these on the NTP server running on the first host given on the command line, again defaulting to localhost when no other host is specified.  ntpq will prompt for commands if the standard input is a terminal device.
+
                                                    
+
                                                    ntpq uses NTP mode 6 packets to communicate with the NTP server, and hence can be used to query any compatible server on the network which permits it.  Note that since NTP is a UDP protocol this communication will be somewhat unreliable, especially over large distances in terms of network topology.  ntpq makes one attempt to retransmit requests, and will time requests out if the remote host is not heard from within a suitable timeout time.
+
                                                    
+
                                                    Note that in contexts where a host name is expected, a -4 qualifier preceding the host name forces DNS resolution to the IPv4 namespace, while a -6 qualifier forces DNS resolution to the IPv6 namespace.
+
                                                    
+
                                                    For examples and usage, see the NTP Debugging Techniques page.
+
                                                    
+
 
                                                    
-
                                                    
+
                                                    
+
                                                    
 
                                                    
-Next: , Previous: , Up: ntpq Description   
                                                    
+Next: , Up: Description   
                                                    
 
                                                    
-
                                                    1.1 Invoking ntpq
                                                    
-
-
+
                                                    1.1 Invoking ntpq
                                                    
+
+
 
 
 
                                                    The
-ntpq
+ntpq
 utility program is used to query NTP servers to monitor NTP operations
 and performance, requesting
 information about current state and/or changes in that state.
@@ -148,30 +117,30 @@ Requests to read and write arbitrary
 variables can be assembled, with raw and pretty-printed output
 options being available.
 The
-ntpq
+ntpq
 utility can also obtain and print a
 list of peers in a common format by sending multiple queries to the
 server.
 
                                                    
 
                                                    If one or more request options is included on the command line
 when
-ntpq
+ntpq
 is executed, each of the requests will be sent
 to the NTP servers running on each of the hosts given as command
 line arguments, or on localhost by default.
 If no request options
 are given,
-ntpq
+ntpq
 will attempt to read commands from the
 standard input and execute these on the NTP server running on the
 first host given on the command line, again defaulting to localhost
 when no other host is specified.
 The
-ntpq
+ntpq
 utility will prompt for
 commands if the standard input is a terminal device.
 
                                                    
-
                                                    ntpq
+
                                                    ntpq
 uses NTP mode 6 packets to communicate with the
 NTP server, and hence can be used to query any compatible server on
 the network which permits it.
@@ -179,17 +148,17 @@ Note that since NTP is a UDP protocol
 this communication will be somewhat unreliable, especially over
 large distances in terms of network topology.
 The
-ntpq
+ntpq
 utility makes
 one attempt to retransmit requests, and will time requests out if
 the remote host is not heard from within a suitable timeout
 time.
 
                                                    
 
                                                    Note that in contexts where a host name is expected, a
--4
+-4
 qualifier preceding the host name forces resolution to the IPv4
 namespace, while a
--6
+-6
 qualifier forces resolution to the IPv6 namespace.
 For examples and usage, see the
 “NTP Debugging Techniques”
@@ -197,47 +166,35 @@ page.
 
                                                    
 
                                                    Specifying a
 command line option other than
--i
+-i
 or
--n
+-n
 will
 cause the specified query (queries) to be sent to the indicated
 host(s) immediately.
 Otherwise,
-ntpq
+ntpq
 will attempt to read
 interactive format commands from the standard input.
 
                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                    ntpq help/usage (--help)  
-
                                                    ipv4 option (-4)  
-
                                                    ipv6 option (-6)  
-
                                                    command option (-c)  
-
                                                    interactive option (-i)  
-
                                                    numeric option (-n)  
-
                                                    old-rv option  
-
                                                    peers option (-p)  
-
                                                    refid option (-r)  
-
                                                    unconnected option (-u)  
-
                                                    wide option (-w)  
-
                                                    presetting/configuring ntpq  
-
                                                    ntpq exit status  
-
                                                    
-
-
                                                    1.1.1 Internal Commands
                                                    
+
+
                                                    
+
                                                    1.1.1 Internal Commands
                                                    
 
 
                                                    Interactive format commands consist of a keyword followed by zero
 to four arguments.
@@ -247,96 +204,96 @@ uniquely identify the command need be typed.
 
                                                    A
 number of interactive format commands are executed entirely within
 the
-ntpq
+ntpq
 utility itself and do not result in NTP
 requests being sent to a server.
 These are described following.
-
                                                    
-
                                                    ? [command]
                                                    
-
                                                    help [command]
                                                    
+
                                                    
+
                                                    ? [command]
                                                    
+
                                                    help [command]
                                                    
 
                                                    A
 ‘?’
 by itself will print a list of all the commands
 known to
-ntpq
+ntpq
 A
 ‘?’
 followed by a command name will print function and usage
 information about the command.
 
                                                    
-
                                                    addvars name[=value][,...]
                                                    
-
                                                    rmvars name[,...]
                                                    
-
                                                    clearvars
                                                    
-
                                                    showvars
                                                    
+
                                                    addvars name[=value][,...]
                                                    
+
                                                    rmvars name[,...]
                                                    
+
                                                    clearvars
                                                    
+
                                                    showvars
                                                    
 
                                                    The arguments to this command consist of a list of
 items of the form
-name[=value],
+name[=value],
 where the
 .No = Ns Ar value
 is ignored, and can be omitted,
 in requests to the server to read variables.
 The
-ntpq
+ntpq
 utility maintains an internal list in which data to be included in
 messages can be assembled, and displayed or set using the
-readlist
+readlist
 and
-writelist
+writelist
 commands described below.
 The
-addvars
+addvars
 command allows variables and their optional values to be added to
 the list.
 If more than one variable is to be added, the list should
 be comma-separated and not contain white space.
 The
-rmvars
+rmvars
 command can be used to remove individual variables from the list,
 while the
-clearvars
+clearvars
 command removes all variables from the
 list.
 The
-showvars
+showvars
 command displays the current list of optional variables.
 
                                                    
-
                                                    authenticate [yes|no]
                                                    
+
                                                    authenticate [yes|no]
                                                    
 
                                                    Normally
-ntpq
+ntpq
 does not authenticate requests unless
 they are write requests.
 The command
-authenticate yes
+authenticate yes
 causes
-ntpq
+ntpq
 to send authentication with all requests it
 makes.
 Authenticated requests causes some servers to handle
 requests slightly differently.
 The command
-authenticate
+authenticate
 causes
-ntpq
+ntpq
 to display whether or not
 it is currently authenticating requests.
 
                                                    
-
                                                    cooked
                                                    
+
                                                    cooked
                                                    
 
                                                    Causes output from query commands to be "cooked", so that
 variables which are recognized by
-ntpq
+ntpq
 will have their
 values reformatted for human consumption.
 Variables which
-ntpq
+ntpq
 could not decode completely are
 marked with a trailing
 ‘?’.
 
                                                    
-
                                                    debug [more|less|off]
                                                    
+
                                                    debug [more|less|off]
                                                    
 
                                                    With no argument, displays the current debug level.
 Otherwise, the debugging level is changed as indicated.
 
                                                    
-
                                                    delay [milliseconds]
                                                    
+
                                                    delay [milliseconds]
                                                    
 
                                                    Specify a time interval to be added to timestamps included in
 requests which require authentication.
 This is used to enable
@@ -347,66 +304,66 @@ server does not now require timestamps in authenticated requests,
 so this command may be obsolete.
 Without any arguments, displays the current delay.
 
                                                    
-
                                                    drefid [hash|ipv4]
                                                    
+
                                                    drefid [hash|ipv4]
                                                    
 
                                                    Display refids as IPv4 or hash.
 Without any arguments, displays whether refids are shown as IPv4
 addresses or hashes.
 
                                                    
-
                                                    exit
                                                    
+
                                                    exit
                                                    
 
                                                    Exit
-ntpq
+ntpq
 
                                                    
-
                                                    host [name]
                                                    
+
                                                    host [name]
                                                    
 
                                                    Set the host to which future queries will be sent.
 The
-name
+name
 may be either a host name or a numeric address.
 Without any arguments, displays the current host.
 
                                                    
-
                                                    hostnames [yes|no]
                                                    
+
                                                    hostnames [yes|no]
                                                    
 
                                                    If
-yes
+yes
 is specified, host names are printed in
 information displays.
 If
-no
+no
 is specified, numeric
 addresses are printed instead.
 The default is
-yes,
+yes,
 unless
 modified using the command line
--n
+-n
 switch.
 Without any arguments, displays whether host names or numeric addresses
 are shown.
 
                                                    
-
                                                    keyid [keyid]
                                                    
+
                                                    keyid [keyid]
                                                    
 
                                                    This command allows the specification of a key number to be
 used to authenticate configuration requests.
 This must correspond
 to the
-controlkey
+controlkey
 key number the server has been configured to use for this
 purpose.
 Without any arguments, displays the current
-keyid.
+keyid.
 
                                                    
-
                                                    keytype [digest]
                                                    
+
                                                    keytype [digest]
                                                    
 
                                                    Specify the digest algorithm to use for authenticating requests, with default
-MD5.
+MD5.
 If
-ntpq
+ntpq
 was built with OpenSSL support, and OpenSSL is installed,
-digest
+digest
 can be any message digest algorithm supported by OpenSSL.
 If no argument is given, the current
-keytype digest
+keytype digest
 algorithm used is displayed.
 
                                                    
-
                                                    ntpversion [1|2|3|4]
                                                    
+
                                                    ntpversion [1|2|3|4]
                                                    
 
                                                    Sets the NTP version number which
-ntpq
+ntpq
 claims in
 packets.
 Defaults to 3, and note that mode 6 control messages (and
@@ -416,7 +373,7 @@ to be no servers left which demand version 1.
 With no argument, displays the current NTP version that will be used
 when communicating with servers.
 
                                                    
-
                                                    passwd
                                                    
+
                                                    passwd
                                                    
 
                                                    This command prompts you to type in a password (which will not
 be echoed) which will be used to authenticate configuration
 requests.
@@ -424,41 +381,49 @@ The password must correspond to the key configured for
 use by the NTP server for this purpose if such requests are to be
 successful.
 
                                                    
-
                                                    poll [n] [verbose]
                                                    
+
                                                    poll [n] [verbose]
                                                    
 
                                                    Poll an NTP server in client mode
-n
+n
 times.
 Poll not implemented yet.
 
                                                    
-
                                                    quit
                                                    
+
                                                    quit
                                                    
 
                                                    Exit
-ntpq
+ntpq
 
                                                    
-
                                                    raw
                                                    
+
                                                    raw
                                                    
 
                                                    Causes all output from query commands is printed as received
 from the remote server.
 The only formating/interpretation done on
 the data is to transform nonascii data into a printable (but barely
 understandable) form.
 
                                                    
-
                                                    timeout [milliseconds]
                                                    
+
                                                    timeout [milliseconds]
                                                    
 
                                                    Specify a timeout period for responses to server queries.
 The
 default is about 5000 milliseconds.
 Without any arguments, displays the current timeout period.
 Note that since
-ntpq
+ntpq
 retries each query once after a timeout, the total waiting time for
 a timeout will be twice the timeout value set.
 
                                                    
-
                                                    version
                                                    
+
                                                    version
                                                    
 
                                                    Display the version of the
-ntpq
+ntpq
 program.
 
                                                    
 
                                                    
 
-
                                                    1.1.1.1 Control Message Commands
                                                    
+
+
                                                    
+
                                                    1.1.1.1 Control Message Commands
                                                    
 
                                                    Association ids are used to identify system, peer and clock variables.
 System variables are assigned an association id of zero and system name
 space, while each association is assigned a nonzero association id and
@@ -466,86 +431,86 @@ peer namespace.
 Most control commands send a single message to the server and expect a
 single response message.
 The exceptions are the
-peers
+peers
 command, which sends a series of messages,
 and the
-mreadlist
+mreadlist
 and
-mreadvar
+mreadvar
 commands, which iterate over a range of associations.
-
                                                    
-
                                                    apeers
                                                    
+
                                                    
+
                                                    apeers
                                                    
 
                                                    Display a list of peers in the form:
 
                                                    
-
                                                    [tally]remote refid assid st t when pool reach delay offset jitter
+
                                                    [tally]remote refid assid st t when pool reach delay offset jitter
 
                                                    
 
                                                    where the output is just like the
-peers
+peers
 command except that the
-refid
+refid
 is displayed in hex format and the association number is also displayed.
 
                                                    
-
                                                    associations
                                                    
+
                                                    associations
                                                    
 
                                                    Display a list of mobilized associations in the form:
 
                                                    
-
                                                    ind assid status conf reach auth condition last_event cnt
+
                                                    ind assid status conf reach auth condition last_event cnt
 
                                                    
-
                                                    
+
                                                    
 
                                                    Sy Variable Ta Sy Description
                                                    
-
                                                    ind Ta index on this list
                                                    
-
                                                    assid Ta association id
                                                    
-
                                                    status Ta peer status word
                                                    
-
                                                    conf Ta yes: No persistent, no: No ephemeral
                                                    
-
                                                    reach Ta yes: No reachable, no: No unreachable
                                                    
-
                                                    auth Ta ok, yes, bad No and none
                                                    
-
                                                    condition Ta selection status (see the select No field of the peer status word)
                                                    
-
                                                    last_event Ta event report (see the event No field of the peer status word)
                                                    
-
                                                    cnt Ta event count (see the count No field of the peer status word)
                                                    
+
                                                    ind Ta index on this list
                                                    
+
                                                    assid Ta association id
                                                    
+
                                                    status Ta peer status word
                                                    
+
                                                    conf Ta yes: No persistent, no: No ephemeral
                                                    
+
                                                    reach Ta yes: No reachable, no: No unreachable
                                                    
+
                                                    auth Ta ok, yes, bad No and none
                                                    
+
                                                    condition Ta selection status (see the select No field of the peer status word)
                                                    
+
                                                    last_event Ta event report (see the event No field of the peer status word)
                                                    
+
                                                    cnt Ta event count (see the count No field of the peer status word)
                                                    
 
                                                    
 
                                                    
-
                                                    authinfo
                                                    
+
                                                    authinfo
                                                    
 
                                                    Display the authentication statistics counters:
 time since reset, stored keys, free keys, key lookups, keys not found,
 uncached keys, expired keys, encryptions, decryptions.
 
                                                    
-
                                                    clocklist [associd]
                                                    
-
                                                    cl [associd]
                                                    
+
                                                    clocklist [associd]
                                                    
+
                                                    cl [associd]
                                                    
 
                                                    Display all clock variables in the variable list for those associations
 supporting a reference clock.
 
                                                    
-
                                                    clockvar [associd] [name[=value]][,...]
                                                    
-
                                                    cv [associd] [name[=value]][,...]
                                                    
+
                                                    clockvar [associd] [name[=value]][,...]
                                                    
+
                                                    cv [associd] [name[=value]][,...]
                                                    
 
                                                    Display a list of clock variables for those associations supporting a
 reference clock.
 
                                                    
-
                                                    :config configuration command line
                                                    
+
                                                    :config configuration command line
                                                    
 
                                                    Send the remainder of the command line, including whitespace, to the
 server as a run-time configuration command in the same format as a line
 in the configuration file.
 This command is experimental until further notice and clarification.
 Authentication is of course required.
 
                                                    
-
                                                    config-from-file filename
                                                    
+
                                                    config-from-file filename
                                                    
 
                                                    Send each line of
-filename
+filename
 to the server as run-time configuration commands in the same format as
 lines in the configuration file.
 This command is experimental until further notice and clarification.
 Authentication is required.
 
                                                    
-
                                                    ifstats
                                                    
+
                                                    ifstats
                                                    
 
                                                    Display status and statistics counters for each local network interface address:
 interface number, interface name and address or broadcast, drop, flag,
 ttl, mc, received, sent, send failed, peers, uptime.
 Authentication is required.
 
                                                    
-
                                                    iostats
                                                    
+
                                                    iostats
                                                    
 
                                                    Display network and reference clock I/O statistics:
 time since reset, receive buffers, free receive buffers, used receive buffers,
 low water refills, dropped packets, ignored packets, received packets,
 packets sent, packet send failures, input wakeups, useful input wakeups.
 
                                                    
-
                                                    kerninfo
                                                    
+
                                                    kerninfo
                                                    
 
                                                    Display kernel loop and PPS statistics:
 associd, status, pll offset, pll frequency, maximum error,
 estimated error, kernel status, pll time constant, precision,
@@ -557,304 +522,304 @@ may be shown as exponentials.
 The precision value displayed is in milliseconds as well, unlike the
 precision system variable.
 
                                                    
-
                                                    lassociations
                                                    
+
                                                    lassociations
                                                    
 
                                                    Perform the same function as the associations command, except display
 mobilized and unmobilized associations, including all clients.
 
                                                    
-
                                                    lopeers [-4|-6]
                                                    
+
                                                    lopeers [-4|-6]
                                                    
 
                                                    Display a list of all peers and clients showing
-dstadr
+dstadr
 (associated with the given IP version).
 
                                                    
-
                                                    lpassociations
                                                    
+
                                                    lpassociations
                                                    
 
                                                    Display the last obtained list of associations, including all clients.
 
                                                    
-
                                                    lpeers [-4|-6]
                                                    
+
                                                    lpeers [-4|-6]
                                                    
 
                                                    Display a list of all peers and clients (associated with the given IP version).
 
                                                    
-
                                                    monstats
                                                    
+
                                                    monstats
                                                    
 
                                                    Display monitor facility status, statistics, and limits:
 enabled, addresses, peak addresses, maximum addresses,
 reclaim above count, reclaim older than, kilobytes, maximum kilobytes.
 
                                                    
-
                                                    mreadlist associdlo associdhi
                                                    
-
                                                    mrl associdlo associdhi
                                                    
+
                                                    mreadlist associdlo associdhi
                                                    
+
                                                    mrl associdlo associdhi
                                                    
 
                                                    Perform the same function as the
-readlist
+readlist
 command for a range of association ids.
 
                                                    
-
                                                    mreadvar associdlo associdhi [name][,...]
                                                    
+
                                                    mreadvar associdlo associdhi [name][,...]
                                                    
 
                                                    This range may be determined from the list displayed by any
 command showing associations.
 
                                                    
-
                                                    mrv associdlo associdhi [name][,...]
                                                    
+
                                                    mrv associdlo associdhi [name][,...]
                                                    
 
                                                    Perform the same function as the
-readvar
+readvar
 command for a range of association ids.
 This range may be determined from the list displayed by any
 command showing associations.
 
                                                    
-
                                                    mrulist [limited | kod | mincount=count | laddr=localaddr | sort=[-]sortorder | resany=hexmask | resall=hexmask]
                                                    
+
                                                    mrulist [limited | kod | mincount=count | laddr=localaddr | sort=[-]sortorder | resany=hexmask | resall=hexmask]
                                                    
 
                                                    Display traffic counts of the most recently seen source addresses
 collected and maintained by the monitor facility.
 With the exception of
-sort=[-]sortorder,
+sort=[-]sortorder,
 the options filter the list returned by
-ntpd(8).
+ntpd(8).
 The
-limited
+limited
 and
-kod
+kod
 options return only entries representing client addresses from which the
 last packet received triggered either discarding or a KoD response.
 The
-mincount=count
+mincount=count
 option filters entries representing less than
-count
+count
 packets.
 The
-laddr=localaddr
+laddr=localaddr
 option filters entries for packets received on any local address other than
-localaddr.
-resany=hexmask
+localaddr.
+resany=hexmask
 and
-resall=hexmask
+resall=hexmask
 filter entries containing none or less than all, respectively, of the bits in
-hexmask,
+hexmask,
 which must begin with
-0x.
+0x.
 The
-sortorder
+sortorder
 defaults to
-lstint
+lstint
 and may be 
-addr,
-avgint,
-count,
-lstint,
+addr,
+avgint,
+count,
+lstint,
 or any of those preceded by
 ‘-’
 to reverse the sort order.
 The output columns are:
-
                                                    
+
                                                    
 
                                                    Column
                                                    
 
                                                    Description
 
                                                    
-
                                                    lstint
                                                    
+
                                                    lstint
                                                    
 
                                                    Interval in seconds between the receipt of the most recent packet from
 this address and the completion of the retrieval of the MRU list by
-ntpq
+ntpq
 
                                                    
-
                                                    avgint
                                                    
+
                                                    avgint
                                                    
 
                                                    Average interval in s between packets from this address.
 
                                                    
-
                                                    rstr
                                                    
+
                                                    rstr
                                                    
 
                                                    Restriction flags associated with this address.
 Most are copied unchanged from the matching
-restrict
+restrict
 command, however 0x400 (kod) and 0x20 (limited) flags are cleared unless
 the last packet from this address triggered a rate control response.
 
                                                    
-
                                                    r
                                                    
+
                                                    r
                                                    
 
                                                    Rate control indicator, either
 a period,
-L
+L
 or
-K
+K
 for no rate control response,
 rate limiting by discarding, or rate limiting with a KoD response, respectively.
 
                                                    
-
                                                    m
                                                    
+
                                                    m
                                                    
 
                                                    Packet mode.
 
                                                    
-
                                                    v
                                                    
+
                                                    v
                                                    
 
                                                    Packet version number.
 
                                                    
-
                                                    count
                                                    
+
                                                    count
                                                    
 
                                                    Packets received from this address.
 
                                                    
-
                                                    rport
                                                    
+
                                                    rport
                                                    
 
                                                    Source port of last packet from this address.
 
                                                    
-
                                                    remote address
                                                    
+
                                                    remote address
                                                    
 
                                                    host or DNS name, numeric address, or address followed by
 claimed DNS name which could not be verified in parentheses.
 
                                                    
 
                                                    
 
                                                    
-
                                                    opeers [-4 | -6]
                                                    
+
                                                    opeers [-4 | -6]
                                                    
 
                                                    Obtain and print the old-style list of all peers and clients showing
-dstadr
+dstadr
 (associated with the given IP version),
 rather than the
-refid.
+refid.
 
                                                    
-
                                                    passociations
                                                    
+
                                                    passociations
                                                    
 
                                                    Perform the same function as the
-associations
+associations
 command,
 except that it uses previously stored data rather than making a new query.
 
                                                    
-
                                                    peers
                                                    
+
                                                    peers
                                                    
 
                                                    Display a list of peers in the form:
 
                                                    
-
                                                    [tally]remote refid st t when pool reach delay offset jitter
+
                                                    [tally]remote refid st t when pool reach delay offset jitter
 
                                                    
-
                                                    
+
                                                    
 
                                                    Variable
                                                    
 
                                                    Description
 
                                                    
-
                                                    [tally]
                                                    
+
                                                    [tally]
                                                    
 
                                                    single-character code indicating current value of the
-select
+select
 field of the
 .Lk decode.html#peer "peer status word"
 
                                                    
-
                                                    remote
                                                    
+
                                                    remote
                                                    
 
                                                    host name (or IP number) of peer.
 The value displayed will be truncated to 15 characters unless the
-ntpq
--w
+ntpq
+-w
 option is given, in which case the full value will be displayed
 on the first line, and if too long,
 the remaining data will be displayed on the next line.
 
                                                    
-
                                                    refid
                                                    
+
                                                    refid
                                                    
 
                                                    source IP address or
 .Lk decode.html#kiss "’kiss code"
 
                                                    
-
                                                    st
                                                    
+
                                                    st
                                                    
 
                                                    stratum: 0 for local reference clocks, 1 for servers with local
 reference clocks, ..., 16 for unsynchronized server clocks
 
                                                    
-
                                                    t
                                                    
-
                                                    u:
+
                                                    t
                                                    
+
                                                    u:
 unicast or manycast client,
-b:
+b:
 broadcast or multicast client,
-p:
+p:
 pool source,
-l:
+l:
 local (reference clock),
-s:
+s:
 symmetric (peer),
-A:
+A:
 manycast server,
-B:
+B:
 broadcast server,
-M:
+M:
 multicast server
 
                                                    
-
                                                    when
                                                    
+
                                                    when
                                                    
 
                                                    time in seconds, minutes, hours, or days since the last packet
 was received, or
 ‘-’
 if a packet has never been received
 
                                                    
-
                                                    poll
                                                    
+
                                                    poll
                                                    
 
                                                    poll interval (s)
 
                                                    
-
                                                    reach
                                                    
+
                                                    reach
                                                    
 
                                                    reach shift register (octal)
 
                                                    
-
                                                    delay
                                                    
+
                                                    delay
                                                    
 
                                                    roundtrip delay
 
                                                    
-
                                                    offset
                                                    
+
                                                    offset
                                                    
 
                                                    offset of server relative to this host
 
                                                    
-
                                                    jitter
                                                    
+
                                                    jitter
                                                    
 
                                                    offset RMS error estimate.
 
                                                    
 
                                                    
 
                                                    
-
                                                    pstats associd
                                                    
+
                                                    pstats associd
                                                    
 
                                                    Display the statistics for the peer with the given
-associd:
+associd:
 associd, status, remote host, local address, time last received,
 time until next send, reachability change, packets sent,
 packets received, bad authentication, bogus origin, duplicate,
 bad dispersion, bad reference time, candidate order.
 
                                                    
-
                                                    readlist [associd]
                                                    
-
                                                    rl [associd]
                                                    
+
                                                    readlist [associd]
                                                    
+
                                                    rl [associd]
                                                    
 
                                                    Display all system or peer variables.
 If the
-associd
+associd
 is omitted, it is assumed to be zero.
 
                                                    
-
                                                    readvar [associd name[=value] [, ...]]
                                                    
-
                                                    rv [associd name[=value] [, ...]]
                                                    
+
                                                    readvar [associd name[=value] [, ...]]
                                                    
+
                                                    rv [associd name[=value] [, ...]]
                                                    
 
                                                    Display the specified system or peer variables.
 If
-associd
+associd
 is zero, the variables are from the
-System Variables
+System Variables
 name space, otherwise they are from the
-Peer Variables
+Peer Variables
 name space.
 The
-associd
+associd
 is required, as the same name can occur in both spaces.
 If no
-name
+name
 is included, all operative variables in the name space are displayed.
 In this case only, if the
-associd
+associd
 is omitted, it is assumed to be zero.
 Multiple names are specified with comma separators and without whitespace.
 Note that time values are represented in milliseconds
 and frequency values in parts-per-million (PPM).
 Some NTP timestamps are represented in the format
-YYYYMM DD TTTT,
+YYYYMM DD TTTT,
 where
-YYYY
+YYYY
 is the year,
-MM
+MM
 the month of year,
-DD
+DD
 the day of month and
-TTTT
+TTTT
 the time of day.
 
                                                    
-
                                                    reslist
                                                    
+
                                                    reslist
                                                    
 
                                                    Display the access control (restrict) list for
-ntpq
+ntpq
 Authentication is required.
 
                                                    
-
                                                    saveconfig filename
                                                    
+
                                                    saveconfig filename
                                                    
 
                                                    Save the current configuration,
 including any runtime modifications made by
-:config
+:config
 or
-config-from-file,
+config-from-file,
 to the NTP server host file
-filename.
+filename.
 This command will be rejected by the server unless
 .Lk miscopt.html#saveconfigdir "saveconfigdir"
 appears in the
-ntpd(8)
+ntpd(8)
 configuration file.
-filename
+filename
 can use
-date(1)
+date(1)
 format specifiers to substitute the current date and time, for
 example,
 
                                                    
-
                                                    saveconfig ntp-%Y%m%d-%H%M%S.conf. 
+
                                                    saveconfig ntp-%Y%m%d-%H%M%S.conf. 
 
                                                    
 
                                                    The filename used is stored in system variable
-savedconfig.
+savedconfig.
 Authentication is required.
 
                                                    
-
                                                    sysinfo
                                                    
+
                                                    sysinfo
                                                    
 
                                                    Display system operational summary:
 associd, status, system peer, system peer mode, leap indicator,
 stratum, log2 precision, root delay, root dispersion,
 reference id, reference time, system jitter, clock jitter,
 clock wander, broadcast delay, symm. auth. delay.
 
                                                    
-
                                                    sysstats
                                                    
+
                                                    sysstats
                                                    
 
                                                    Display system uptime and packet counts maintained in the
 protocol module:
 uptime, sysstats reset, packets received, current version,
@@ -862,38 +827,40 @@ older version, bad length or format, authentication failed,
 declined, restricted, rate limited, KoD responses,
 processed for time.
 
                                                    
-
                                                    timerstats
                                                    
+
                                                    timerstats
                                                    
 
                                                    Display interval timer counters:
 time since reset, timer overruns, calls to transmit.
 
                                                    
-
                                                    writelist associd
                                                    
+
                                                    writelist associd
                                                    
 
                                                    Set all system or peer variables included in the variable list.
 
                                                    
-
                                                    writevar associd name=value [, ...]
                                                    
+
                                                    writevar associd name=value [, ...]
                                                    
 
                                                    Set the specified variables in the variable list.
 If the
-associd
+associd
 is zero, the variables are from the
-System Variables
+System Variables
 name space, otherwise they are from the
-Peer Variables
+Peer Variables
 name space.
 The
-associd
+associd
 is required, as the same name can occur in both spaces.
 Authentication is required.
 
                                                    
 
                                                    
 
-
                                                    1.1.1.2 Status Words and Kiss Codes
                                                    
+
                                                    
+
                                                    
+
                                                    1.1.1.2 Status Words and Kiss Codes
                                                    
 
                                                    The current state of the operating program is shown
 in a set of status words
 maintained by the system.
 Status information is also available on a per-association basis.
 These words are displayed by the
-readlist
+readlist
 and
-associations
+associations
 commands both in hexadecimal and in decoded short tip strings.
 The codes, tips and short explanations are documented on the
 .Lk decode.html "Event Messages and Status Words"
@@ -909,84 +876,86 @@ sent by the server to advise the client of an unusual condition.
 They are now displayed, when appropriate,
 in the reference identifier field in various billboards.
 
                                                    
-
                                                    1.1.1.3 System Variables
                                                    
+
                                                    
+
                                                    
+
                                                    1.1.1.3 System Variables
                                                    
 
                                                    The following system variables appear in the
-readlist
+readlist
 billboard.
 Not all variables are displayed in some configurations.
 
                                                    
-
                                                    
+
                                                    
 
                                                    Variable
                                                    
 
                                                    Description
 
                                                    
-
                                                    status
                                                    
+
                                                    status
                                                    
 
                                                    .Lk decode.html#sys "system status word"
 
                                                    
-
                                                    version
                                                    
+
                                                    version
                                                    
 
                                                    NTP software version and build time
 
                                                    
-
                                                    processor
                                                    
+
                                                    processor
                                                    
 
                                                    hardware platform and version
 
                                                    
-
                                                    system
                                                    
+
                                                    system
                                                    
 
                                                    operating system and version
 
                                                    
-
                                                    leap
                                                    
+
                                                    leap
                                                    
 
                                                    leap warning indicator (0-3)
 
                                                    
-
                                                    stratum
                                                    
+
                                                    stratum
                                                    
 
                                                    stratum (1-15)
 
                                                    
-
                                                    precision
                                                    
+
                                                    precision
                                                    
 
                                                    precision (log2 s)
 
                                                    
-
                                                    rootdelay
                                                    
+
                                                    rootdelay
                                                    
 
                                                    total roundtrip delay to the primary reference clock
 
                                                    
-
                                                    rootdisp
                                                    
+
                                                    rootdisp
                                                    
 
                                                    total dispersion to the primary reference clock
 
                                                    
-
                                                    refid
                                                    
+
                                                    refid
                                                    
 
                                                    reference id or
 .Lk decode.html#kiss "kiss code"
 
                                                    
-
                                                    reftime
                                                    
+
                                                    reftime
                                                    
 
                                                    reference time
 
                                                    
-
                                                    clock
                                                    
+
                                                    clock
                                                    
 
                                                    date and time of day
 
                                                    
-
                                                    peer
                                                    
+
                                                    peer
                                                    
 
                                                    system peer association id
 
                                                    
-
                                                    tc
                                                    
+
                                                    tc
                                                    
 
                                                    time constant and poll exponent (log2 s) (3-17)
 
                                                    
-
                                                    mintc
                                                    
+
                                                    mintc
                                                    
 
                                                    minimum time constant (log2 s) (3-10)
 
                                                    
-
                                                    offset
                                                    
+
                                                    offset
                                                    
 
                                                    combined offset of server relative to this host
 
                                                    
-
                                                    frequency
                                                    
+
                                                    frequency
                                                    
 
                                                    frequency drift (PPM) relative to hardware clock
 
                                                    
-
                                                    sys_jitter
                                                    
+
                                                    sys_jitter
                                                    
 
                                                    combined system jitter
 
                                                    
-
                                                    clk_wander
                                                    
+
                                                    clk_wander
                                                    
 
                                                    clock frequency wander (PPM)
 
                                                    
-
                                                    clk_jitter
                                                    
+
                                                    clk_jitter
                                                    
 
                                                    clock jitter
 
                                                    
-
                                                    tai
                                                    
+
                                                    tai
                                                    
 
                                                    TAI-UTC offset (s)
 
                                                    
-
                                                    leapsec
                                                    
+
                                                    leapsec
                                                    
 
                                                    NTP seconds when the next leap second is/was inserted
 
                                                    
-
                                                    expire
                                                    
+
                                                    expire
                                                    
 
                                                    NTP seconds when the NIST leapseconds file expires
 
                                                    
 
                                                    
@@ -998,283 +967,262 @@ the clock jitter statistic is computed by the clock discipline module.
 additional system variables are displayed,
 including some or all of the following,
 depending on the particular Autokey dance:
-
                                                    
+
                                                    
 
                                                    Variable
                                                    
 
                                                    Description
 
                                                    
-
                                                    host
                                                    
+
                                                    host
                                                    
 
                                                    Autokey host name for this host
 
                                                    
-
                                                    ident
                                                    
+
                                                    ident
                                                    
 
                                                    Autokey group name for this host
 
                                                    
-
                                                    flags
                                                    
+
                                                    flags
                                                    
 
                                                    host flags  (see Autokey specification)
 
                                                    
-
                                                    digest
                                                    
+
                                                    digest
                                                    
 
                                                    OpenSSL message digest algorithm
 
                                                    
-
                                                    signature
                                                    
+
                                                    signature
                                                    
 
                                                    OpenSSL digest/signature scheme
 
                                                    
-
                                                    update
                                                    
+
                                                    update
                                                    
 
                                                    NTP seconds at last signature update
 
                                                    
-
                                                    cert
                                                    
+
                                                    cert
                                                    
 
                                                    certificate subject, issuer and certificate flags
 
                                                    
-
                                                    until
                                                    
+
                                                    until
                                                    
 
                                                    NTP seconds when the certificate expires
 
                                                    
 
                                                    
-
                                                    1.1.1.4 Peer Variables
                                                    
+
                                                    
+
                                                    
+
                                                    1.1.1.4 Peer Variables
                                                    
 
                                                    The following peer variables appear in the
-readlist
+readlist
 billboard for each association.
 Not all variables are displayed in some configurations.
 
                                                    
-
                                                    
+
                                                    
 
                                                    Variable
                                                    
 
                                                    Description
 
                                                    
-
                                                    associd
                                                    
+
                                                    associd
                                                    
 
                                                    association id
 
                                                    
-
                                                    status
                                                    
+
                                                    status
                                                    
 
                                                    .Lk decode.html#peer "peer status word"
 
                                                    
-
                                                    srcadr
                                                    
+
                                                    srcadr
                                                    
 
                                                    source (remote) IP address
 
                                                    
-
                                                    srcport
                                                    
+
                                                    srcport
                                                    
 
                                                    source (remote) port
 
                                                    
-
                                                    dstadr
                                                    
+
                                                    dstadr
                                                    
 
                                                    destination (local) IP address
 
                                                    
-
                                                    dstport
                                                    
+
                                                    dstport
                                                    
 
                                                    destination (local) port
 
                                                    
-
                                                    leap
                                                    
+
                                                    leap
                                                    
 
                                                    leap indicator (0-3)
 
                                                    
-
                                                    stratum
                                                    
+
                                                    stratum
                                                    
 
                                                    stratum (0-15)
 
                                                    
-
                                                    precision
                                                    
+
                                                    precision
                                                    
 
                                                    precision (log2 s)
 
                                                    
-
                                                    rootdelay
                                                    
+
                                                    rootdelay
                                                    
 
                                                    total roundtrip delay to the primary reference clock
 
                                                    
-
                                                    rootdisp
                                                    
+
                                                    rootdisp
                                                    
 
                                                    total root dispersion to the primary reference clock
 
                                                    
-
                                                    refid
                                                    
+
                                                    refid
                                                    
 
                                                    reference id or
 .Lk decode.html#kiss "kiss code"
 
                                                    
-
                                                    reftime
                                                    
+
                                                    reftime
                                                    
 
                                                    reference time
 
                                                    
-
                                                    rec
                                                    
+
                                                    rec
                                                    
 
                                                    last packet received time
 
                                                    
-
                                                    reach
                                                    
+
                                                    reach
                                                    
 
                                                    reach register (octal)
 
                                                    
-
                                                    unreach
                                                    
+
                                                    unreach
                                                    
 
                                                    unreach counter
 
                                                    
-
                                                    hmode
                                                    
+
                                                    hmode
                                                    
 
                                                    host mode (1-6)
 
                                                    
-
                                                    pmode
                                                    
+
                                                    pmode
                                                    
 
                                                    peer mode (1-5)
 
                                                    
-
                                                    hpoll
                                                    
+
                                                    hpoll
                                                    
 
                                                    host poll exponent (log2 s) (3-17)
 
                                                    
-
                                                    ppoll
                                                    
+
                                                    ppoll
                                                    
 
                                                    peer poll exponent (log2 s) (3-17)
 
                                                    
-
                                                    headway
                                                    
+
                                                    headway
                                                    
 
                                                    headway (see
 .Lk rate.html "Rate Management and the Kiss-o’-Death Packet" )
 
                                                    
-
                                                    flash
                                                    
+
                                                    flash
                                                    
 
                                                    .Lk decode.html#flash "flash status word"
 
                                                    
-
                                                    keyid
                                                    
+
                                                    keyid
                                                    
 
                                                    symmetric key id
 
                                                    
-
                                                    offset
                                                    
+
                                                    offset
                                                    
 
                                                    filter offset
 
                                                    
-
                                                    delay
                                                    
+
                                                    delay
                                                    
 
                                                    filter delay
 
                                                    
-
                                                    dispersion
                                                    
+
                                                    dispersion
                                                    
 
                                                    filter dispersion
 
                                                    
-
                                                    jitter
                                                    
+
                                                    jitter
                                                    
 
                                                    filter jitter
 
                                                    
-
                                                    bias
                                                    
+
                                                    bias
                                                    
 
                                                    unicast/broadcast bias
 
                                                    
-
                                                    xleave
                                                    
+
                                                    xleave
                                                    
 
                                                    interleave delay (see
 .Lk xleave.html "NTP Interleaved Modes" )
 
                                                    
 
                                                    
 
                                                    The
-bias
+bias
 variable is calculated when the first broadcast packet is received
 after the calibration volley.
 It represents the offset of the broadcast subgraph relative to the
 unicast subgraph.
 The
-xleave
+xleave
 variable appears only for the interleaved symmetric and interleaved modes.
 It represents the internal queuing, buffering and transmission delays
 for the preceding packet.
 
                                                    
 
                                                    When the NTPv4 daemon is compiled with the OpenSSL software library,
 additional peer variables are displayed, including the following:
-
                                                    
+
                                                    
 
                                                    Variable
                                                    
 
                                                    Description
 
                                                    
-
                                                    flags
                                                    
+
                                                    flags
                                                    
 
                                                    peer flags (see Autokey specification)
 
                                                    
-
                                                    host
                                                    
+
                                                    host
                                                    
 
                                                    Autokey server name
 
                                                    
-
                                                    flags
                                                    
+
                                                    flags
                                                    
 
                                                    peer flags (see Autokey specification)
 
                                                    
-
                                                    signature
                                                    
+
                                                    signature
                                                    
 
                                                    OpenSSL digest/signature scheme
 
                                                    
-
                                                    initsequence
                                                    
+
                                                    initsequence
                                                    
 
                                                    initial key id
 
                                                    
-
                                                    initkey
                                                    
+
                                                    initkey
                                                    
 
                                                    initial key index
 
                                                    
-
                                                    timestamp
                                                    
+
                                                    timestamp
                                                    
 
                                                    Autokey signature timestamp
 
                                                    
-
                                                    ident
                                                    
+
                                                    ident
                                                    
 
                                                    Autokey group name for this association
 
                                                    
 
                                                    
 
-
                                                    1.1.1.5 Clock Variables
                                                    
+
                                                    
+
                                                    
+
                                                    1.1.1.5 Clock Variables
                                                    
 
                                                    The following clock variables appear in the
-clocklist
+clocklist
 billboard for each association with a reference clock.
 Not all variables are displayed in some configurations.
-
                                                    
+
                                                    
 
                                                    Variable
                                                    
 
                                                    Description
 
                                                    
-
                                                    associd
                                                    
+
                                                    associd
                                                    
 
                                                    association id
 
                                                    
-
                                                    status
                                                    
+
                                                    status
                                                    
 
                                                    .Lk decode.html#clock "clock status word"
 
                                                    
-
                                                    device
                                                    
+
                                                    device
                                                    
 
                                                    device description
 
                                                    
-
                                                    timecode
                                                    
+
                                                    timecode
                                                    
 
                                                    ASCII time code string (specific to device)
 
                                                    
-
                                                    poll
                                                    
+
                                                    poll
                                                    
 
                                                    poll messages sent
 
                                                    
-
                                                    noreply
                                                    
+
                                                    noreply
                                                    
 
                                                    no reply
 
                                                    
-
                                                    badformat
                                                    
+
                                                    badformat
                                                    
 
                                                    bad format
 
                                                    
-
                                                    baddata
                                                    
+
                                                    baddata
                                                    
 
                                                    bad date or time
 
                                                    
-
                                                    fudgetime1
                                                    
+
                                                    fudgetime1
                                                    
 
                                                    fudge time 1
 
                                                    
-
                                                    fudgetime2
                                                    
+
                                                    fudgetime2
                                                    
 
                                                    fudge time 2
 
                                                    
-
                                                    stratum
                                                    
+
                                                    stratum
                                                    
 
                                                    driver stratum
 
                                                    
-
                                                    refid
                                                    
+
                                                    refid
                                                    
 
                                                    driver reference id
 
                                                    
-
                                                    flags
                                                    
+
                                                    flags
                                                    
 
                                                    driver flags
 
                                                    
 
                                                    
 
-
                                                    This section was generated by AutoGen,
-using the agtexi-cmd template and the option descriptions for the ntpq program.
+
                                                    This section was generated by AutoGen,
+using the agtexi-cmd template and the option descriptions for the ntpq program.
 This software is released under the NTP license, <http://ntp.org/license>.
 
                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                    ntpq usage  ntpq help/usage (--help)
-
                                                    ntpq ipv4  ipv4 option (-4)
-
                                                    ntpq ipv6  ipv6 option (-6)
-
                                                    ntpq command  command option (-c)
-
                                                    ntpq interactive  interactive option (-i)
-
                                                    ntpq numeric  numeric option (-n)
-
                                                    ntpq old-rv  old-rv option
-
                                                    ntpq peers  peers option (-p)
-
                                                    ntpq refid  refid option (-r)
-
                                                    ntpq unconnected  unconnected option (-u)
-
                                                    ntpq wide  wide option (-w)
-
                                                    ntpq config  presetting/configuring ntpq
-
                                                    ntpq exit status  exit status
-
                                                    
 
 
                                                    
-
                                                    
+
                                                    
+
                                                    
+
                                                    
+
                                                    
 
                                                    
-Next: , Up: ntpq Invocation   
                                                    
+Next: , Up: Invoking ntpq   
                                                    
 
                                                    
-
                                                    1.1.2 ntpq help/usage (--help)
                                                    
-
+
                                                    1.1.2 ntpq help/usage (--help)
                                                    
+
 
 
                                                    This is the automatically generated usage text for ntpq.
 
                                                    
-
                                                    The text printed is the same whether selected with the help option
-(--help) or the more-help option (--more-help).  more-help will print
+
                                                    The text printed is the same whether selected with the help option
+(--help) or the more-help option (--more-help).  more-help will print
 the usage text by passing it through a pager program.
-more-help is disabled on platforms without a working
-fork(2) function.  The PAGER environment variable is
-used to select the program, defaulting to more.  Both will exit
+more-help is disabled on platforms without a working
+fork(2) function.  The PAGER environment variable is
+used to select the program, defaulting to more.  Both will exit
 with a status code of 0.
 
                                                    
 
                                                    
-
                                                    ntpq - standard NTP query program - Ver. 4.2.8p17
+
                                                    ntpq - standard NTP query program - Ver. 4.2.8p17
 Usage:  ntpq [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]
   Flg Arg Option-Name    Description
    -4 no  ipv4           Force IPv4 name resolution
@@ -1322,144 +1270,160 @@ Please send bug reports to:  <https://bugs.ntp.org, bugs@ntp.org>
 
                                                    
 
 
                                                    
-
                                                    
+
                                                    
+
                                                    
+
                                                    
 
                                                    
-Next: , Previous: , Up: ntpq Invocation   
                                                    
+Next: , Previous: , Up: Invoking ntpq   
                                                    
 
                                                    
-
                                                    1.1.3 ipv4 option (-4)
                                                    
-
+
                                                    1.1.3 ipv4 option (-4)
                                                    
+
 
 
                                                    This is the “force ipv4 name resolution” option.
 
                                                    
 
                                                    This option has some usage constraints.  It:
-
                                                      
-
                                                    •  must not appear in combination with any of the following options:
+
                                                        
+
                                                      • must not appear in combination with any of the following options:
 ipv6.
 
                                                      
 
 
                                                      Force resolution of following host names on the command line
 to the IPv4 namespace.
 
                                                      
-
                                                      
+
                                                      
+
                                                      
+
                                                      
 
                                                      
-Next: , Previous: , Up: ntpq Invocation   
                                                      
+Next: , Previous: , Up: Invoking ntpq   
                                                      
 
                                                      
-
                                                      1.1.4 ipv6 option (-6)
                                                      
-
+
                                                      1.1.4 ipv6 option (-6)
                                                      
+
 
 
                                                      This is the “force ipv6 name resolution” option.
 
                                                      
 
                                                      This option has some usage constraints.  It:
-
                                                        
-
                                                      •  must not appear in combination with any of the following options:
+
                                                          
+
                                                        • must not appear in combination with any of the following options:
 ipv4.
 
                                                        
 
 
                                                        Force resolution of following host names on the command line
 to the IPv6 namespace.
 
                                                        
-
                                                        
+
                                                        
+
                                                        
+
                                                        
 
                                                        
-Next: , Previous: , Up: ntpq Invocation   
                                                        
+Next: , Previous: , Up: Invoking ntpq   
                                                        
 
                                                        
-
                                                        1.1.5 command option (-c)
                                                        
-
+
                                                        1.1.5 command option (-c)
                                                        
+
 
 
                                                        This is the “run a command and exit” option.
-This option takes a string argument cmd.
+This option takes a string argument cmd.
 
                                                        
 
                                                        This option has some usage constraints.  It:
-
                                                          
-
                                                        •  may appear an unlimited number of times.
+
                                                            
+
                                                          • may appear an unlimited number of times.
 
                                                          
 
 
                                                          The following argument is interpreted as an interactive format command
 and is added to the list of commands to be executed on the specified
 host(s).
 
                                                          
-
                                                          
+
                                                          
+
                                                          
+
                                                          
 
                                                          
-Next: , Previous: , Up: ntpq Invocation   
                                                          
+Next: , Previous: , Up: Invoking ntpq   
                                                          
 
                                                          
-
                                                          1.1.6 interactive option (-i)
                                                          
-
+
                                                          1.1.6 interactive option (-i)
                                                          
+
 
 
                                                          This is the “force ntpq to operate in interactive mode” option.
 
                                                          
 
                                                          This option has some usage constraints.  It:
-
                                                            
-
                                                          •  must not appear in combination with any of the following options:
+
                                                              
+
                                                            • must not appear in combination with any of the following options:
 command, peers.
 
                                                            
 
-
                                                            Force ntpq to operate in interactive mode.
+
                                                            Force ntpq to operate in interactive mode.
 Prompts will be written to the standard output and
 commands read from the standard input.
 
                                                            
-
                                                            
+
                                                            
+
                                                            
+
                                                            
 
                                                            
-Next: , Previous: , Up: ntpq Invocation   
                                                            
+Next: , Previous: , Up: Invoking ntpq   
                                                            
 
                                                            
-
                                                            1.1.7 numeric option (-n)
                                                            
-
+
                                                            1.1.7 numeric option (-n)
                                                            
+
 
 
                                                            This is the “numeric host addresses” option.
 Output all host addresses in dotted-quad numeric format rather than
 converting to the canonical host names.
 
                                                            
-
                                                            
+
                                                            
+
                                                            
+
                                                            
 
                                                            
-Next: , Previous: , Up: ntpq Invocation   
                                                            
+Next: , Previous: , Up: Invoking ntpq   
                                                            
 
                                                            
-
                                                            1.1.8 old-rv option
                                                            
-
+
                                                            1.1.8 old-rv option
                                                            
+
 
 
                                                            This is the “always output status line with readvar” option.
-By default, ntpq now suppresses the associd=...
-line that precedes the output of readvar
-(alias rv) when a single variable is requested, such as
-ntpq -c "rv 0 offset".
-This option causes ntpq to include both lines of output
-for a single-variable readvar.
+By default, ntpq now suppresses the associd=...
+line that precedes the output of readvar
+(alias rv) when a single variable is requested, such as
+ntpq -c "rv 0 offset".
+This option causes ntpq to include both lines of output
+for a single-variable readvar.
 Using an environment variable to
 preset this option in a script will enable both older and
-newer ntpq to behave identically in this regard.
+newer ntpq to behave identically in this regard.
 
                                                            
-
                                                            
+
                                                            
+
                                                            
+
                                                            
 
                                                            
-Next: , Previous: , Up: ntpq Invocation   
                                                            
+Next: , Previous: , Up: Invoking ntpq   
                                                            
 
                                                            
-
                                                            1.1.9 peers option (-p)
                                                            
-
+
                                                            1.1.9 peers option (-p)
                                                            
+
 
 
                                                            This is the “print a list of the peers” option.
 
                                                            
 
                                                            This option has some usage constraints.  It:
-
                                                              
-
                                                            •  must not appear in combination with any of the following options:
+
                                                                
+
                                                              • must not appear in combination with any of the following options:
 interactive.
 
                                                              
 
 
                                                              Print a list of the peers known to the server as well as a summary
 of their state. This is equivalent to the ’peers’ interactive command.
 
                                                              
-
                                                              
+
                                                              
+
                                                              
+
                                                              
 
                                                              
-Next: , Previous: , Up: ntpq Invocation   
                                                              
+Next: , Previous: , Up: Invoking ntpq   
                                                              
 
                                                              
-
                                                              1.1.10 refid option (-r)
                                                              
-
+
                                                              1.1.10 refid option (-r)
                                                              
+
 
 
                                                              This is the “set default display type for s2+ refids” option.
 This option takes a keyword argument.
 
                                                              
 
                                                              This option has some usage constraints.  It:
-
                                                                
-
                                                              •  This option takes a keyword as its argument.
+
                                                                  
+
                                                                • This option takes a keyword as its argument.
 The argument sets an enumeration value that can be tested by comparing the option value macro (OPT_VALUE_REFID).
 The available keywords are:
 
                                                                  
-
                                                                      hash ipv4
+
                                                                      hash ipv4
 
                                                                  
 
 
                                                                  or their numeric equivalent.
@@ -1467,23 +1431,27 @@ The available keywords are:
 
 
                                                                  Set the default display format for S2+ refids.
 
                                                                  
-
                                                                  
+
                                                                  
+
                                                                  
+
                                                                  
 
                                                                  
-Next: , Previous: , Up: ntpq Invocation   
                                                                  
+Next: , Previous: , Up: Invoking ntpq   
                                                                  
 
                                                                  
-
                                                                  1.1.11 unconnected option (-u)
                                                                  
-
+
                                                                  1.1.11 unconnected option (-u)
                                                                  
+
 
 
                                                                  This is the “use unconnected udp to communicate with ntpd (default on windows)” option.
 Open an unconnected UDP association to ntpd (the default
 on Windows).
 
                                                                  
-
                                                                  
+
                                                                  
+
                                                                  
+
                                                                  
 
                                                                  
-Next: , Previous: , Up: ntpq Invocation   
                                                                  
+Next: , Previous: , Up: Invoking ntpq   
                                                                  
 
                                                                  
-
                                                                  1.1.12 wide option (-w)
                                                                  
-
+
                                                                  1.1.12 wide option (-w)
                                                                  
+
 
 
                                                                  This is the “display the full ’remote’ value” option.
 Display the full value of the ’remote’ value.  If this requires
@@ -1492,29 +1460,31 @@ and continue the data display properly indented on the next line.
 
                                                                  
 
 
                                                                  
-
                                                                  
+
                                                                  
+
                                                                  
+
                                                                  
 
                                                                  
-Next: , Previous: , Up: ntpq Invocation   
                                                                  
+Next: , Previous: , Up: Invoking ntpq   
                                                                  
 
                                                                  
-
                                                                  1.1.13 presetting/configuring ntpq
                                                                  
+
                                                                  1.1.13 presetting/configuring ntpq
                                                                  
 
-
                                                                  Any option that is not marked as not presettable may be preset by
-loading values from configuration ("rc" or "ini") files, and values from environment variables named NTPQ and NTPQ_<OPTION_NAME>.  <OPTION_NAME> must be one of
+
                                                                  Any option that is not marked as not presettable may be preset by
+loading values from configuration ("rc" or "ini") files, and values from environment variables named NTPQ and NTPQ_<OPTION_NAME>.  <OPTION_NAME> must be one of
 the options listed above in upper case and segmented with underscores.
-The NTPQ variable will be tokenized and parsed like
+The NTPQ variable will be tokenized and parsed like
 the command line.  The remaining variables are tested for existence and their
 values are treated like option arguments.
 
                                                                  
 
-
                                                                  libopts will search in 2 places for configuration files:
-
                                                                    
-
                                                                  •  $HOME
-
                                                                  •  $PWD
+
                                                                    libopts will search in 2 places for configuration files:
+
                                                                      
+
                                                                    • $HOME
+
                                                                    • $PWD
 
                                                                    
-
                                                                    The environment variables HOME, and PWD
-are expanded and replaced when ntpq runs.
+
                                                                    The environment variables HOME, and PWD
+are expanded and replaced when ntpq runs.
 For any of these that are plain files, they are simply processed.
-For any that are directories, then a file named .ntprc is searched for
+For any that are directories, then a file named .ntprc is searched for
 within that directory and processed.
 
                                                                    
 
                                                                    Configuration files may be in a wide variety of formats.
@@ -1527,237 +1497,248 @@ lines by escaping the newline with a backslash.
 Common options are collected at the top, followed by program specific
 segments.  The segments are separated by lines like:
 
                                                                    
-
                                                                    [NTPQ]
+
                                                                    [NTPQ]
 
                                                                    
 
                                                                    or by
 
                                                                    
-
                                                                    <?program ntpq>
+
                                                                    <?program ntpq>
 
                                                                    
 
                                                                    Do not mix these styles within one configuration file.
 
                                                                    
 
                                                                    Compound values and carefully constructed string values may also be
 specified using XML syntax:
 
                                                                    
-
                                                                    <option-name>
+
                                                                    <option-name>
    <sub-opt>...&lt;...&gt;...</sub-opt>
 </option-name>
 
                                                                    
-
                                                                    yielding an option-name.sub-opt string value of
+
                                                                    yielding an option-name.sub-opt string value of
 
                                                                    
-
                                                                    "...<...>..."
+
                                                                    "...<...>..."
 
                                                                    
-
                                                                    AutoOpts does not track suboptions.  You simply note that it is a
-hierarchicly valued option.  AutoOpts does provide a means for searching
+
                                                                    AutoOpts does not track suboptions.  You simply note that it is a
+hierarchicly valued option.  AutoOpts does provide a means for searching
 the associated name/value pair list (see: optionFindValue).
 
                                                                    
 
                                                                    The command line options relating to configuration and/or usage help are:
 
                                                                    
-
                                                                    version (-)
                                                                    
+
                                                                    version (-)
                                                                    
 
 
                                                                    Print the program version to standard out, optionally with licensing
 information, then exit 0.  The optional argument specifies how much licensing
 detail to provide.  The default is to print just the version.  The licensing information may be selected with an option argument.
 Only the first letter of the argument is examined:
 
                                                                    
-
                                                                    
-
                                                                    version
                                                                    
+
                                                                    
+
                                                                    version
                                                                    
 
                                                                    Only print the version.  This is the default.
 
                                                                    
-
                                                                    copyright
                                                                    
+
                                                                    copyright
                                                                    
 
                                                                    Name the copyright usage licensing terms.
 
                                                                    
-
                                                                    verbose
                                                                    
+
                                                                    verbose
                                                                    
 
                                                                    Print the full copyright usage licensing terms.
 
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Previous: , Up: ntpq Invocation   
                                                                    
+Previous: , Up: Invoking ntpq   
                                                                    
 
                                                                    
-
                                                                    1.1.14 ntpq exit status
                                                                    
+
                                                                    1.1.14 ntpq exit status
                                                                    
 
 
                                                                    One of the following exit values will be returned:
-
                                                                    
-
                                                                    0 (EXIT_SUCCESS)
                                                                    
+
                                                                    
+
                                                                    0 (EXIT_SUCCESS)
                                                                    
 
                                                                    Successful program execution.
 
                                                                    
-
                                                                    1 (EXIT_FAILURE)
                                                                    
+
                                                                    1 (EXIT_FAILURE)
                                                                    
 
                                                                    The operation failed or the command syntax was not valid.
 
                                                                    
-
                                                                    66 (EX_NOINPUT)
                                                                    
+
                                                                    66 (EX_NOINPUT)
                                                                    
 
                                                                    A specified configuration file could not be loaded.
 
                                                                    
-
                                                                    70 (EX_SOFTWARE)
                                                                    
+
                                                                    70 (EX_SOFTWARE)
                                                                    
 
                                                                    libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you.
 
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: Top   
                                                                    
+Next: , Previous: , Up: ntpq: Network Time Protocol Query User Manual   
                                                                    
 
                                                                    
-
                                                                    1.2 Usage
                                                                    
+
                                                                    1.2 Usage
                                                                    
 
-
+
                                                                    
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
                                                                    
 
                                                                    WhatDefaultFlagOption
                                                                    configuration file/etc/ntp.conf-cconffile
                                                                    frequency filenone-fdriftfile
                                                                    leapseconds filenoneleapfile
                                                                    process ID filenone-ppidfile
                                                                    log filesystem log-llogfile
                                                                    include filenonenoneincludefile
                                                                    statistics path/var/NTP-sstatsdir
                                                                    keys path/usr/local/etc-kkeysdir
                                                                    configuration file/etc/ntp.conf-cconffile
                                                                    frequency filenone-fdriftfile
                                                                    leapseconds filenoneleapfile
                                                                    process ID filenone-ppidfile
                                                                    log filesystem log-llogfile
                                                                    include filenonenoneincludefile
                                                                    statistics path/var/NTP-sstatsdir
                                                                    keys path/usr/local/etc-kkeysdir
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: Top   
                                                                    
+Next: , Previous: , Up: ntpq: Network Time Protocol Query User Manual   
                                                                    
 
                                                                    
-
                                                                    1.3 Internal Commands
                                                                    
+
                                                                    1.3 Internal Commands
                                                                    
 
-
                                                                    Interactive format commands consist of a keyword followed by zero to four arguments.  Only enough characters of the full keyword to uniquely identify the command need be typed.  The output of a command is normally sent to the standard output, but optionally the output of individual commands may be sent to a file by appending a >, followed by a file name, to the command line.  A number of interactive format commands are executed entirely within the ntpq program itself and do not result in NTP mode-6 requests being sent to a server.  These are described following.
+
                                                                    Interactive format commands consist of a keyword followed by zero to four arguments.  Only enough characters of the full keyword to uniquely identify the command need be typed.  The output of a command is normally sent to the standard output, but optionally the output of individual commands may be sent to a file by appending a >, followed by a file name, to the command line.  A number of interactive format commands are executed entirely within the ntpq program itself and do not result in NTP mode-6 requests being sent to a server.  These are described following.
 
                                                                    
-
                                                                    
-
                                                                    ? [command_keyword]
                                                                    
-
                                                                    help [command_keyword]
                                                                    
-
                                                                    A ? by itself will print a list of all the command keywords known to ntpq.  A ? followed by a command keyword will print function and usage information about the command.
+
                                                                    
+
                                                                    ? [command_keyword]
                                                                    
+
                                                                    help [command_keyword]
                                                                    
+
                                                                    A ? by itself will print a list of all the command keywords known to ntpq.  A ? followed by a command keyword will print function and usage information about the command.
 
                                                                    
 
                                                                    
-
                                                                    >addvars name [ = value] [...]
                                                                    
-
                                                                    rmvars name [...]
                                                                    
-
                                                                    clearvars</dt>
                                                                    
+
                                                                    >addvars name [ = value] [...]
                                                                    
+
                                                                    rmvars name [...]
                                                                    
+
                                                                    clearvars</dt>
                                                                    
 
                                                                    The arguments to these commands consist of a list of items of the form
-name = value, where the = value is ignored,
+name = value, where the = value is ignored,
 and can be omitted in read requests.
-ntpq maintains an internal list in which data to be included
-in control messages can be assembled, and sent using the readlist
-and writelist commands described below.
-The addvars command allows variables and optional values
+ntpq maintains an internal list in which data to be included
+in control messages can be assembled, and sent using the readlist
+and writelist commands described below.
+The addvars command allows variables and optional values
 to be added to the list.
 If more than one variable is to be added
 the list should be comma-separated and not contain white space.
-The rmvars command can be used to remove individual variables
+The rmvars command can be used to remove individual variables
 from the list,
-while the clearlist command removes all variables from the list.
+while the clearlist command removes all variables from the list.
 
                                                                    
 
                                                                    
-
                                                                    cooked
                                                                    
+
                                                                    cooked
                                                                    
 
                                                                    Display server messages in prettyprint format.
 
                                                                    
 
                                                                    
-
                                                                    debug more | less | off
                                                                    
+
                                                                    debug more | less | off
                                                                    
 
                                                                    Turns internal query program debugging on and off.
 
                                                                    
 
                                                                    
-
                                                                    delay milliseconds
                                                                    
+
                                                                    delay milliseconds
                                                                    
 
                                                                    Specify a time interval to be added to timestamps included in requests which require authentication.  This is used to enable (unreliable) server reconfiguration over long delay network paths or between machines whose clocks are unsynchronized.  Actually the server does not now require timestamps in authenticated requests, so this command may be obsolete.
 
                                                                    
 
                                                                    
-
                                                                    host name
                                                                    
+
                                                                    host name
                                                                    
 
                                                                    Set the host to which future queries will be sent.
 The name may be either a DNS name or a numeric address.
 
                                                                    
 
                                                                    
-
                                                                    hostnames [yes | no]
                                                                    
-
                                                                    If yes is specified, host names are printed in information displays.
-If no is specified, numeric addresses are printed instead.
-The default is yes,
-unless modified using the command line -n switch.
+
                                                                    hostnames [yes | no]
                                                                    
+
                                                                    If yes is specified, host names are printed in information displays.
+If no is specified, numeric addresses are printed instead.
+The default is yes,
+unless modified using the command line -n switch.
 
                                                                    
 
                                                                    
-
                                                                    keyid keyid
                                                                    
+
                                                                    keyid keyid
                                                                    
 
                                                                    This command specifies the key number to be used
 to authenticate configuration requests.
-This must correspond to a key ID configured in ntp.conf for this purpose.
+This must correspond to a key ID configured in ntp.conf for this purpose.
 
                                                                    
 
                                                                    
-
                                                                    keytype
                                                                    
+
                                                                    keytype
                                                                    
 
                                                                    Specify the digest algorithm to use for authenticated requests,
-with default MD5.
+with default MD5.
 If the OpenSSL library is installed,
 digest can be be any message digest algorithm supported by the library.
-The current selections are: AES128CMAC, MD2, MD4, MD5, MDC2, RIPEMD160, SHA and SHA1.
+The current selections are: AES128CMAC, MD2, MD4, MD5, MDC2, RIPEMD160, SHA and SHA1.
 
                                                                    
 
                                                                    
-
                                                                    ntpversion 1 | 2 | 3 | 4
                                                                    
-
                                                                    Sets the NTP version number which ntpq claims in packets.
+
                                                                    ntpversion 1 | 2 | 3 | 4
                                                                    
+
                                                                    Sets the NTP version number which ntpq claims in packets.
 Defaults to 2.
 Note that mode-6 control messages (and modes, for that matter)
 didn’t exist in NTP version 1.
 
                                                                    
 
                                                                    
-
                                                                    passwd
                                                                    
+
                                                                    passwd
                                                                    
 
                                                                    This command prompts for a password to authenticate requests.
-The password must correspond to the key ID configured in ntp.conf for this purpose.
+The password must correspond to the key ID configured in ntp.conf for this purpose.
 
                                                                    
 
                                                                    
-
                                                                    quit
                                                                    
-
                                                                    Exit ntpq.
+
                                                                    quit
                                                                    
+
                                                                    Exit ntpq.
 
                                                                    
 
                                                                    
-
                                                                    raw
                                                                    
+
                                                                    raw
                                                                    
 
                                                                    Display server messages as received and without reformatting.
 
                                                                    
 
                                                                    
-
                                                                    timeout milliseconds
                                                                    
+
                                                                    timeout milliseconds
                                                                    
 
                                                                    Specify a timeout period for responses to server queries.
 The default is about 5000 milliseconds.
-Note that since ntpq retries each query once after a timeout
+Note that since ntpq retries each query once after a timeout
 the total waiting time for a timeout will be twice the timeout value set.
 
                                                                    
 
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: Top   
                                                                    
+Next: , Previous: , Up: ntpq: Network Time Protocol Query User Manual   
                                                                    
 
                                                                    
-
                                                                    1.4 Control Message Commands
                                                                    
+
                                                                    1.4 Control Message Commands
                                                                    
 
 
                                                                    Association IDs are used to identify system, peer and clock variables.
 System variables are assigned an association ID of zero and system name space,
 while each association is assigned a nonzero association ID and peer namespace.
 Most control commands send a single mode-6 message to the server
 and expect a single response message.
-The exceptions are the peers command,
+The exceptions are the peers command,
 which sends a series of messages,
-and the mreadlist and mreadvar commands,
+and the mreadlist and mreadvar commands,
 which iterate over a range of associations.
 
                                                                    
-
                                                                    
-
                                                                    associations
                                                                    
+
                                                                    
+
                                                                    associations
                                                                    
 
                                                                    Display a list of mobilized associations in the form:
 
                                                                    
-ind assid status conf reach auth condition last_event cnt
+ind assid status conf reach auth condition last_event cnt
 
                                                                    
-
+
                                                                    
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
                                                                    
 
                                                                    VariableDescription
                                                                    indindex on this list
                                                                    assidassociation ID
                                                                    statuspeer status word
                                                                    confyes: persistent, no: ephemeral
                                                                    reachyes: reachable, no: unreachable
                                                                    authok, yes, bad and none
                                                                    conditionselection status (see the select field of the peer status word)
                                                                    last_eventevent report (see the event field of the peer status word)
                                                                    cnt
-event count (see the count field of the peer status word)
                                                                    indindex on this list
                                                                    assidassociation ID
                                                                    statuspeer status word
                                                                    confyes: persistent, no: ephemeral
                                                                    reachyes: reachable, no: unreachable
                                                                    authok, yes, bad and none
                                                                    conditionselection status (see the select field of the peer status word)
                                                                    last_eventevent report (see the event field of the peer status word)
                                                                    cnt
+event count (see the count field of the peer status word)
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    clockvar assocID [name [ = value [...]] [...]]
                                                                    
-
                                                                    cv assocID [name [ = value [...] ][...]]
                                                                    
+
                                                                    clockvar assocID [name [ = value [...]] [...]]
                                                                    
+
                                                                    cv assocID [name [ = value [...] ][...]]
                                                                    
 
                                                                    Display a list of ‘clock variables’ for those associations supporting a reference clock.
 
                                                                    
 
                                                                    
-
                                                                    :config [...]
                                                                    
+
                                                                    :config [...]
                                                                    
 
                                                                    Send the remainder of the command line, including whitespace, to the server
 as a run-time configuration command in the same format
 as the configuration file.
@@ -1765,131 +1746,133 @@ This command is experimental until further notice and clarification.
 Authentication is of course required.
 
                                                                    
 
                                                                    
-
                                                                    config-from-file filename
                                                                    
-
                                                                    Send the each line of filename to the server as
+
                                                                    config-from-file filename
                                                                    
+
                                                                    Send the each line of filename to the server as
 run-time configuration commands in the same format as the configuration file.
 This command is experimental until further notice and clarification.
 Authentication is required.
 
                                                                    
 
                                                                    
-
                                                                    ifstats
                                                                    
+
                                                                    ifstats
                                                                    
 
                                                                    Display statistics for each local network address.
 Authentication is required.
 
                                                                    
 
                                                                    
-
                                                                    iostats
                                                                    
+
                                                                    iostats
                                                                    
 
                                                                    Display network and reference clock I/O statistics.
 
                                                                    
 
                                                                    
-
                                                                    kerninfo
                                                                    
+
                                                                    kerninfo
                                                                    
 
                                                                    Display kernel loop and PPS statistics.
 As with other ntpq output, times are in milliseconds.
 The precision value displayed is in milliseconds as well,
 unlike the precision system variable.
 
                                                                    
 
                                                                    
-
                                                                    lassociations
                                                                    
+
                                                                    lassociations
                                                                    
 
                                                                    Perform the same function as the associations command,
 except display mobilized and unmobilized associations.
 
                                                                    
 
                                                                    
-
                                                                    monstats
                                                                    
+
                                                                    monstats
                                                                    
 
                                                                    Display monitor facility statistics.
 
                                                                    
 
                                                                    
-
                                                                    mrulist [limited | kod | mincount=count | laddr=localaddr | sort=sortorder | resany=hexmask | resall=hexmask]
                                                                    
+
                                                                    mrulist [limited | kod | mincount=count | laddr=localaddr | sort=sortorder | resany=hexmask | resall=hexmask]
                                                                    
 
                                                                    Obtain and print traffic counts collected and maintained by
 the monitor facility.
-With the exception of sort=sortorder,
-the options filter the list returned by ntpd.
-The limited and kod options return only entries
+With the exception of sort=sortorder,
+the options filter the list returned by ntpd.
+The limited and kod options return only entries
 representing client addresses from which the last packet received
 triggered either discarding or a KoD response.
-The mincount=count option filters entries representing
-less than count packets.
-The laddr=localaddr option filters entries for packets
-received on any local address other than localaddr.
-resany=hexmask and resall=hexmask
+The mincount=count option filters entries representing
+less than count packets.
+The laddr=localaddr option filters entries for packets
+received on any local address other than localaddr.
+resany=hexmask and resall=hexmask
 filter entries containing none or less than all, respectively,
-of the bits in hexmask, which must begin with 0x.
+of the bits in hexmask, which must begin with 0x.
 
                                                                    
-The sortorder defaults to lstint and may be any of
-addr, count, avgint, lstint, or
+The sortorder defaults to lstint and may be any of
+addr, count, avgint, lstint, or
 any of those preceded by a minus sign (hyphen) to reverse the sort order.
 The output columns are:
 
                                                                    
-
+
                                                                    
-
-
-
+
+
-
-
-
-
-
-
+
+
+
+
+
                                                                    
 
                                                                    ColumnDescription
                                                                    lstintInterval in s between the receipt of the most recent packet from this
-address and the completion of the retrieval of the MRU list by ntpq
                                                                    avgintAverage interval in s between packets from this address.
                                                                    rstrRestriction flags associated with this address.
-Most are copied unchanged from the matching restrict command,
+
                                                                    lstintInterval in s between the receipt of the most recent packet from this
+address and the completion of the retrieval of the MRU list by ntpq
                                                                    avgintAverage interval in s between packets from this address.
                                                                    rstrRestriction flags associated with this address.
+Most are copied unchanged from the matching restrict command,
 however 0x400 (kod) and 0x20 (limited) flags are cleared unless
 the last packet from this address triggered a rate control response.
                                                                    rRate control indicator, either a period, L or K for
+
                                                                    rRate control indicator, either a period, L or K for
 no rate control response, rate limiting by discarding, or
 rate limiting with a KoD response, respectively.
                                                                    mPacket mode.
                                                                    vPacket version number.
                                                                    countPackets received from this address.
                                                                    rportSource port of last packet from this address.
                                                                    remote addressDNS name, numeric address, or address followed by claimed DNS name which
+
                                                                    mPacket mode.
                                                                    vPacket version number.
                                                                    countPackets received from this address.
                                                                    rportSource port of last packet from this address.
                                                                    remote addressDNS name, numeric address, or address followed by claimed DNS name which
 could not be verified in parentheses.
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    mreadvar assocID assocID [ variable_name [ = value[ ... ]
                                                                    
-
                                                                    mrv assocID assocID [ variable_name [ = value[ ... ]
                                                                    
-
                                                                    Perform the same function as the readvar command,
+
                                                                    mreadvar assocID assocID [ variable_name [ = value[ ... ]
                                                                    
+
                                                                    mrv assocID assocID [ variable_name [ = value[ ... ]
                                                                    
+
                                                                    Perform the same function as the readvar command,
 except for a range of association IDs.
 This range is determined from the association list cached by
-the most recent associations command.
+the most recent associations command.
 
                                                                    
 
                                                                    
-
                                                                    passociations
                                                                    
-
                                                                    Perform the same function as the associations command, except that
+
                                                                    passociations
                                                                    
+
                                                                    Perform the same function as the associations command, except that
 it uses previously stored data rather than making a new query.
 
                                                                    
 
                                                                    
-
                                                                    peers
                                                                    
+
                                                                    peers
                                                                    
 
                                                                    Display a list of peers in the form:
 
                                                                    
-[tally]remote refid st t when pool reach delay offset jitter
+[tally]remote refid st t when pool reach delay offset jitter
 
                                                                    
-
+
                                                                    
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
                                                                    
 
                                                                    VariableDescription
                                                                    [tally]single-character code indicating current value of the select field
-of the peer status word.
                                                                    remotehost name (or IP number) of peer
                                                                    refidassociation ID or kiss code.
                                                                    ststratum
                                                                    tu: unicast or manycast client,
-b: broadcast or multicast client,
-l: local (reference clock),
-s: symmetric (peer),
-A: manycast server,
-B: broadcast server,
-M: multicast server.
                                                                    whensec/min/hr since last received packet
                                                                    pollpoll interval (log(2) s)
                                                                    reachreach shift register (octal)
                                                                    delayroundtrip delay
                                                                    offsetoffset of server relative to this host
                                                                    jitterjitter
                                                                    [tally]single-character code indicating current value of the select field
+of the peer status word.
                                                                    remotehost name (or IP number) of peer
                                                                    refidassociation ID or kiss code.
                                                                    ststratum
                                                                    tu: unicast or manycast client,
+b: broadcast or multicast client,
+l: local (reference clock),
+s: symmetric (peer),
+A: manycast server,
+B: broadcast server,
+M: multicast server.
                                                                    whensec/min/hr since last received packet
                                                                    pollpoll interval (log(2) s)
                                                                    reachreach shift register (octal)
                                                                    delayroundtrip delay
                                                                    offsetoffset of server relative to this host
                                                                    jitterjitter
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    readvar assocID name [ = value ] [,...]
                                                                    
-
                                                                    rv assocID [ name ] [,...]
                                                                    
+
                                                                    readvar assocID name [ = value ] [,...]
                                                                    
+
                                                                    rv assocID [ name ] [,...]
                                                                    
 
                                                                    Display the specified variables.
-If assocID is zero,
+If assocID is zero,
 the variables are from the ‘system variables’ name space,
 otherwise they are from the ‘peer variables’ name space.
-The assocID is required, as the same name can occur in both spaces.
-If no name is included,
+The assocID is required, as the same name can occur in both spaces.
+If no name is included,
 all operative variables in the name space are displayed.
-In this case only, if the assocID is omitted, it is assumed zero.
+In this case only, if the assocID is omitted, it is assumed zero.
 Multiple names are specified with comma separators and without whitespace.
 Note that time values are represented in milliseconds and
 frequency values in parts-per-million (PPM).
@@ -1898,102 +1881,107 @@ where YYYY is the year, MM the month of year, DD the day of month and
 TTTT the time of day.
 
                                                                    
 
                                                                    
-
                                                                    saveconfig filename
                                                                    
+
                                                                    saveconfig filename
                                                                    
 
                                                                    Write the current configuration, including any runtime modifications
-given with :config or config-from-file,
-to the ntpd host’s file filename.
+given with :config or config-from-file,
+to the ntpd host’s file filename.
 This command will be rejected by the server unless
-saveconfigdir
-appears in the ntpd configuration file.
-filename can use strftime() format specifiers
+saveconfigdir
+appears in the ntpd configuration file.
+filename can use strftime() format specifiers
 to substitute the current date and time, for example,
-saveconfig ntp-%Y%m%d-%H%M%S.conf.
-The filename used is stored in system variable savedconfig.
+saveconfig ntp-%Y%m%d-%H%M%S.conf.
+The filename used is stored in system variable savedconfig.
 Authentication is required.
 
                                                                    
 
                                                                    
-
                                                                    writevar assocID name = value [,...]
                                                                    
+
                                                                    writevar assocID name = value [,...]
                                                                    
 
                                                                    Write the specified variables.
-If the assocID is zero, the variables are from the
+If the assocID is zero, the variables are from the
 ‘system variables’ name space, otherwise they are from the
 ‘peer variables’ name	space.
-The assocID is required,
+The assocID is required,
 as the same name can occur in both spaces.
 
                                                                    
 
                                                                    
-
                                                                    sysinfo
                                                                    
+
                                                                    sysinfo
                                                                    
 
                                                                    Display operational summary.
 
                                                                    
 
                                                                    
-
                                                                    sysstats
                                                                    
+
                                                                    sysstats
                                                                    
 
                                                                    Print statistics counters maintained in the protocol module.
 
                                                                    
 
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: Top   
                                                                    
+Next: , Previous: , Up: ntpq: Network Time Protocol Query User Manual   
                                                                    
 
                                                                    
-
                                                                    1.5 Status Words and Kiss Codes
                                                                    
+
                                                                    1.5 Status Words and Kiss Codes
                                                                    
 
 
                                                                    The current state of the operating program is shown
 in a set of status words maintained by the system
 and each association separately.
-These words are displayed in the rv and as commands
+These words are displayed in the rv and as commands
 both in hexadecimal and decoded short tip strings.
 The codes, tips and short explanations are on the
-Event Messages and Status Words page.
+Event Messages and Status Words page.
 The page also includes a list of system and peer messages,
 the code for the latest of which is included in the status word.
 
                                                                    
 
                                                                    Information resulting from protocol machine state transitions
 is displayed using an informal set of ASCII strings called
-kiss codes.
+kiss codes.
 The original purpose was for kiss-o’-death (KoD) packets sent
 by the server to advise the client of an unusual condition.
 They are now displayed, when appropriate,
 in the reference identifier field in various billboards.
 
                                                                    
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: Top   
                                                                    
+Next: , Previous: , Up: ntpq: Network Time Protocol Query User Manual   
                                                                    
 
                                                                    
-
                                                                    1.6 System Variables
                                                                    
+
                                                                    1.6 System Variables
                                                                    
 
-
                                                                    The following system variables appear in the rv billboard.
+
                                                                    The following system variables appear in the rv billboard.
 Not all variables are displayed in some configurations.
 
                                                                    
-
+
                                                                    
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
                                                                    
 
                                                                    VariableDescription
                                                                    statussystem status word
                                                                    versionNTP software version and build time
                                                                    processorhardware platform and version
                                                                    systemoperating system and version
                                                                    leapleap warning indicator (0-3)
                                                                    stratumstratum (1-15)
                                                                    precisionprecision (log(2) s)
                                                                    rootdelaytotal roundtrip delay to the primary reference clock
                                                                    rootdisptotal dispersion to the primary reference clock
                                                                    peersystem peer association ID
                                                                    tc
+
                                                                    statussystem status word
                                                                    versionNTP software version and build time
                                                                    processorhardware platform and version
                                                                    systemoperating system and version
                                                                    leapleap warning indicator (0-3)
                                                                    stratumstratum (1-15)
                                                                    precisionprecision (log(2) s)
                                                                    rootdelaytotal roundtrip delay to the primary reference clock
                                                                    rootdisptotal dispersion to the primary reference clock
                                                                    peersystem peer association ID
                                                                    tc
 time constant and poll exponent (log(2) s) (3-17)
                                                                    mintc
+
                                                                    mintc
 minimum time constant (log(2) s) (3-10)
                                                                    clockdate and time of day
                                                                    refid
-reference ID or kiss code
                                                                    reftimereference time
                                                                    offsetcombined offset of server relative to this host
                                                                    sys_jittercombined system jitter
                                                                    frequencyfrequency offset (PPM) relative to hardware clock
                                                                    clk_wanderclock frequency wander (PPM)
                                                                    clk_jitterclock jitter
                                                                    taiTAI-UTC offset (s)
                                                                    leapsecNTP seconds when the next leap second is/was inserted
                                                                    expireNTP seconds when the NIST leapseconds file expires
                                                                    clockdate and time of day
                                                                    refid
+reference ID or kiss code
                                                                    reftimereference time
                                                                    offsetcombined offset of server relative to this host
                                                                    sys_jittercombined system jitter
                                                                    frequencyfrequency offset (PPM) relative to hardware clock
                                                                    clk_wanderclock frequency wander (PPM)
                                                                    clk_jitterclock jitter
                                                                    taiTAI-UTC offset (s)
                                                                    leapsecNTP seconds when the next leap second is/was inserted
                                                                    expireNTP seconds when the NIST leapseconds file expires
                                                                    
 
                                                                    
 
 
                                                                    The jitter and wander statistics are exponentially-weighted RMS averages.
@@ -2004,57 +1992,61 @@ the clock jitter statistic is computed by the clock discipline module.
 additional system variables are displayed, including some or all of the
 following, depending on the particular Autokey dance:
 
                                                                    
-
+
                                                                    
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
                                                                    
 
                                                                    VariableDescription
                                                                    hostAutokey host name for this host
                                                                    identAutokey group name for this host
                                                                    flagshost flags  (see Autokey specification)
                                                                    digestOpenSSL message digest algorithm
                                                                    signatureOpenSSL digest/signature scheme
                                                                    updateNTP seconds at last signature update
                                                                    certcertificate subject, issuer and certificate flags
                                                                    untilNTP seconds when the certificate expires
                                                                    hostAutokey host name for this host
                                                                    identAutokey group name for this host
                                                                    flagshost flags  (see Autokey specification)
                                                                    digestOpenSSL message digest algorithm
                                                                    signatureOpenSSL digest/signature scheme
                                                                    updateNTP seconds at last signature update
                                                                    certcertificate subject, issuer and certificate flags
                                                                    untilNTP seconds when the certificate expires
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: Top   
                                                                    
+Next: , Previous: , Up: ntpq: Network Time Protocol Query User Manual   
                                                                    
 
                                                                    
-
                                                                    1.7 Peer Variables
                                                                    
+
                                                                    1.7 Peer Variables
                                                                    
 
-
                                                                    The following peer variables appear in the rv billboard
+
                                                                    The following peer variables appear in the rv billboard
 for each association.
 Not all variables are displayed in some configurations.
 
                                                                    
-
+
                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                    
 
                                                                    VariableDescription
                                                                    associdassociation ID
                                                                    statuspeer status word
                                                                    srcadrsource (remote) IP address and port
                                                                    dstadrdestination (local) IP address and port
                                                                    leapleap indicator (0-3)
                                                                    stratumstratum (0-15)
                                                                    precisionprecision (log(2) s)
                                                                    rootdelaytotal roundtrip delay to the primary reference clock
                                                                    rootdisptotal root dispersion to the primary reference clock
                                                                    refidreference ID or kiss code
                                                                    reftimereference time
                                                                    reachreach register (octal)
                                                                    unreachunreach counter
                                                                    hmodehost mode (1-6)
                                                                    pmodepeer mode (1-5)
                                                                    hpollhost poll exponent (log(2) s) (3-17)
                                                                    ppollpeer poll exponent (log(2) s) (3-17)
                                                                    headwayheadway (see Rate Management and the Kiss-o’-Death Packet)
                                                                    flashflash status word
                                                                    offsetfilter offset
                                                                    delayfilter delay
                                                                    dispersionfilter dispersion
                                                                    jitterfilter jitter
                                                                    identAutokey group name for this association
                                                                    biasunicast/broadcast bias
                                                                    xleaveinterleave delay (see NTP Interleaved Modes)
                                                                    associdassociation ID
                                                                    statuspeer status word
                                                                    srcadrsource (remote) IP address and port
                                                                    dstadrdestination (local) IP address and port
                                                                    leapleap indicator (0-3)
                                                                    stratumstratum (0-15)
                                                                    precisionprecision (log(2) s)
                                                                    rootdelaytotal roundtrip delay to the primary reference clock
                                                                    rootdisptotal root dispersion to the primary reference clock
                                                                    refidreference ID or kiss code
                                                                    reftimereference time
                                                                    reachreach register (octal)
                                                                    unreachunreach counter
                                                                    hmodehost mode (1-6)
                                                                    pmodepeer mode (1-5)
                                                                    hpollhost poll exponent (log(2) s) (3-17)
                                                                    ppollpeer poll exponent (log(2) s) (3-17)
                                                                    headwayheadway (see Rate Management and the Kiss-o’-Death Packet)
                                                                    flashflash status word
                                                                    offsetfilter offset
                                                                    delayfilter delay
                                                                    dispersionfilter dispersion
                                                                    jitterfilter jitter
                                                                    identAutokey group name for this association
                                                                    biasunicast/broadcast bias
                                                                    xleaveinterleave delay (see NTP Interleaved Modes)
                                                                    
 
                                                                    
 
 
                                                                    The bias variable is calculated when the first broadcast packet is received
@@ -2067,43 +2059,49 @@ packet.
 
                                                                    When the NTPv4 daemon is compiled with the OpenSSL software library,
 additional peer variables are displayed, including the following:
 
                                                                    
-
+
                                                                    
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
                                                                    
 
                                                                    VariableDescription
                                                                    flagspeer flags (see Autokey specification)
                                                                    hostAutokey server name
                                                                    flagspeer flags (see Autokey specification)
                                                                    signatureOpenSSL digest/signature scheme
                                                                    initsequenceinitial key ID
                                                                    initkeyinitial key index
                                                                    timestampAutokey signature timestamp
                                                                    flagspeer flags (see Autokey specification)
                                                                    hostAutokey server name
                                                                    flagspeer flags (see Autokey specification)
                                                                    signatureOpenSSL digest/signature scheme
                                                                    initsequenceinitial key ID
                                                                    initkeyinitial key index
                                                                    timestampAutokey signature timestamp
                                                                    
 
                                                                    
 
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Previous: , Up: Top   
                                                                    
+Previous: , Up: ntpq: Network Time Protocol Query User Manual   
                                                                    
 
                                                                    
-
                                                                    1.8 Clock Variables
                                                                    
+
                                                                    1.8 Clock Variables
                                                                    
 
-
                                                                    The following clock variables appear in the cv billboard for each association with a reference clock.  Not all variables are displayed in some configurations.
+
                                                                    The following clock variables appear in the cv billboard for each association with a reference clock.  Not all variables are displayed in some configurations.
 
                                                                    
-
+
                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
                                                                    
 
                                                                    VariableDescription
                                                                    associdassociation ID
                                                                    statusclock status word
                                                                    devicedevice description
                                                                    timecodeASCII time code string (specific to device)
                                                                    pollpoll messages sent
                                                                    noreplyno reply
                                                                    badformatbad format
                                                                    baddatabad date or time
                                                                    fudgetime1fudge time 1
                                                                    fudgetime2fudge time 2
                                                                    stratumdriver stratum
                                                                    refiddriver reference ID
                                                                    flagsdriver flags
                                                                    associdassociation ID
                                                                    statusclock status word
                                                                    devicedevice description
                                                                    timecodeASCII time code string (specific to device)
                                                                    pollpoll messages sent
                                                                    noreplyno reply
                                                                    badformatbad format
                                                                    baddatabad date or time
                                                                    fudgetime1fudge time 1
                                                                    fudgetime2fudge time 2
                                                                    stratumdriver stratum
                                                                    refiddriver reference ID
                                                                    flagsdriver flags
                                                                    
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
 
 
diff --git a/ntpq/ntpq.man.in b/ntpq/ntpq.man.in
index 12c085baf..cbdeac782 100644
--- a/ntpq/ntpq.man.in
+++ b/ntpq/ntpq.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpq @NTPQ_MS@ "06 Jun 2023" "4.2.8p17" "User Commands"
+.TH ntpq @NTPQ_MS@ "07 Jan 2024" "4.2.8p17" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:38:15 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:34:55 AM by AutoGen 5.18.16
 .\" From the definitions ntpq-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -1585,7 +1585,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpq/ntpq.mdoc.in b/ntpq/ntpq.mdoc.in
index d5ace4c4f..520a852ba 100644
--- a/ntpq/ntpq.mdoc.in
+++ b/ntpq/ntpq.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTPQ @NTPQ_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:38:10 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:51 AM by AutoGen 5.18.16
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -1051,7 +1051,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpsnmpd/invoke-ntpsnmpd.texi b/ntpsnmpd/invoke-ntpsnmpd.texi
index 3f99a3f35..8a3d34859 100644
--- a/ntpsnmpd/invoke-ntpsnmpd.texi
+++ b/ntpsnmpd/invoke-ntpsnmpd.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpsnmpd.texi)
 #
-# It has been AutoGen-ed  June  6, 2023 at 04:38:20 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  7, 2024 at 12:35:00 AM by AutoGen 5.18.16
 # From the definitions    ntpsnmpd-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -47,7 +47,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p16
+ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p17
 Usage:  ntpsnmpd [ - [] | --[@{=| @}] ]...
   Flg Arg Option-Name    Description
    -n no  nofork         Do not fork
diff --git a/ntpsnmpd/ntpsnmpd-opts.c b/ntpsnmpd/ntpsnmpd-opts.c
index f13108da1..75975860f 100644
--- a/ntpsnmpd/ntpsnmpd-opts.c
+++ b/ntpsnmpd/ntpsnmpd-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.c)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:38:17 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:36:04 AM by AutoGen 5.18.16
  *  From the definitions    ntpsnmpd-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpsnmpd program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -67,7 +67,7 @@ extern FILE * option_usage_fp;
  */
 static char const ntpsnmpd_opt_strs[1614] =
 /*     0 */ "ntpsnmpd 4.2.8p17\n"
-            "Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+            "Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -560,7 +560,7 @@ static void bogus_function(void) {
    */
   /* referenced via ntpsnmpdOptions.pzCopyright */
   puts(_("ntpsnmpd 4.2.8p17\n\
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
diff --git a/ntpsnmpd/ntpsnmpd-opts.h b/ntpsnmpd/ntpsnmpd-opts.h
index d5239d2e3..d3af1d7cf 100644
--- a/ntpsnmpd/ntpsnmpd-opts.h
+++ b/ntpsnmpd/ntpsnmpd-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.h)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:38:16 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:36:04 AM by AutoGen 5.18.16
  *  From the definitions    ntpsnmpd-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpsnmpd program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
diff --git a/ntpsnmpd/ntpsnmpd.1ntpsnmpdman b/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
index 29f12c6c9..da5659b7e 100644
--- a/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
+++ b/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpsnmpd 1ntpsnmpdman "06 Jun 2023" "4.2.8p17" "User Commands"
+.TH ntpsnmpd 1ntpsnmpdman "07 Jan 2024" "4.2.8p17" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:38:21 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:35:01 AM by AutoGen 5.18.16
 .\" From the definitions ntpsnmpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -138,7 +138,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .NOP  "Heiko Gerstung" 
 .br
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc b/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
index be353c746..2f902b845 100644
--- a/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
+++ b/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTPSNMPD 1ntpsnmpdmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:38:18 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:58 AM by AutoGen 5.18.16
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -110,7 +110,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh AUTHORS
 .An "Heiko Gerstung"
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpsnmpd/ntpsnmpd.html b/ntpsnmpd/ntpsnmpd.html
index e31de98c7..665d3a70c 100644
--- a/ntpsnmpd/ntpsnmpd.html
+++ b/ntpsnmpd/ntpsnmpd.html
@@ -1,6 +1,6 @@
-
+
 
-
+
 
 
 ntpsnmpd: Network Time Protocol SNMP Daemon User’s Manual
@@ -10,24 +10,17 @@
 
 
 
+
+
 
 
+
+
 
 
@@ -35,65 +28,59 @@ ul.no-bullet {list-style: none}
 
 
 
-
                                                                    ntpsnmpd: Network Time Protocol SNMP Daemon User’s Manual
                                                                    
 
 
 
 
 
-
-
                                                                    Short Table of Contents
                                                                    
 
-
                                                                    
-
-
                                                                    
-
-
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: (dir)   
                                                                    
+Next: , Previous: , Up: (dir)   
                                                                    
 
                                                                    
-
                                                                    ntpsnmpd: Network Time Protocol Query User Manual
                                                                    
+
                                                                    ntpsnmpd: Network Time Protocol Query User Manual
                                                                    
 
-
                                                                    The ntpsnmpd utility program is used to monitor NTP daemon ntpd
+
                                                                    The ntpsnmpd utility program is used to monitor NTP daemon ntpd
 operations and determine performance.  It uses the standard NTP mode 6 control
 
                                                                    
-
                                                                    This document applies to version 4.2.8p17 of ntpsnmpd.
+
                                                                    This document applies to version 4.2.8p17 of ntpsnmpd.
 
                                                                    
-
-
-
-
-
                                                                    ntpsnmpd Description  Description
-
                                                                    • ntpsnmpd Invocation  Invoking ntpsnmpd
-
                                                                    Usage  Usage
-
                                                                    
 
+
                                                                    
+
                                                                    Short Table of Contents
                                                                    
+
+
                                                                    
+
+
                                                                    
+
                                                                    
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: Top   
                                                                    
+Next: , Previous: , Up: ntpsnmpd: Network Time Protocol Query User Manual   
                                                                    
 
                                                                    
-
                                                                    1 Description
                                                                    
+
                                                                    1 Description
                                                                    
 
-
                                                                    The ntpsnmpd utility program provides an SNMP MIB agent for ntpd.
+
                                                                    The ntpsnmpd utility program provides an SNMP MIB agent for ntpd.
 
                                                                    
-
-
-
                                                                    Usage  
-
                                                                    
-
+
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Previous: , Up: Top   
                                                                    
+Previous: , Up: ntpsnmpd: Network Time Protocol Query User Manual   
                                                                    
 
                                                                    
-
                                                                    1.1 Usage
                                                                    
+
                                                                    1.1 Usage
                                                                    
 
 
                                                                    (what should we say here?)
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
 
 
diff --git a/ntpsnmpd/ntpsnmpd.man.in b/ntpsnmpd/ntpsnmpd.man.in
index 7080d07b3..ecdde647f 100644
--- a/ntpsnmpd/ntpsnmpd.man.in
+++ b/ntpsnmpd/ntpsnmpd.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpsnmpd @NTPSNMPD_MS@ "06 Jun 2023" "4.2.8p17" "User Commands"
+.TH ntpsnmpd @NTPSNMPD_MS@ "07 Jan 2024" "4.2.8p17" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:38:21 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:35:01 AM by AutoGen 5.18.16
 .\" From the definitions ntpsnmpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -138,7 +138,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .NOP  "Heiko Gerstung" 
 .br
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/ntpsnmpd/ntpsnmpd.mdoc.in b/ntpsnmpd/ntpsnmpd.mdoc.in
index b0f89d34b..2d1da65fa 100644
--- a/ntpsnmpd/ntpsnmpd.mdoc.in
+++ b/ntpsnmpd/ntpsnmpd.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTPSNMPD @NTPSNMPD_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:38:18 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:34:58 AM by AutoGen 5.18.16
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -110,7 +110,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh AUTHORS
 .An "Heiko Gerstung"
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman b/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
index e1d2216c3..6994a9858 100644
--- a/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
+++ b/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH calc_tickadj 1calc_tickadjman "06 Jun 2023" "ntp (4.2.8p17)" "User Commands"
+.TH calc_tickadj 1calc_tickadjman "06 Jan 2024" "ntp (4.2.8p17)" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:39:10 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 6, 2024 at 03:50:36 AM by AutoGen 5.18.16
 .\" From the definitions calc_tickadj-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc b/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
index 71507c329..ea4283372 100644
--- a/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
+++ b/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt CALC_TICKADJ 1calc_tickadjmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (calc_tickadj-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:39:12 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:32:50 AM by AutoGen 5.18.16
 .\"  From the definitions    calc_tickadj-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/scripts/calc_tickadj/calc_tickadj.html b/scripts/calc_tickadj/calc_tickadj.html
index fb583099b..f5c0d9bd0 100644
--- a/scripts/calc_tickadj/calc_tickadj.html
+++ b/scripts/calc_tickadj/calc_tickadj.html
@@ -1,6 +1,6 @@
 
 
-
+
 
 
 calc_tickadj User’s Manual
@@ -16,14 +16,23 @@
 
+
 
 
 Ntp-wait User’s Manual
@@ -10,24 +10,17 @@
 
 
 
+
+
 
 
+
 
 
@@ -35,117 +28,95 @@ ul.no-bullet {list-style: none}
 
 
 
-
                                                                    Ntp-wait User’s Manual
                                                                    
 
 
 
 
 
-
                                                                    
+
                                                                    
 
                                                                    
 Previous: , Up: (dir)   
                                                                    
 
                                                                    
-
                                                                    Top
                                                                    
+
                                                                    Top
                                                                    
 
-
                                                                    This document describes the use of the NTP Project’s ntp-wait program.
+
                                                                    This document describes the use of the NTP Project’s ntp-wait program.
 
                                                                    
 
                                                                    If there are time-sensitive applications,
 the proper sequence of events is to
-run ntpd -g as early as possible,
+run ntpd -g as early as possible,
 then invoke all of the non-time-sensitive process,
-run ntp-wait to block
+run ntp-wait to block
 until the system’s time has stabilized and synchronized,
 and only then start any applicaitons (like database servers) that require
 accurate and stable time.
 
                                                                    
-
                                                                    This document applies to version 4.2.8p17 of ntp-wait.
+
                                                                    This document applies to version 4.2.8p17 of ntp-wait.
 
                                                                    
-
-
                                                                    Short Table of Contents
                                                                    
-
-
                                                                    
-
                                                                  • 1 Invoking ntp-wait
                                                                    • 
-
-
                                                                    
 
 
-
-
-
-
                                                                    • ntp-wait Description  Description
-
                                                                    ntp-wait Invocation  Invoking ntp-wait
-
                                                                    
-
 
                                                                    
-
                                                                    
-
                                                                    
-Up: Top   
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-
                                                                    1 Invoking ntp-wait
                                                                    
-
-
+
                                                                    1 Invoking ntp-wait
                                                                    
+
+
 
 
 
-
                                                                    ntp-wait
+
                                                                    ntp-wait
 will send at most
-num-tries
+num-tries
 queries to
-ntpd(8),
+ntpd(8),
 sleeping for
-secs-between-tries
+secs-between-tries
 after each status return that says
-ntpd(8)
+ntpd(8)
 has not yet produced a synchronized and stable system clock.
 
                                                                    
-
                                                                    ntp-wait
+
                                                                    ntp-wait
 will do this quietly, unless the
--v
+-v
 flag is provided.
 This can be useful at boot time, to delay the boot sequence until after
-ntpd -g
+ntpd -g
 has set the time.
 
                                                                    
-
                                                                    This section was generated by AutoGen,
-using the agtexi-cmd template and the option descriptions for the ntp-wait program.
+
                                                                    This section was generated by AutoGen,
+using the agtexi-cmd template and the option descriptions for the ntp-wait program.
 
                                                                    
-
-
-
-
-
-
-
-
-
                                                                    ntp-wait usage  ntp-wait help/usage (--help)
-
                                                                    ntp-wait tries  tries option (-n)
-
                                                                    ntp-wait sleep  sleep option (-s)
-
                                                                    ntp-wait verbose  verbose option (-v)
-
                                                                    ntp-wait exit status  exit status
-
                                                                    ntp-wait Authors  Authors
-
                                                                    ntp-wait Notes  Notes
-
                                                                    
 
+
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Up: ntp-wait Invocation   
                                                                    
+Next: , Up: Invoking ntp-wait   
                                                                    
 
                                                                    
-
                                                                    1.1 ntp-wait help/usage (--help)
                                                                    
-
+
                                                                    1.1 ntp-wait help/usage (--help)
                                                                    
+
 
 
                                                                    This is the automatically generated usage text for ntp-wait.
 
                                                                    
-
                                                                    The text printed is the same whether selected with the help option
-(--help) or the more-help option (--more-help).  more-help will print
+
                                                                    The text printed is the same whether selected with the help option
+(--help) or the more-help option (--more-help).  more-help will print
 the usage text by passing it through a pager program.
-more-help is disabled on platforms without a working
-fork(2) function.  The PAGER environment variable is
-used to select the program, defaulting to more.  Both will exit
+more-help is disabled on platforms without a working
+fork(2) function.  The PAGER environment variable is
+used to select the program, defaulting to more.  Both will exit
 with a status code of 0.
 
                                                                    
 
                                                                    
-
                                                                    ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p17
+
                                                                    ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p17
 USAGE: ntp-wait [ -<flag> [<val>] | --<name>[{=| }<val>] ]... 
 
     -n, --tries=num              Number of times to check ntpd
@@ -159,69 +130,82 @@ hyphen and the flag character.
 
                                                                    
 
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: ntp-wait Invocation   
                                                                    
+Next: , Previous: , Up: Invoking ntp-wait   
                                                                    
 
                                                                    
-
                                                                    1.2 tries option (-n)
                                                                    
-
+
                                                                    1.2 tries option (-n)
                                                                    
+
 
 
                                                                    This is the “number of times to check ntpd” option.
 This option takes a number argument.
-        The maximum number of times we will check ntpd to see if
+        The maximum number of times we will check ntpd to see if
         it has been able to synchronize and stabilize the system clock.
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: ntp-wait Invocation   
                                                                    
+Next: , Previous: , Up: Invoking ntp-wait   
                                                                    
 
                                                                    
-
                                                                    1.3 sleep option (-s)
                                                                    
-
+
                                                                    1.3 sleep option (-s)
                                                                    
+
 
 
                                                                    This is the “how long to sleep between tries” option.
-This option takes a number argument secs-between-tries.
-        We will sleep for secs-between-tries after each query
-        of ntpd that returns "the time is not yet stable".
+This option takes a number argument secs-between-tries.
+        We will sleep for secs-between-tries after each query
+        of ntpd that returns "the time is not yet stable".
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: ntp-wait Invocation   
                                                                    
+Next: , Previous: , Up: Invoking ntp-wait   
                                                                    
 
                                                                    
-
                                                                    1.4 verbose option (-v)
                                                                    
-
+
                                                                    1.4 verbose option (-v)
                                                                    
+
 
 
                                                                    This is the “be verbose” option.
-        By default, ntp-wait is silent.
-        With this option, ntp-wait will provide status information.
+        By default, ntp-wait is silent.
+        With this option, ntp-wait will provide status information.
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: ntp-wait Invocation   
                                                                    
+Next: , Previous: , Up: Invoking ntp-wait   
                                                                    
 
                                                                    
-
                                                                    1.5 ntp-wait exit status
                                                                    
+
                                                                    1.5 ntp-wait exit status
                                                                    
 
 
                                                                    One of the following exit values will be returned:
-
                                                                    
-
                                                                    0 (EXIT_SUCCESS)
                                                                    
+
                                                                    
+
                                                                    0 (EXIT_SUCCESS)
                                                                    
 
                                                                    Successful program execution.
 
                                                                    
-
                                                                    1 (EXIT_FAILURE)
                                                                    
+
                                                                    1 (EXIT_FAILURE)
                                                                    
 
                                                                    The operation failed or the command syntax was not valid.
 
                                                                    
 
                                                                    
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: ntp-wait Invocation   
                                                                    
+Next: , Previous: , Up: Invoking ntp-wait   
                                                                    
 
                                                                    
-
                                                                    1.6 ntp-wait Authors
                                                                    
+
                                                                    1.6 ntp-wait Authors
                                                                    
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Previous: , Up: ntp-wait Invocation   
                                                                    
+Previous: , Up: Invoking ntp-wait   
                                                                    
+
                                                                    
+
                                                                    1.7 ntp-wait Notes
                                                                    
+
                                                                    
 
                                                                    
-
                                                                    1.7 ntp-wait Notes
                                                                    
-
                                                                    
 
 
 
diff --git a/scripts/ntp-wait/ntp-wait.man.in b/scripts/ntp-wait/ntp-wait.man.in
index 4e9b184b8..70bf96b4d 100644
--- a/scripts/ntp-wait/ntp-wait.man.in
+++ b/scripts/ntp-wait/ntp-wait.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp-wait @NTP_WAIT_MS@ "06 Jun 2023" "ntp (4.2.8p17)" "User Commands"
+.TH ntp-wait @NTP_WAIT_MS@ "06 Jan 2024" "ntp (4.2.8p17)" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:39:18 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 6, 2024 at 03:50:39 AM by AutoGen 5.18.16
 .\" From the definitions ntp-wait-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/scripts/ntp-wait/ntp-wait.mdoc.in b/scripts/ntp-wait/ntp-wait.mdoc.in
index 35e7a2ab0..388aaf1a9 100644
--- a/scripts/ntp-wait/ntp-wait.mdoc.in
+++ b/scripts/ntp-wait/ntp-wait.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTP_WAIT @NTP_WAIT_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp-wait-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:39:15 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:32:52 AM by AutoGen 5.18.16
 .\"  From the definitions    ntp-wait-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/scripts/ntpsweep/invoke-ntpsweep.texi b/scripts/ntpsweep/invoke-ntpsweep.texi
index d81aa76d2..0e1011f00 100644
--- a/scripts/ntpsweep/invoke-ntpsweep.texi
+++ b/scripts/ntpsweep/invoke-ntpsweep.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpsweep.texi)
 #
-# It has been AutoGen-ed  June  6, 2023 at 04:39:20 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  6, 2024 at 03:50:47 AM by AutoGen 5.18.16
 # From the definitions    ntpsweep-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
diff --git a/scripts/ntpsweep/ntpsweep-opts b/scripts/ntpsweep/ntpsweep-opts
index 61bfb3415..f302000e8 100644
--- a/scripts/ntpsweep/ntpsweep-opts
+++ b/scripts/ntpsweep/ntpsweep-opts
@@ -1,6 +1,6 @@
 # EDIT THIS FILE WITH CAUTION  (ntpsweep-opts)
 #
-# It has been AutoGen-ed  June  6, 2023 at 04:39:20 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  7, 2024 at 12:32:55 AM by AutoGen 5.18.16
 # From the definitions    ntpsweep-opts.def
 # and the template file   perlopt
 
diff --git a/scripts/ntpsweep/ntpsweep.1ntpsweepman b/scripts/ntpsweep/ntpsweep.1ntpsweepman
index e609f5412..486848a6a 100644
--- a/scripts/ntpsweep/ntpsweep.1ntpsweepman
+++ b/scripts/ntpsweep/ntpsweep.1ntpsweepman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpsweep 1ntpsweepman "06 Jun 2023" "ntp (4.2.8p17)" "User Commands"
+.TH ntpsweep 1ntpsweepman "06 Jan 2024" "ntp (4.2.8p17)" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:39:23 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 6, 2024 at 03:50:44 AM by AutoGen 5.18.16
 .\" From the definitions ntpsweep-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc b/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc
index 37b9e81f2..def7b9e64 100644
--- a/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc
+++ b/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 6 2024
 .Dt NTPSWEEP 1ntpsweepmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsweep-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:39:22 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  6, 2024 at 03:50:45 AM by AutoGen 5.18.16
 .\"  From the definitions    ntpsweep-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/scripts/ntpsweep/ntpsweep.html b/scripts/ntpsweep/ntpsweep.html
index bca4b0298..f82d380d2 100644
--- a/scripts/ntpsweep/ntpsweep.html
+++ b/scripts/ntpsweep/ntpsweep.html
@@ -1,6 +1,6 @@
 
 
-
+
 
 
 ntpsweep User’s Manual
@@ -16,14 +16,23 @@
 
+
 
 
 Ntptrace User’s Manual
@@ -10,24 +10,17 @@
 
 
 
+
+
 
 
+
 
 
@@ -35,48 +28,43 @@ ul.no-bullet {list-style: none}
 
 
 
-
                                                                    Ntptrace User’s Manual
                                                                    
 
 
 
 
 
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
 Previous: , Up: (dir)   
                                                                    
 
                                                                    
-
                                                                    Simple Network Time Protocol User Manual
                                                                    
+
                                                                    Simple Network Time Protocol User Manual
                                                                    
 
-
                                                                    This document describes the use of the NTP Project’s ntptrace program.
-This document applies to version 4.2.8p17 of ntptrace.
+
                                                                    This document describes the use of the NTP Project’s ntptrace program.
+This document applies to version 4.2.8p17 of ntptrace.
 
                                                                    
-
+
+
+
                                                                    
 
                                                                    Short Table of Contents
                                                                    
 
 
                                                                    
-
                                                                    
-
-
-
-
-
-
                                                                    • ntptrace Description  Description
-
                                                                    ntptrace Invocation  Invoking ntptrace
-
                                                                    
-
+
                                                                    
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Up: Top   
                                                                    
+Up: Simple Network Time Protocol User Manual   
                                                                    
 
                                                                    
-
                                                                    1 Invoking ntptrace
                                                                    
-
-
+
                                                                    1 Invoking ntptrace
                                                                    
+
+
 
-
                                                                    ntptrace is a perl script that uses the ntpq utility program to follow
+
                                                                    ntptrace is a perl script that uses the ntpq utility program to follow
 the chain of NTP servers from a given host back to the primary time source. For
 ntptrace to work properly, each of these servers must implement the NTP Control
 and Monitoring Protocol specified in RFC 1305 and enable NTP Mode 6 packets.
@@ -85,14 +73,14 @@ and Monitoring Protocol specified in RFC 1305 and enable NTP Mode 6 packets.
 the output from ntptrace:
 
                                                                    
 
                                                                    
-
                                                                    % ntptrace localhost: stratum 4, offset 0.0019529, synch distance 0.144135
+
                                                                    % ntptrace localhost: stratum 4, offset 0.0019529, synch distance 0.144135
 server2ozo.com: stratum 2, offset 0.0124263, synch distance 0.115784 usndh.edu:
 stratum 1, offset 0.0019298, synch distance 0.011993, refid 'WWVB'
 
                                                                    
 
 
                                                                    On each line, the fields are (left to right): the host name, the host stratum,
 the time offset between that host and the local host (as measured by
-ntptrace; this is why it is not always zero for "localhost"), the host
+ntptrace; this is why it is not always zero for "localhost"), the host
 synchronization distance, and (only for stratum-1 servers) the reference clock
 ID. All times are given in seconds. Note that the stratum is the server hop
 count to the primary source, while the synchronization distance is the
@@ -100,42 +88,34 @@ estimated error relative to the primary source. These terms are precisely
 defined in RFC-1305.
 
                                                                    
 
-
                                                                    This section was generated by AutoGen,
-using the agtexi-cmd template and the option descriptions for the ntptrace program.
+
                                                                    This section was generated by AutoGen,
+using the agtexi-cmd template and the option descriptions for the ntptrace program.
 
                                                                    
-
-
-
-
-
-
-
                                                                    ntptrace usage  ntptrace help/usage (--help)
-
                                                                    ntptrace numeric  numeric option (-n)
-
                                                                    ntptrace max-hosts  max-hosts option (-m)
-
                                                                    ntptrace host  host option (-r)
-
                                                                    ntptrace exit status  exit status
-
                                                                    
 
+
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Up: ntptrace Invocation   
                                                                    
+Up: Invoking ntptrace   
                                                                    
 
                                                                    
-
                                                                    1.1 ntptrace help/usage (--help)
                                                                    
-
+
                                                                    1.1 ntptrace help/usage (--help)
                                                                    
+
 
 
                                                                    This is the automatically generated usage text for ntptrace.
 
                                                                    
-
                                                                    The text printed is the same whether selected with the help option
-(--help) or the more-help option (--more-help).  more-help will print
+
                                                                    The text printed is the same whether selected with the help option
+(--help) or the more-help option (--more-help).  more-help will print
 the usage text by passing it through a pager program.
-more-help is disabled on platforms without a working
-fork(2) function.  The PAGER environment variable is
-used to select the program, defaulting to more.  Both will exit
+more-help is disabled on platforms without a working
+fork(2) function.  The PAGER environment variable is
+used to select the program, defaulting to more.  Both will exit
 with a status code of 0.
 
                                                                    
 
                                                                    
-
                                                                    ntptrace - Trace peers of an NTP server - Ver. 4.2.8p17
+
                                                                    ntptrace - Trace peers of an NTP server - Ver. 4.2.8p17
 USAGE: ntptrace [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [host]
 
     -n, --numeric                Print IP addresses instead of hostnames
@@ -148,67 +128,72 @@ Options are specified by doubled hyphens and their name or by a single
 hyphen and the flag character.
 
                                                                    
 
-
-
-
-
-
-
                                                                    numeric option (-n)  
-
                                                                    max-hosts option (-m)  
-
                                                                    host option (-r)  
-
                                                                    ntptrace exit status  
-
                                                                    
-
+
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: ntptrace usage   
                                                                    
+Next: , Up: ntptrace help/usage (--help)   
                                                                    
 
                                                                    
-
                                                                    1.1.1 numeric option (-n)
                                                                    
-
+
                                                                    1.1.1 numeric option (-n)
                                                                    
+
 
 
                                                                    This is the “print ip addresses instead of hostnames” option.
 Output hosts as dotted-quad numeric format rather than converting to
 the canonical host names.
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: ntptrace usage   
                                                                    
+Next: , Previous: , Up: ntptrace help/usage (--help)   
                                                                    
 
                                                                    
-
                                                                    1.1.2 max-hosts option (-m)
                                                                    
-
+
                                                                    1.1.2 max-hosts option (-m)
                                                                    
+
 
 
                                                                    This is the “maximum number of peers to trace” option.
 This option takes a number argument.
-This option has no ‘doc’ documentation.
+This option has no ‘doc’ documentation.
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: ntptrace usage   
                                                                    
+Next: , Previous: , Up: ntptrace help/usage (--help)   
                                                                    
 
                                                                    
-
                                                                    1.1.3 host option (-r)
                                                                    
-
+
                                                                    1.1.3 host option (-r)
                                                                    
+
 
 
                                                                    This is the “single remote host” option.
 This option takes a string argument.
-This option has no ‘doc’ documentation.
+This option has no ‘doc’ documentation.
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Previous: , Up: ntptrace usage   
                                                                    
+Previous: , Up: ntptrace help/usage (--help)   
                                                                    
 
                                                                    
-
                                                                    1.1.4 ntptrace exit status
                                                                    
+
                                                                    1.1.4 ntptrace exit status
                                                                    
 
 
                                                                    One of the following exit values will be returned:
-
                                                                    
-
                                                                    0 (EXIT_SUCCESS)
                                                                    
+
                                                                    
+
                                                                    0 (EXIT_SUCCESS)
                                                                    
 
                                                                    Successful program execution.
 
                                                                    
-
                                                                    1 (EXIT_FAILURE)
                                                                    
+
                                                                    1 (EXIT_FAILURE)
                                                                    
 
                                                                    The operation failed or the command syntax was not valid.
 
                                                                    
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
 
 
diff --git a/scripts/ntptrace/ntptrace.man.in b/scripts/ntptrace/ntptrace.man.in
index db4e5ab6c..4977fe386 100644
--- a/scripts/ntptrace/ntptrace.man.in
+++ b/scripts/ntptrace/ntptrace.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntptrace @NTPTRACE_MS@ "06 Jun 2023" "ntp (4.2.8p17)" "User Commands"
+.TH ntptrace @NTPTRACE_MS@ "06 Jan 2024" "ntp (4.2.8p17)" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:39:28 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 6, 2024 at 03:50:48 AM by AutoGen 5.18.16
 .\" From the definitions ntptrace-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/scripts/ntptrace/ntptrace.mdoc.in b/scripts/ntptrace/ntptrace.mdoc.in
index 1d64345f1..1282e500a 100644
--- a/scripts/ntptrace/ntptrace.mdoc.in
+++ b/scripts/ntptrace/ntptrace.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTPTRACE @NTPTRACE_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntptrace-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:39:25 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:32:55 AM by AutoGen 5.18.16
 .\"  From the definitions    ntptrace-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/scripts/plot_summary-opts b/scripts/plot_summary-opts
index 10e2fdfae..6e64e2efa 100644
--- a/scripts/plot_summary-opts
+++ b/scripts/plot_summary-opts
@@ -1,6 +1,6 @@
 # EDIT THIS FILE WITH CAUTION  (plot_summary-opts)
 #
-# It has been AutoGen-ed  June  6, 2023 at 04:39:35 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  7, 2024 at 12:33:00 AM by AutoGen 5.18.16
 # From the definitions    plot_summary-opts.def
 # and the template file   perlopt
 
diff --git a/scripts/plot_summary.1plot_summaryman b/scripts/plot_summary.1plot_summaryman
index 14bc32021..3fa10fa61 100644
--- a/scripts/plot_summary.1plot_summaryman
+++ b/scripts/plot_summary.1plot_summaryman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH plot_summary 1plot_summaryman "06 Jun 2023" "ntp (4.2.8p17)" "User Commands"
+.TH plot_summary 1plot_summaryman "06 Jan 2024" "ntp (4.2.8p17)" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:39:37 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 6, 2024 at 03:50:28 AM by AutoGen 5.18.16
 .\" From the definitions plot_summary-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/scripts/plot_summary.1plot_summarymdoc b/scripts/plot_summary.1plot_summarymdoc
index 338e8e5de..36e680073 100644
--- a/scripts/plot_summary.1plot_summarymdoc
+++ b/scripts/plot_summary.1plot_summarymdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 6 2024
 .Dt PLOT_SUMMARY 1plot_summarymdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (plot_summary-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:39:38 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  6, 2024 at 03:50:30 AM by AutoGen 5.18.16
 .\"  From the definitions    plot_summary-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/scripts/plot_summary.html b/scripts/plot_summary.html
index fc944c708..4be5622f5 100644
--- a/scripts/plot_summary.html
+++ b/scripts/plot_summary.html
@@ -1,6 +1,6 @@
 
 
-
+
 
 
 Plot_summary User’s Manual
@@ -16,14 +16,23 @@
 
+
 
 
 Summary User’s Manual
@@ -16,14 +16,23 @@
 
+
 
 
 update-leap User’s Manual
@@ -16,14 +16,23 @@
 
+
 
 
 Sntp User’s Manual
@@ -10,24 +10,19 @@
 
 
 
+
+
 
 
+
+
 
 
@@ -35,60 +30,53 @@ ul.no-bullet {list-style: none}
 
 
 
-
                                                                    Sntp User’s Manual
                                                                    
 
 
 
 
 
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: (dir)   
                                                                    
+Next: , Previous: , Up: (dir)   
                                                                    
 
                                                                    
-
                                                                    Simple Network Time Protocol User Manual
                                                                    
+
                                                                    Simple Network Time Protocol User Manual
                                                                    
 
-
                                                                    This document describes the use of the NTP Project’s sntp program,
+
                                                                    This document describes the use of the NTP Project’s sntp program,
 that can be used to query a Network Time Protocol (NTP) server and
 display the time offset of the system clock relative to the server
 clock.  Run as root, it can correct the system clock to this offset as
 well.  It can be run as an interactive command or from a cron job.
 
                                                                    
-
                                                                    This document applies to version 4.2.8p17 of sntp.
+
                                                                    This document applies to version 4.2.8p17 of sntp.
 
                                                                    
 
                                                                    The program implements the SNTP protocol as defined by RFC 5905, the NTPv4
 IETF specification.
 
                                                                    
-
+
+
+
                                                                    
 
                                                                    Short Table of Contents
                                                                    
 
 
                                                                    
-
                                                                    
-
-
-
-
-
-
-
                                                                    sntp Description  Description
-
                                                                    sntp Invocation  Invoking sntp
-
                                                                    Usage  Usage
-
                                                                    
-
+
                                                                    
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Up: Top   
                                                                    
+Up: Simple Network Time Protocol User Manual   
                                                                    
 
                                                                    
-
                                                                    1 Description
                                                                    
+
                                                                    1 Description
                                                                    
 
-
                                                                    By default, sntp writes the local data and time (i.e., not UTC) to the
+
                                                                    By default, sntp writes the local data and time (i.e., not UTC) to the
 standard output in the format:
 
                                                                    
 
                                                                    
-
                                                                    1996-10-15 20:17:25.123 (+0800) +4.567 +/- 0.089 secs
+
                                                                    1996-10-15 20:17:25.123 (+0800) +4.567 +/- 0.089 secs
 
                                                                    
 
 
                                                                    where
@@ -98,29 +86,27 @@ and
 the +4.567 +/- 0.089 secs indicates the time offset and
 error bound of the system clock relative to the server clock.
 
                                                                    
-
-
-
-
                                                                    Invoking sntp  
-
                                                                    Usage  
-
                                                                    
-
+
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: sntp Description   
                                                                    
+Next: , Up: Description   
                                                                    
 
                                                                    
-
                                                                    1.1 Invoking sntp
                                                                    
-
-
+
                                                                    1.1 Invoking sntp
                                                                    
+
+
 
 
 
-
                                                                    sntp
+
                                                                    sntp
 can be used as an SNTP client to query a NTP or SNTP server and either display
 the time or set the local system’s time (given suitable privilege).  It can be
 run as an interactive command or from a
-cron
+cron
 job.
 
                                                                    
 
                                                                    NTP (the Network Time Protocol) and SNTP (the Simple Network Time Protocol)
@@ -130,103 +116,85 @@ are defined and described by RFC 5905.
 
                                                                    The default is to write the estimated correct local date and time (i.e. not
 UTC) to the standard output in a format like:
 
                                                                    
-
                                                                    '1996-10-15 20:17:25.123 (+0800) +4.567 +/- 0.089 [host] IP sN'
+
                                                                    '1996-10-15 20:17:25.123 (+0800) +4.567 +/- 0.089 [host] IP sN'
 
                                                                    
 
                                                                    where the
-'(+0800)'
+'(+0800)'
 means that to get to UTC from the reported local time one must
 add 8 hours and 0 minutes,
 the
-'+4.567'
+'+4.567'
 indicates the local clock is 4.567 seconds behind the correct time
 (so 4.567 seconds must be added to the local clock to get it to be correct).
 Note that the number of decimals printed for this value will change
 based on the reported precision of the server.
-'+/- 0.089'
+'+/- 0.089'
 is the reported
-synchronization distance
+synchronization distance
 (in seconds), which represents the maximum error due to all causes.
 If the server does not report valid data needed to calculate the
 synchronization distance, this will be reported as
-'+/- ?'.
+'+/- ?'.
 If the
-host
+host
 is different from the
-IP,
+IP,
 both will be displayed.
 Otherwise, only the 
-IP
+IP
 is displayed.
 Finally, the
-stratum
+stratum
 of the host is reported
 and the leap indicator is decoded and displayed.
 
                                                                    
-
                                                                    This section was generated by AutoGen,
-using the agtexi-cmd template and the option descriptions for the sntp program.
+
                                                                    This section was generated by AutoGen,
+using the agtexi-cmd template and the option descriptions for the sntp program.
 This software is released under the NTP license, <http://ntp.org/license>.
 
                                                                    
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                    sntp usage  sntp help/usage (--help)
-
                                                                    sntp ipv4  ipv4 option (-4)
-
                                                                    sntp ipv6  ipv6 option (-6)
-
                                                                    sntp authentication  authentication option (-a)
-
                                                                    sntp broadcast  broadcast option (-b)
-
                                                                    sntp concurrent  concurrent option (-c)
-
                                                                    sntp gap  gap option (-g)
-
                                                                    sntp kod  kod option (-K)
-
                                                                    sntp keyfile  keyfile option (-k)
-
                                                                    sntp logfile  logfile option (-l)
-
                                                                    sntp steplimit  steplimit option (-M)
-
                                                                    sntp ntpversion  ntpversion option (-o)
-
                                                                    sntp usereservedport  usereservedport option (-r)
-
                                                                    sntp timeout  timeout option (-t)
-
                                                                    sntp wait  wait option
-
                                                                    sntp config  presetting/configuring sntp
-
                                                                    sntp exit status  exit status
-
                                                                    sntp Usage  Usage
-
                                                                    sntp Authors  Authors
-
                                                                    
 
+
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Up: sntp Invocation   
                                                                    
+Next: , Up: Invoking sntp   
                                                                    
 
                                                                    
-
                                                                    1.1.1 sntp help/usage (--help)
                                                                    
-
+
                                                                    1.1.1 sntp help/usage (--help)
                                                                    
+
 
 
                                                                    This is the automatically generated usage text for sntp.
 
                                                                    
-
                                                                    The text printed is the same whether selected with the help option
-(--help) or the more-help option (--more-help).  more-help will print
+
                                                                    The text printed is the same whether selected with the help option
+(--help) or the more-help option (--more-help).  more-help will print
 the usage text by passing it through a pager program.
-more-help is disabled on platforms without a working
-fork(2) function.  The PAGER environment variable is
-used to select the program, defaulting to more.  Both will exit
+more-help is disabled on platforms without a working
+fork(2) function.  The PAGER environment variable is
+used to select the program, defaulting to more.  Both will exit
 with a status code of 0.
 
                                                                    
 
                                                                    
-
                                                                    sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p17
+
                                                                    sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p17
 Usage:  sntp [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \
                 [ hostname-or-IP ...]
   Flg Arg Option-Name    Description
@@ -281,248 +249,278 @@ Please send bug reports to:  <https://bugs.ntp.org, bugs@ntp.org>
 
                                                                    
 
 
                                                                    
-
                                                                    
+
                                                                    
+
                                                                    
+
                                                                    
 
                                                                    
-Next: , Previous: , Up: sntp Invocation   
                                                                    
+Next: , Previous: , Up: Invoking sntp   
                                                                    
 
                                                                    
-
                                                                    1.1.2 ipv4 option (-4)
                                                                    
-
+
                                                                    1.1.2 ipv4 option (-4)
                                                                    
+
 
 
                                                                    This is the “force ipv4 dns name resolution” option.
 
                                                                    
 
                                                                    This option has some usage constraints.  It:
-
                                                                      
-
                                                                    •  must not appear in combination with any of the following options:
+
                                                                        
+
                                                                      • must not appear in combination with any of the following options:
 ipv6.
 
                                                                      
 
 
                                                                      Force DNS resolution of the following host names on the command line
 to the IPv4 namespace.
 
                                                                      
-
                                                                      
+
                                                                      
+
                                                                      
+
                                                                      
 
                                                                      
-Next: , Previous: , Up: sntp Invocation   
                                                                      
+Next: , Previous: , Up: Invoking sntp   
                                                                      
 
                                                                      
-
                                                                      1.1.3 ipv6 option (-6)
                                                                      
-
+
                                                                      1.1.3 ipv6 option (-6)
                                                                      
+
 
 
                                                                      This is the “force ipv6 dns name resolution” option.
 
                                                                      
 
                                                                      This option has some usage constraints.  It:
-
                                                                        
-
                                                                      •  must not appear in combination with any of the following options:
+
                                                                          
+
                                                                        • must not appear in combination with any of the following options:
 ipv4.
 
                                                                        
 
 
                                                                        Force DNS resolution of the following host names on the command line
 to the IPv6 namespace.
 
                                                                        
-
                                                                        
+
                                                                        
+
                                                                        
+
                                                                        
 
                                                                        
-Next: , Previous: , Up: sntp Invocation   
                                                                        
+Next: , Previous: , Up: Invoking sntp   
                                                                        
 
                                                                        
-
                                                                        1.1.4 authentication option (-a)
                                                                        
-
+
                                                                        1.1.4 authentication option (-a)
                                                                        
+
 
-
                                                                        This is the “enable authentication with the key auth-keynumber” option.
-This option takes a number argument auth-keynumber.
+
                                                                        This is the “enable authentication with the key auth-keynumber” option.
+This option takes a number argument auth-keynumber.
 Enable authentication using the key specified in this option’s
-argument.  The argument of this option is the keyid, a
-number specified in the keyfile as this key’s identifier.
-See the keyfile option (-k) for more details.
+argument.  The argument of this option is the keyid, a
+number specified in the keyfile as this key’s identifier.
+See the keyfile option (-k) for more details.
 
                                                                        
-
                                                                        
+
                                                                        
+
                                                                        
+
                                                                        
 
                                                                        
-Next: , Previous: , Up: sntp Invocation   
                                                                        
+Next: , Previous: , Up: Invoking sntp   
                                                                        
 
                                                                        
-
                                                                        1.1.5 broadcast option (-b)
                                                                        
-
+
                                                                        1.1.5 broadcast option (-b)
                                                                        
+
 
 
                                                                        This is the “listen to the address specified for broadcast time sync” option.
-This option takes a string argument broadcast-address.
+This option takes a string argument broadcast-address.
 
                                                                        
 
                                                                        This option has some usage constraints.  It:
-
                                                                          
-
                                                                        •  may appear an unlimited number of times.
+
                                                                            
+
                                                                          • may appear an unlimited number of times.
 
                                                                          
 
-
                                                                          If specified sntp will listen to the specified address
+
                                                                          If specified sntp will listen to the specified address
 for NTP broadcasts.  The default maximum wait time
-can (and probably should) be modified with -t.
+can (and probably should) be modified with -t.
 
                                                                          
-
                                                                          
+
                                                                          
+
                                                                          
+
                                                                          
 
                                                                          
-Next: , Previous: , Up: sntp Invocation   
                                                                          
+Next: , Previous: , Up: Invoking sntp   
                                                                          
 
                                                                          
-
                                                                          1.1.6 concurrent option (-c)
                                                                          
-
+
                                                                          1.1.6 concurrent option (-c)
                                                                          
+
 
 
                                                                          This is the “concurrently query all ips returned for host-name” option.
-This option takes a string argument host-name.
+This option takes a string argument host-name.
 
                                                                          
 
                                                                          This option has some usage constraints.  It:
-
                                                                            
-
                                                                          •  may appear an unlimited number of times.
+
                                                                              
+
                                                                            • may appear an unlimited number of times.
 
                                                                            
 
 
                                                                            Requests from an NTP "client" to a "server" should never be sent
 more rapidly than one every 2 seconds.  By default, any IPs returned
 as part of a DNS lookup are assumed to be for a single instance of
-ntpd, and therefore sntp will send queries to these IPs
+ntpd, and therefore sntp will send queries to these IPs
 one after another, with a 2-second gap in between each query.
 
                                                                            
-
                                                                            The -c or --concurrent flag says that any IPs
+
                                                                            The -c or --concurrent flag says that any IPs
 returned for the DNS lookup of the supplied host-name are on
 different machines, so we can send concurrent queries.
 
                                                                            
-
                                                                            
+
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
-Next: , Previous: , Up: sntp Invocation   
                                                                            
+Next: , Previous: , Up: Invoking sntp   
                                                                            
 
                                                                            
-
                                                                            1.1.7 gap option (-g)
                                                                            
-
+
                                                                            1.1.7 gap option (-g)
                                                                            
+
 
 
                                                                            This is the “the gap (in milliseconds) between time requests” option.
-This option takes a number argument milliseconds.
+This option takes a number argument milliseconds.
 Since we’re only going to use the first valid response we get and
 there is benefit to specifying a good number of servers to query,
 separate the queries we send out by the specified number of
 milliseconds.
 
                                                                            
-
                                                                            
+
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
-Next: , Previous: , Up: sntp Invocation   
                                                                            
+Next: , Previous: , Up: Invoking sntp   
                                                                            
 
                                                                            
-
                                                                            1.1.8 kod option (-K)
                                                                            
-
+
                                                                            1.1.8 kod option (-K)
                                                                            
+
 
 
                                                                            This is the “kod history filename” option.
-This option takes a file argument file-name.
+This option takes a file argument file-name.
 Specifies the filename to be used for the persistent history of KoD
 responses received from servers.  If the file does not exist, a
 warning message will be displayed.  The file will not be created.
 
                                                                            
-
                                                                            
+
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
-Next: , Previous: , Up: sntp Invocation   
                                                                            
+Next: , Previous: , Up: Invoking sntp   
                                                                            
 
                                                                            
-
                                                                            1.1.9 keyfile option (-k)
                                                                            
-
+
                                                                            1.1.9 keyfile option (-k)
                                                                            
+
 
-
                                                                            This is the “look in this file for the key specified with -a” option.
-This option takes a file argument file-name.
+
                                                                            This is the “look in this file for the key specified with -a” option.
+This option takes a file argument file-name.
 This option specifies the keyfile.
-sntp will search for the key specified with -a
-keyno in this file.  See ntp.keys(5) for more
+sntp will search for the key specified with -a
+keyno in this file.  See ntp.keys(5) for more
 information.
 
                                                                            
-
                                                                            
+
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
-Next: , Previous: , Up: sntp Invocation   
                                                                            
+Next: , Previous: , Up: Invoking sntp   
                                                                            
 
                                                                            
-
                                                                            1.1.10 logfile option (-l)
                                                                            
-
+
                                                                            1.1.10 logfile option (-l)
                                                                            
+
 
 
                                                                            This is the “log to specified logfile” option.
-This option takes a file argument file-name.
+This option takes a file argument file-name.
 This option causes the client to write log messages to the specified
-logfile.
+logfile.
 
                                                                            
-
                                                                            
+
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
-Next: , Previous: , Up: sntp Invocation   
                                                                            
+Next: , Previous: , Up: Invoking sntp   
                                                                            
 
                                                                            
-
                                                                            1.1.11 steplimit option (-M)
                                                                            
-
+
                                                                            1.1.11 steplimit option (-M)
                                                                            
+
 
-
                                                                            This is the “adjustments less than steplimit msec will be slewed” option.
+
                                                                            This is the “adjustments less than steplimit msec will be slewed” option.
 This option takes a number argument.
-If the time adjustment is less than steplimit milliseconds,
-slew the amount using adjtime(2).  Otherwise, step the
-correction using settimeofday(2).  The default value is 0,
+If the time adjustment is less than steplimit milliseconds,
+slew the amount using adjtime(2).  Otherwise, step the
+correction using settimeofday(2).  The default value is 0,
 which means all adjustments will be stepped.  This is a feature, as
 different situations demand different values.
 
                                                                            
-
                                                                            
+
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
-Next: , Previous: , Up: sntp Invocation   
                                                                            
+Next: , Previous: , Up: Invoking sntp   
                                                                            
 
                                                                            
-
                                                                            1.1.12 ntpversion option (-o)
                                                                            
-
+
                                                                            1.1.12 ntpversion option (-o)
                                                                            
+
 
-
                                                                            This is the “send int as our ntp protocol version” option.
+
                                                                            This is the “send int as our ntp protocol version” option.
 This option takes a number argument.
 When sending requests to a remote server, tell them we are running
-NTP protocol version ntpversion .
+NTP protocol version ntpversion .
 
                                                                            
-
                                                                            
+
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
-Next: , Previous: , Up: sntp Invocation   
                                                                            
+Next: , Previous: , Up: Invoking sntp   
                                                                            
 
                                                                            
-
                                                                            1.1.13 usereservedport option (-r)
                                                                            
-
+
                                                                            1.1.13 usereservedport option (-r)
                                                                            
+
 
 
                                                                            This is the “use the ntp reserved port (port 123)” option.
 Use port 123, which is reserved for NTP, for our network
 communications.
 
                                                                            
-
                                                                            
+
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
-Next: , Previous: , Up: sntp Invocation   
                                                                            
+Next: , Previous: , Up: Invoking sntp   
                                                                            
 
                                                                            
-
                                                                            1.1.14 timeout option (-t)
                                                                            
-
+
                                                                            1.1.14 timeout option (-t)
                                                                            
+
 
 
                                                                            This is the “the number of seconds to wait for responses” option.
-This option takes a number argument seconds.
-When waiting for a reply, sntp will wait the number
+This option takes a number argument seconds.
+When waiting for a reply, sntp will wait the number
 of seconds specified before giving up.  The default should be
-more than enough for a unicast response.  If sntp is
+more than enough for a unicast response.  If sntp is
 only waiting for a broadcast response a longer timeout is
 likely needed.
 
                                                                            
-
                                                                            
+
                                                                            
+
                                                                            
+
                                                                            
 
                                                                            
-Next: , Previous: , Up: sntp Invocation   
                                                                            
+Next: , Previous: , Up: Invoking sntp   
                                                                            
 
                                                                            
-
                                                                            1.1.15 wait option
                                                                            
-
+
                                                                            1.1.15 wait option
                                                                            
+
 
 
                                                                            This is the “wait for pending replies (if not setting the time)” option.
 
                                                                            
 
                                                                            This option has some usage constraints.  It:
-
                                                                              
-
                                                                            •  can be disabled with –no-wait.
-
                                                                            •  It is enabled by default.
+
                                                                                
+
                                                                              • can be disabled with –no-wait.
+
                                                                              • It is enabled by default.
 
                                                                              
 
 
                                                                              If we are not setting the time, wait for all pending responses.
 
                                                                              
 
 
                                                                              
-
                                                                              
+
                                                                              
+
                                                                              
+
                                                                              
 
                                                                              
-Next: , Previous: , Up: sntp Invocation   
                                                                              
+Next: , Previous: , Up: Invoking sntp   
                                                                              
 
                                                                              
-
                                                                              1.1.16 presetting/configuring sntp
                                                                              
+
                                                                              1.1.16 presetting/configuring sntp
                                                                              
 
-
                                                                              Any option that is not marked as not presettable may be preset by
-loading values from configuration ("rc" or "ini") files, and values from environment variables named SNTP and SNTP_<OPTION_NAME>.  <OPTION_NAME> must be one of
+
                                                                              Any option that is not marked as not presettable may be preset by
+loading values from configuration ("rc" or "ini") files, and values from environment variables named SNTP and SNTP_<OPTION_NAME>.  <OPTION_NAME> must be one of
 the options listed above in upper case and segmented with underscores.
-The SNTP variable will be tokenized and parsed like
+The SNTP variable will be tokenized and parsed like
 the command line.  The remaining variables are tested for existence and their
 values are treated like option arguments.
 
                                                                              
 
-
                                                                              libopts will search in 2 places for configuration files:
-
                                                                                
-
                                                                              •  $HOME
-
                                                                              •  $PWD
+
                                                                                libopts will search in 2 places for configuration files:
+
                                                                                  
+
                                                                                • $HOME
+
                                                                                • $PWD
 
                                                                                
-
                                                                                The environment variables HOME, and PWD
-are expanded and replaced when sntp runs.
+
                                                                                The environment variables HOME, and PWD
+are expanded and replaced when sntp runs.
 For any of these that are plain files, they are simply processed.
-For any that are directories, then a file named .ntprc is searched for
+For any that are directories, then a file named .ntprc is searched for
 within that directory and processed.
 
                                                                                
 
                                                                                Configuration files may be in a wide variety of formats.
@@ -535,110 +533,121 @@ lines by escaping the newline with a backslash.
 Common options are collected at the top, followed by program specific
 segments.  The segments are separated by lines like:
 
                                                                                
-
                                                                                [SNTP]
+
                                                                                [SNTP]
 
                                                                                
 
                                                                                or by
 
                                                                                
-
                                                                                <?program sntp>
+
                                                                                <?program sntp>
 
                                                                                
 
                                                                                Do not mix these styles within one configuration file.
 
                                                                                
 
                                                                                Compound values and carefully constructed string values may also be
 specified using XML syntax:
 
                                                                                
-
                                                                                <option-name>
+
                                                                                <option-name>
    <sub-opt>...&lt;...&gt;...</sub-opt>
 </option-name>
 
                                                                                
-
                                                                                yielding an option-name.sub-opt string value of
+
                                                                                yielding an option-name.sub-opt string value of
 
                                                                                
-
                                                                                "...<...>..."
+
                                                                                "...<...>..."
 
                                                                                
-
                                                                                AutoOpts does not track suboptions.  You simply note that it is a
-hierarchicly valued option.  AutoOpts does provide a means for searching
+
                                                                                AutoOpts does not track suboptions.  You simply note that it is a
+hierarchicly valued option.  AutoOpts does provide a means for searching
 the associated name/value pair list (see: optionFindValue).
 
                                                                                
 
                                                                                The command line options relating to configuration and/or usage help are:
 
                                                                                
-
                                                                                version (-)
                                                                                
+
                                                                                version (-)
                                                                                
 
 
                                                                                Print the program version to standard out, optionally with licensing
 information, then exit 0.  The optional argument specifies how much licensing
 detail to provide.  The default is to print just the version.  The licensing information may be selected with an option argument.
 Only the first letter of the argument is examined:
 
                                                                                
-
                                                                                
-
                                                                                version
                                                                                
+
                                                                                
+
                                                                                version
                                                                                
 
                                                                                Only print the version.  This is the default.
 
                                                                                
-
                                                                                copyright
                                                                                
+
                                                                                copyright
                                                                                
 
                                                                                Name the copyright usage licensing terms.
 
                                                                                
-
                                                                                verbose
                                                                                
+
                                                                                verbose
                                                                                
 
                                                                                Print the full copyright usage licensing terms.
 
                                                                                
 
                                                                                
 
 
                                                                                
-
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                
 
                                                                                
-Next: , Previous: , Up: sntp Invocation   
                                                                                
+Next: , Previous: , Up: Invoking sntp   
                                                                                
 
                                                                                
-
                                                                                1.1.17 sntp exit status
                                                                                
+
                                                                                1.1.17 sntp exit status
                                                                                
 
 
                                                                                One of the following exit values will be returned:
-
                                                                                
-
                                                                                0 (EXIT_SUCCESS)
                                                                                
+
                                                                                
+
                                                                                0 (EXIT_SUCCESS)
                                                                                
 
                                                                                Successful program execution.
 
                                                                                
-
                                                                                1 (EXIT_FAILURE)
                                                                                
+
                                                                                1 (EXIT_FAILURE)
                                                                                
 
                                                                                The operation failed or the command syntax was not valid.
 
                                                                                
-
                                                                                66 (EX_NOINPUT)
                                                                                
+
                                                                                66 (EX_NOINPUT)
                                                                                
 
                                                                                A specified configuration file could not be loaded.
 
                                                                                
-
                                                                                70 (EX_SOFTWARE)
                                                                                
+
                                                                                70 (EX_SOFTWARE)
                                                                                
 
                                                                                libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you.
 
                                                                                
 
                                                                                
 
                                                                                
-
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                
 
                                                                                
-Next: , Previous: , Up: sntp Invocation   
                                                                                
+Next: , Previous: , Up: Invoking sntp   
                                                                                
 
                                                                                
-
                                                                                1.1.18 sntp Usage
                                                                                
+
                                                                                1.1.18 sntp Usage
                                                                                
 
                                                                                
-
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                
 
                                                                                
-Previous: , Up: sntp Invocation   
                                                                                
+Previous: , Up: Invoking sntp   
                                                                                
 
                                                                                
-
                                                                                1.1.19 sntp Authors
                                                                                
+
                                                                                1.1.19 sntp Authors
                                                                                
 
 
                                                                                
-
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                
 
                                                                                
-Previous: , Up: sntp Description   
                                                                                
+Previous: , Up: Description   
                                                                                
 
                                                                                
-
                                                                                1.2 Usage
                                                                                
+
                                                                                1.2 Usage
                                                                                
 
 
                                                                                The simplest use of this program is as an unprivileged command to
 check the current time, offset, and error in the local clock.
 For example:
 
                                                                                
 
                                                                                
-
                                                                                sntp ntpserver.somewhere
+
                                                                                sntp ntpserver.somewhere
 
                                                                                
 
 
                                                                                With suitable privilege, it can be run as a command or in a
-crom job to reset the local clock from a reliable server, like
-the ntpdate and rdate commands.
+crom job to reset the local clock from a reliable server, like
+the ntpdate and rdate commands.
 For example:
 
                                                                                
 
                                                                                
-
                                                                                sntp -a ntpserver.somewhere
+
                                                                                sntp -a ntpserver.somewhere
 
                                                                                
-
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                
 
 
 
diff --git a/sntp/sntp.man.in b/sntp/sntp.man.in
index ca4ddea8e..ba9df3e6d 100644
--- a/sntp/sntp.man.in
+++ b/sntp/sntp.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH sntp @SNTP_MS@ "06 Jun 2023" "4.2.8p17" "User Commands"
+.TH sntp @SNTP_MS@ "07 Jan 2024" "4.2.8p17" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:36:14 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:33:46 AM by AutoGen 5.18.16
 .\" From the definitions sntp-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -353,7 +353,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .NOP  "Dave Hart" 
 .br
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/sntp/sntp.mdoc.in b/sntp/sntp.mdoc.in
index 3e5fa3377..e09fd3f03 100644
--- a/sntp/sntp.mdoc.in
+++ b/sntp/sntp.mdoc.in
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt SNTP @SNTP_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (sntp-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:36:10 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:33:42 AM by AutoGen 5.18.16
 .\"  From the definitions    sntp-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -308,7 +308,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .An "Harlan Stenn"
 .An "Dave Hart"
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh "BUGS"
 Please send bug reports to: https://bugs.ntp.org, bugs@ntp.org
diff --git a/util/Makefile.am b/util/Makefile.am
index cef623c59..065fdf547 100644
--- a/util/Makefile.am
+++ b/util/Makefile.am
@@ -4,7 +4,8 @@ bin_PROGRAMS=	$(NTP_KEYGEN_DB) $(NTPTIME_DB) $(TICKADJ_DB) $(TIMETRIM_DB)
 libexec_PROGRAMS=	$(NTP_KEYGEN_DL) $(NTPTIME_DL) $(TICKADJ_DL) $(TIMETRIM_DL)
 sbin_PROGRAMS=	$(NTP_KEYGEN_DS) $(NTPTIME_DS) $(TICKADJ_DS) $(TIMETRIM_DS)
 
-EXTRA_PROGRAMS=	audio-pcm byteorder hist jitter kern longsize ntp-keygen \
+EXTRA_PROGRAMS=	audio-pcm byteorder hist jitter kern longsize lsf-times \
+	ntp-keygen \
 	ntptime pps-api precision sht testrs6000 tg tg2 tickadj timetrim
 
 AM_CFLAGS  = $(CFLAGS_NTP)
diff --git a/util/invoke-ntp-keygen.texi b/util/invoke-ntp-keygen.texi
index 2ee45b309..104691ee4 100644
--- a/util/invoke-ntp-keygen.texi
+++ b/util/invoke-ntp-keygen.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp-keygen.texi)
 #
-# It has been AutoGen-ed  June  6, 2023 at 04:38:29 AM by AutoGen 5.18.16
+# It has been AutoGen-ed  January  7, 2024 at 12:35:07 AM by AutoGen 5.18.16
 # From the definitions    ntp-keygen-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
diff --git a/util/ntp-keygen-opts.c b/util/ntp-keygen-opts.c
index fb3c78fdf..1556aae44 100644
--- a/util/ntp-keygen-opts.c
+++ b/util/ntp-keygen-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntp-keygen-opts.c)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:38:24 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:36:07 AM by AutoGen 5.18.16
  *  From the definitions    ntp-keygen-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntp-keygen program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -77,7 +77,7 @@ extern FILE * option_usage_fp;
  */
 static char const ntp_keygen_opt_strs[2443] =
 /*     0 */ "ntp-keygen (ntp) 4.2.8p17\n"
-            "Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+            "Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -1315,7 +1315,7 @@ static void bogus_function(void) {
    */
   /* referenced via ntp_keygenOptions.pzCopyright */
   puts(_("ntp-keygen (ntp) 4.2.8p17\n\
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
diff --git a/util/ntp-keygen-opts.h b/util/ntp-keygen-opts.h
index 9e266d2b1..1b578f056 100644
--- a/util/ntp-keygen-opts.h
+++ b/util/ntp-keygen-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntp-keygen-opts.h)
  *
- *  It has been AutoGen-ed  June  6, 2023 at 04:38:23 AM by AutoGen 5.18.16
+ *  It has been AutoGen-ed  January  7, 2024 at 12:36:07 AM by AutoGen 5.18.16
  *  From the definitions    ntp-keygen-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntp-keygen program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
diff --git a/util/ntp-keygen.1ntp-keygenman b/util/ntp-keygen.1ntp-keygenman
index f96a7689b..03ac272a8 100644
--- a/util/ntp-keygen.1ntp-keygenman
+++ b/util/ntp-keygen.1ntp-keygenman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp-keygen 1ntp-keygenman "06 Jun 2023" "ntp (4.2.8p17)" "User Commands"
+.TH ntp-keygen 1ntp-keygenman "07 Jan 2024" "ntp (4.2.8p17)" "User Commands"
 .\"
 .\" EDIT THIS FILE WITH CAUTION (in-mem file)
 .\"
-.\" It has been AutoGen-ed June 6, 2023 at 04:38:32 AM by AutoGen 5.18.16
+.\" It has been AutoGen-ed January 7, 2024 at 12:35:09 AM by AutoGen 5.18.16
 .\" From the definitions ntp-keygen-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -1351,7 +1351,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH BUGS
 It can take quite a while to generate some cryptographic values.
diff --git a/util/ntp-keygen.1ntp-keygenmdoc b/util/ntp-keygen.1ntp-keygenmdoc
index ce6b988d7..a46ff94d4 100644
--- a/util/ntp-keygen.1ntp-keygenmdoc
+++ b/util/ntp-keygen.1ntp-keygenmdoc
@@ -1,9 +1,9 @@
-.Dd June 6 2023
+.Dd January 7 2024
 .Dt NTP_KEYGEN 1ntp-keygenmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp-keygen-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  6, 2023 at 04:38:27 AM by AutoGen 5.18.16
+.\"  It has been AutoGen-ed  January  7, 2024 at 12:35:05 AM by AutoGen 5.18.16
 .\"  From the definitions    ntp-keygen-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -1208,7 +1208,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh BUGS
 It can take quite a while to generate some cryptographic values.
diff --git a/util/ntp-keygen.html b/util/ntp-keygen.html
index 0d16b09b5..e99e9d1e8 100644
--- a/util/ntp-keygen.html
+++ b/util/ntp-keygen.html
@@ -1,6 +1,6 @@
-
+
 
-
+
 
 
 Ntp-keygen User’s Manual
@@ -10,24 +10,20 @@
 
 
 
+
+
 
 
+
+
 
 
@@ -35,42 +31,21 @@ ul.no-bullet {list-style: none}
 
 
 
-
                                                                                Ntp-keygen User’s Manual
                                                                                
-
 
 
 
 
-
-
                                                                                Short Table of Contents
                                                                                
-
-
                                                                                
-
-
                                                                                
 
 
-
-
-
-
-
-
-
                                                                                Description  
-
                                                                                ntp-keygen Invocation  Invoking ntp-keygen
-
                                                                                Running the Program  
-
                                                                                Random Seed File  
-
                                                                                Cryptographic Data Files  
-
                                                                                
 
-
                                                                                
+
                                                                                
+
                                                                                
 
                                                                                
 Next: , Previous: , Up: (dir)   
                                                                                
 
                                                                                
-
                                                                                NTP Key Generation Program User Manual
                                                                                
+
                                                                                NTP Key Generation Program User Manual
                                                                                
 
-
                                                                                This document describes the use of the NTP Project’s ntp-keygen
+
                                                                                This document describes the use of the NTP Project’s ntp-keygen
 program, that generates cryptographic data files used by the NTPv4
 authentication and identity schemes.
 It can generate message digest keys used in symmetric key cryptography and,
@@ -84,19 +59,24 @@ All other files are in PEM-encoded
 printable ASCII format so they can be embedded as MIME attachments in
 mail to other sites.
 
                                                                                
-
                                                                                This document applies to version 4.2.8p17 of ntp-keygen.
+
                                                                                This document applies to version 4.2.8p17 of ntp-keygen.
 
                                                                                
-
-
-
                                                                                Description  
-
                                                                                
+
                                                                                
+
                                                                                Short Table of Contents
                                                                                
 
+
                                                                                
+
+
                                                                                
+
                                                                                
 
                                                                                
-
                                                                                
+
                                                                                
+
                                                                                
 
                                                                                
-Next: , Previous: , Up: Top   
                                                                                
+Next: , Previous: , Up: NTP Key Generation Program User Manual   
                                                                                
 
                                                                                
-
                                                                                1 Description
                                                                                
+
                                                                                1 Description
                                                                                
 
 
                                                                                This program generates cryptographic data files used by the NTPv4
 authentication and identity schemes. It can generate message digest
@@ -130,12 +110,12 @@ However, the identity keys
 are probably not compatible with anything other than Autokey.
 
                                                                                
 
                                                                                Some files used by this program are encrypted using a private password.
-The -p option specifies the password for local encrypted files and the
--q option the password for encrypted files sent to remote sites.
+The -p option specifies the password for local encrypted files and the
+-q option the password for encrypted files sent to remote sites.
 If no password is specified, the host name returned by the Unix
-gethostname() function, normally the DNS name of the host, is used.
+gethostname() function, normally the DNS name of the host, is used.
 
                                                                                
-
                                                                                The pw option of the crypto configuration command
+
                                                                                The pw option of the crypto configuration command
 specifies the read password for previously encrypted local files.
 This must match the local password used by this program.
 If not specified, the host name is used.
@@ -146,47 +126,43 @@ host.
 
                                                                                Normally, encrypted files for each host are generated by that host and
 used only by that host, although exceptions exist as noted later on
 this page.
-The symmetric keys file, normally called ntp.keys, is
-usually installed in /etc.
+The symmetric keys file, normally called ntp.keys, is
+usually installed in /etc.
 Other files and links are usually installed
-in /usr/local/etc, which is normally in a shared filesystem in
+in /usr/local/etc, which is normally in a shared filesystem in
 NFS-mounted networks and cannot be changed by shared clients.
 The location of the keys directory can be changed by the keysdir
 configuration command in such cases.
-Normally, this is in /etc.
+Normally, this is in /etc.
 
                                                                                
 
                                                                                This program directs commentary and error messages to the standard
-error stream stderr and remote files to the standard output stream
-stdout where they can be piped to other applications or redirected to
+error stream stderr and remote files to the standard output stream
+stdout where they can be piped to other applications or redirected to
 files.
 The names used for generated files and links all begin with the
-string ntpkey and include the file type,
+string ntpkey and include the file type,
 generating host and filestamp,
-as described in the Cryptographic Data Files section below.
-
                                                                                
-
-
-
-
-
-
                                                                                Running the Program  
-
                                                                                Invoking ntp-keygen  
-
                                                                                Random Seed File  
-
                                                                                Cryptographic Data Files  
-
                                                                                
-
+as described in the Cryptographic Data Files section below.
+
                                                                                
+
 
                                                                                
-
                                                                                
+
                                                                                
+
                                                                                
 
                                                                                
-Next: , Previous: , Up: Top   
                                                                                
+Next: , Previous: , Up: NTP Key Generation Program User Manual   
                                                                                
 
                                                                                
-
                                                                                1.1 Running the Program
                                                                                
+
                                                                                1.1 Running the Program
                                                                                
 
 
                                                                                To test and gain experience with Autokey concepts, log in as root and
-change to the keys directory, usually /usr/local/etc.
+change to the keys directory, usually /usr/local/etc.
 When run for the
-first time, or if all files with names beginning ntpkey] have been
-removed, use the ntp-keygen command without arguments to generate a
+first time, or if all files with names beginning ntpkey] have been
+removed, use the ntp-keygen command without arguments to generate a
 default RSA host key and matching RSA-MD5 certificate with expiration
 date one year hence.
 If run again without options, the program uses the
@@ -194,8 +170,8 @@ existing keys and parameters and generates only a new certificate with
 new expiration date one year hence.
 
                                                                                
 
                                                                                Run the command on as many hosts as necessary.
-Designate one of them as the trusted host (TH) using ntp-keygen
-with the -T option and configure
+Designate one of them as the trusted host (TH) using ntp-keygen
+with the -T option and configure
 it to synchronize from reliable Internet servers.
 Then configure the other hosts to synchronize to the TH directly or indirectly.
 A certificate trail is created when Autokey asks the immediately
@@ -206,12 +182,12 @@ All group hosts should have acyclic certificate trails ending on the TH.
 
                                                                                The host key is used to encrypt the cookie when required and so must be
 RSA type.
 By default, the host key is also the sign key used to encrypt signatures.
-A different sign key can be assigned using the -S option
+A different sign key can be assigned using the -S option
 and this can be either RSA or DSA type.
 By default, the signature
 message digest type is MD5, but any combination of sign key type and
 message digest type supported by the OpenSSL library can be specified
-using the -c option.
+using the -c option.
 
                                                                                
 
                                                                                The rules say cryptographic media should be generated with proventic
 filestamps, which means the host should already be synchronized before
@@ -228,13 +204,15 @@ certificate should be re-generated.
 Autokey Public-Key Authentication page.
 
                                                                                
 
                                                                                
-
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                
 
                                                                                
 Next: , Previous: , Up: Description   
                                                                                
 
                                                                                
-
                                                                                1.2 Invoking ntp-keygen
                                                                                
-
-
+
                                                                                1.2 Invoking ntp-keygen
                                                                                
+
+
 
 
 
@@ -266,9 +244,9 @@ The message digest symmetric keys file must be distributed and stored
 using secure means beyond the scope of NTP itself.
 Besides the keys used for ordinary NTP associations, additional keys
 can be defined as passwords for the
-ntpq(1ntpqmdoc)
+ntpq(1ntpqmdoc)
 and
-ntpdc(1ntpdcmdoc)
+ntpdc(1ntpdcmdoc)
 utility programs.
 
                                                                                
 
                                                                                The remaining generated files are compatible with other OpenSSL
@@ -281,16 +259,16 @@ other than Autokey.
 
                                                                                
 
                                                                                Some files used by this program are encrypted using a private password.
 The
--p
+-p
 option specifies the read password for local encrypted files and the
--q
+-q
 option the write password for encrypted files sent to remote sites.
 If no password is specified, the host name returned by the Unix
-hostname(1)
+hostname(1)
 command, normally the DNS name of the host, is used as the the default read
 password, for convenience.
 The
-ntp-keygen
+ntp-keygen
 program prompts for the password if it reads an encrypted file
 and the password is missing or incorrect.
 If an encrypted file is read successfully and
@@ -298,17 +276,17 @@ no write password is specified, the read password is used
 as the write password by default.
 
                                                                                
 
                                                                                The
-pw
+pw
 option of the
-crypto
-ntpd(1ntpdmdoc)
+crypto
+ntpd(1ntpdmdoc)
 configuration command specifies the read
 password for previously encrypted local files.
 This must match the local read password used by this program.
 If not specified, the host name is used.
 Thus, if files are generated by this program without an explicit password,
 they can be read back by
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 without specifying an explicit password but only on the same host.
 If the write password used for encryption is specified as the host name,
 these files can be read by that host with no explicit password.
@@ -317,111 +295,87 @@ these files can be read by that host with no explicit password.
 used only by that host, although exceptions exist as noted later on
 this page.
 The symmetric keys file, normally called
-ntp.keys,
+ntp.keys,
 is usually installed in
-/etc.
+/etc.
 Other files and links are usually installed in
-/usr/local/etc,
+/usr/local/etc,
 which is normally in a shared filesystem in
 NFS-mounted networks and cannot be changed by shared clients.
 In these cases, NFS clients can specify the files in another
 directory such as
-/etc
+/etc
 using the
-keysdir
-ntpd(1ntpdmdoc)
+keysdir
+ntpd(1ntpdmdoc)
 configuration file command.
 
                                                                                
 
                                                                                This program directs commentary and error messages to the standard
 error stream
-stderr
+stderr
 and remote files to the standard output stream
-stdout
+stdout
 where they can be piped to other applications or redirected to files.
 The names used for generated files and links all begin with the
 string
-ntpkey*
+ntpkey*
 and include the file type, generating host and filestamp,
 as described in the
-Cryptographic Data Files
+Cryptographic Data Files
 section below.
 
                                                                                
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
                                                                                ntp-keygen help/usage (--help)  
-
                                                                                imbits option (-b)  
-
                                                                                certificate option (-c)  
-
                                                                                cipher option (-C)  
-
                                                                                id-key option (-e)  
-
                                                                                gq-params option (-G)  
-
                                                                                host-key option (-H)  
-
                                                                                iffkey option (-I)  
-
                                                                                ident option (-i)  
-
                                                                                lifetime option (-l)  
-
                                                                                modulus option (-m)  
-
                                                                                md5key option (-M)  
-
                                                                                pvt-cert option (-P)  
-
                                                                                password option (-p)  
-
                                                                                export-passwd option (-q)  
-
                                                                                subject-name option (-s)  
-
                                                                                sign-key option (-S)  
-
                                                                                trusted-cert option (-T)  
-
                                                                                mv-params option (-V)  
-
                                                                                mv-keys option (-v)  
-
                                                                                presetting/configuring ntp-keygen  
-
                                                                                ntp-keygen exit status  
-
                                                                                ntp-keygen Usage  
-
                                                                                ntp-keygen Notes  
-
                                                                                ntp-keygen Bugs  
-
                                                                                
-
-
                                                                                1.2.1 Running the Program
                                                                                
+
+
                                                                                
+
                                                                                1.2.1 Running the Program
                                                                                
 
                                                                                The safest way to run the
-ntp-keygen
+ntp-keygen
 program is logged in directly as root.
 The recommended procedure is change to the
-keys
+keys
 directory, usually
-/usr/local/etc,
+/usr/local/etc,
 then run the program.
 
                                                                                
 
                                                                                To test and gain experience with Autokey concepts, log in as root and
 change to the
-keys
+keys
 directory, usually
-/usr/local/etc.
+/usr/local/etc.
 When run for the first time, or if all files with names beginning with
-ntpkey*
+ntpkey*
 have been removed, use the
-ntp-keygen
+ntp-keygen
 command without arguments to generate a default
-RSA
+RSA
 host key and matching
-RSA-MD5
+RSA-MD5
 certificate file with expiration date one year hence,
 which is all that is necessary in many cases.
 The program also generates soft links from the generic names
@@ -431,35 +385,35 @@ existing keys and parameters and generates a new certificate file with
 new expiration date one year hence, and soft link.
 
                                                                                
 
                                                                                The host key is used to encrypt the cookie when required and so must be
-RSA
+RSA
 type.
 By default, the host key is also the sign key used to encrypt signatures.
 When necessary, a different sign key can be specified and this can be
 either
-RSA
+RSA
 or
-DSA
+DSA
 type.
 By default, the message digest type is
-MD5,
+MD5,
 but any combination
 of sign key type and message digest type supported by the OpenSSL library
 can be specified, including those using the
-AES128CMAC, MD2, MD5, MDC2, SHA, SHA1
+AES128CMAC, MD2, MD5, MDC2, SHA, SHA1
 and
-RIPE160
+RIPE160
 message digest algorithms.
 However, the scheme specified in the certificate must be compatible
 with the sign key.
 Certificates using any digest algorithm are compatible with
-RSA
+RSA
 sign keys;
 however, only
-SHA
+SHA
 and
-SHA1
+SHA1
 certificates are compatible with
-DSA
+DSA
 sign keys.
 
                                                                                
 
                                                                                Private/public key files and certificates are compatible with
@@ -471,29 +425,29 @@ However, the identification parameter files, although encoded
 as the other files, are probably not compatible with anything other than Autokey.
 
                                                                                
 
                                                                                Running the program as other than root and using the Unix
-su(1)
+su(1)
 command
 to assume root may not work properly, since by default the OpenSSL library
 looks for the random seed file
-.rnd
+.rnd
 in the user home directory.
 However, there should be only one
-.rnd,
+.rnd,
 most conveniently
 in the root directory, so it is convenient to define the
 .Ev RANDFILE
 environment variable used by the OpenSSL library as the path to
-.rnd.
+.rnd.
 
                                                                                
 
                                                                                Installing the keys as root might not work in NFS-mounted
 shared file systems, as NFS clients may not be able to write
 to the shared keys directory, even as root.
 In this case, NFS clients can specify the files in another
 directory such as
-/etc
+/etc
 using the
-keysdir
-ntpd(1ntpdmdoc)
+keysdir
+ntpd(1ntpdmdoc)
 configuration file command.
 There is no need for one client to read the keys and certificates
 of other clients or servers, as these data are obtained automatically
@@ -510,7 +464,7 @@ The owner name is also used for the host and sign key files,
 while the trusted name is used for the identity files.
 
                                                                                
 
                                                                                All files are installed by default in the keys directory
-/usr/local/etc,
+/usr/local/etc,
 which is normally in a shared filesystem
 in NFS-mounted networks.
 The actual location of the keys directory
@@ -528,9 +482,9 @@ Alternatively, files containing private values can be encrypted
 and these files permitted world readable,
 which simplifies maintenance in shared file systems.
 Since uniqueness is insured by the
-hostname
+hostname
 and
-filestamp
+filestamp
 file name extensions, the files for an NTP server and
 dependent clients can all be installed in the same shared directory.
 
                                                                                
@@ -541,29 +495,29 @@ to the generated files.
 This allows new file generations to be activated simply
 by changing the link.
 If a link is present,
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 follows it to the file name to extract the
-filestamp.
+filestamp.
 If a link is not present,
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 extracts the
-filestamp
+filestamp
 from the file itself.
 This allows clients to verify that the file and generation times
 are always current.
 The
-ntp-keygen
+ntp-keygen
 program uses the same
-filestamp
+filestamp
 extension for all files generated
 at one time, so each generation is distinct and can be readily
 recognized in monitoring data.
 
                                                                                
 
                                                                                Run the command on as many hosts as necessary.
 Designate one of them as the trusted host (TH) using
-ntp-keygen
+ntp-keygen
 with the
--T
+-T
 option and configure it to synchronize from reliable Internet servers.
 Then configure the other hosts to synchronize to the TH directly or
 indirectly.
@@ -577,19 +531,19 @@ RSA type.
 By default, the host key is also the sign key used to encrypt
 signatures.
 A different sign key can be assigned using the
--S
+-S
 option and this can be either
-RSA
+RSA
 or
-DSA
+DSA
 type.
 By default, the signature
 message digest type is
-MD5,
+MD5,
 but any combination of sign key type and
 message digest type supported by the OpenSSL library can be specified
 using the
--c
+-c
 option.
 
                                                                                
 
                                                                                The rules say cryptographic media should be generated with proventic
@@ -608,43 +562,51 @@ certificate should be re-generated.
 page.
 
                                                                                
 
                                                                                File names begin with the prefix
-ntpkey_
+ntpkey_
 and end with the suffix
-_hostname. filestamp,
+_hostname. filestamp,
 where
-hostname
+hostname
 is the owner name, usually the string returned
 by the Unix
-hostname(1)
+hostname(1)
 command, and
-filestamp
+filestamp
 is the NTP seconds when the file was generated, in decimal digits.
 This both guarantees uniqueness and simplifies maintenance
 procedures, since all files can be quickly removed
 by a
-rm ntpkey*
+rm ntpkey*
 command or all files generated
 at a specific time can be removed by a
-rm *filestamp
+rm *filestamp
 command.
 To further reduce the risk of misconfiguration,
 the first two lines of a file contain the file name
 and generation date and time as comments.
 
                                                                                
-
                                                                                1.2.1.1 Trusted Hosts and Groups
                                                                                
+
+
                                                                                
+
                                                                                1.2.1.1 Trusted Hosts and Groups
                                                                                
 
                                                                                Each cryptographic configuration involves selection of a signature scheme
 and identification scheme, called a cryptotype,
 as explained in the
 ‘Authentication Options’
 section of
-ntp.conf(5).
+ntp.conf(5).
 The default cryptotype uses
-RSA
+RSA
 encryption,
-MD5
+MD5
 message digest
 and
-TC
+TC
 identification.
 First, configure a NTP subnet including one or more low-stratum
 trusted hosts from which all other hosts derive synchronization
@@ -659,18 +621,18 @@ The trail is defined by static configuration file entries
 or dynamic means described on the
 ‘Automatic NTP Configuration Options’
 section of
-ntp.conf(5).
+ntp.conf(5).
 
                                                                                
 
                                                                                On each trusted host as root, change to the keys directory.
 To insure a fresh fileset, remove all
-ntpkey
+ntpkey
 files.
 Then run
-ntp-keygen
--T
+ntp-keygen
+-T
 to generate keys and a trusted certificate.
 On all other hosts do the same, but leave off the
--T
+-T
 flag to generate keys and nontrusted certificates.
 When complete, start the NTP daemons beginning at the lowest stratum
 and working up the tree.
@@ -679,56 +641,58 @@ throughout the subnet, but setting up the environment is completely automatic.
 
                                                                                
 
                                                                                If it is necessary to use a different sign key or different digest/signature
 scheme than the default, run
-ntp-keygen
+ntp-keygen
 with the
--S type
+-S type
 option, where
-type
+type
 is either
-RSA
+RSA
 or
-DSA.
+DSA.
 The most frequent need to do this is when a
-DSA-signed
+DSA-signed
 certificate is used.
 If it is necessary to use a different certificate scheme than the default,
 run
-ntp-keygen
+ntp-keygen
 with the
--c scheme
+-c scheme
 option and selected
-scheme
+scheme
 as needed.
 If
-ntp-keygen
+ntp-keygen
 is run again without these options, it generates a new certificate
 using the same scheme and sign key, and soft link.
 
                                                                                
 
                                                                                After setting up the environment it is advisable to update certificates
 from time to time, if only to extend the validity interval.
 Simply run
-ntp-keygen
+ntp-keygen
 with the same flags as before to generate new certificates
 using existing keys, and soft links.
 However, if the host or sign key is changed,
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 should be restarted.
 When
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 is restarted, it loads any new files and restarts the protocol.
 Other dependent hosts will continue as usual until signatures are refreshed,
 at which time the protocol is restarted.
 
                                                                                
-
                                                                                1.2.1.2 Identity Schemes
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                1.2.1.2 Identity Schemes
                                                                                
 
                                                                                As mentioned on the Autonomous Authentication page,
 the default
-TC
+TC
 identity scheme is vulnerable to a middleman attack.
 However, there are more secure identity schemes available,
 including
-PC, IFF, GQ
+PC, IFF, GQ
 and
-MV
+MV
 schemes described below.
 These schemes are based on a TA, one or more trusted hosts
 and some number of nontrusted hosts.
@@ -750,22 +714,22 @@ only as clients have key files that contain only client keys.
 
                                                                                
 
                                                                                The PC scheme supports only one trusted host in the group.
 On trusted host alice run
-ntp-keygen
--P
--p password
+ntp-keygen
+-P
+-p password
 to generate the host key file
-ntpkey_ RSA key_alice. filestamp
+ntpkey_ RSA key_alice. filestamp
 and trusted private certificate file
-ntpkey_ RSA-MD5 _ cert_alice. filestamp,
+ntpkey_ RSA-MD5 _ cert_alice. filestamp,
 and soft links.
 Copy both files to all group hosts;
 they replace the files which would be generated in other schemes.
 On each host
-bob
+bob
 install a soft link from the generic name
-ntpkey_host_bob
+ntpkey_host_bob
 to the host key file and soft link
-ntpkey_cert_bob
+ntpkey_cert_bob
 to the private certificate file.
 Note the generic links are on bob, but point to files generated
 by trusted host alice.
@@ -774,30 +738,30 @@ either the keys or certificates without copying them
 to all other hosts in the group, and recreating the soft links.
 
                                                                                
 
                                                                                For the
-IFF
+IFF
 scheme proceed as in the
-TC
+TC
 scheme to generate keys
 and certificates for all group hosts, then for every trusted host in the group,
 generate the
-IFF
+IFF
 parameter file.
 On trusted host alice run
-ntp-keygen
--T
--I
--p password
+ntp-keygen
+-T
+-I
+-p password
 to produce her parameter file
-ntpkey_IFFpar_alice.filestamp,
+ntpkey_IFFpar_alice.filestamp,
 which includes both server and client keys.
 Copy this file to all group hosts that operate as both servers
 and clients and install a soft link from the generic
-ntpkey_iff_alice
+ntpkey_iff_alice
 to this file.
 If there are no hosts restricted to operate only as clients,
 there is nothing further to do.
 As the
-IFF
+IFF
 scheme is independent
 of keys and certificates, these files can be refreshed as needed.
 
                                                                                
@@ -806,78 +770,78 @@ as a legitimate server and present a middleman threat.
 To eliminate this threat, the client keys can be extracted
 from the parameter file and distributed to all restricted clients.
 After generating the parameter file, on alice run
-ntp-keygen
--e
+ntp-keygen
+-e
 and pipe the output to a file or email program.
 Copy or email this file to all restricted clients.
 On these clients install a soft link from the generic
-ntpkey_iff_alice
+ntpkey_iff_alice
 to this file.
 To further protect the integrity of the keys,
 each file can be encrypted with a secret password.
 
                                                                                
 
                                                                                For the
-GQ
+GQ
 scheme proceed as in the
-TC
+TC
 scheme to generate keys
 and certificates for all group hosts, then for every trusted host
 in the group, generate the
-IFF
+IFF
 parameter file.
 On trusted host alice run
-ntp-keygen
--T
--G
--p password
+ntp-keygen
+-T
+-G
+-p password
 to produce her parameter file
-ntpkey_GQpar_alice.filestamp,
+ntpkey_GQpar_alice.filestamp,
 which includes both server and client keys.
 Copy this file to all group hosts and install a soft link
 from the generic
-ntpkey_gq_alice
+ntpkey_gq_alice
 to this file.
 In addition, on each host
-bob
+bob
 install a soft link
 from generic
-ntpkey_gq_bob
+ntpkey_gq_bob
 to this file.
 As the
-GQ
+GQ
 scheme updates the
-GQ
+GQ
 parameters file and certificate
 at the same time, keys and certificates can be regenerated as needed.
 
                                                                                
 
                                                                                For the
-MV
+MV
 scheme, proceed as in the
-TC
+TC
 scheme to generate keys
 and certificates for all group hosts.
 For illustration assume trish is the TA, alice one of several trusted hosts
 and bob one of her clients.
 On TA trish run
-ntp-keygen
--V n
--p password,
+ntp-keygen
+-V n
+-p password,
 where
-n
+n
 is the number of revokable keys (typically 5) to produce
 the parameter file
-ntpkeys_MVpar_trish.filestamp
+ntpkeys_MVpar_trish.filestamp
 and client key files
-ntpkeys_MVkeyd _ trish. filestamp
+ntpkeys_MVkeyd _ trish. filestamp
 where
-d
+d
 is the key number (0 <
-d
+d
 <
-n).
+n).
 Copy the parameter file to alice and install a soft link
 from the generic
-ntpkey_mv_alice
+ntpkey_mv_alice
 to this file.
 Copy one of the client key files to alice for later distribution
 to her clients.
@@ -885,240 +849,244 @@ It does not matter which client key file goes to alice,
 since they all work the same way.
 Alice copies the client key file to all of her clients.
 On client bob install a soft link from generic
-ntpkey_mvkey_bob
+ntpkey_mvkey_bob
 to the client key file.
 As the
-MV
+MV
 scheme is independent of keys and certificates,
 these files can be refreshed as needed.
 
                                                                                
-
                                                                                1.2.1.3 Command Line Options
                                                                                
-
                                                                                
-
                                                                                -b --imbits= modulus
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                1.2.1.3 Command Line Options
                                                                                
+
                                                                                
+
                                                                                -b --imbits= modulus
                                                                                
 
                                                                                Set the number of bits in the identity modulus for generating identity keys to
-modulus
+modulus
 bits.
 The number of bits in the identity modulus defaults to 256, but can be set to
 values from 256 to 2048 (32 to 256 octets).
 Use the larger moduli with caution, as this can consume considerable computing
 resources and increases the size of authenticated packets.
 
                                                                                
-
                                                                                -c --certificate= scheme
                                                                                
+
                                                                                -c --certificate= scheme
                                                                                
 
                                                                                Select certificate signature encryption/message digest scheme.
 The
-scheme
+scheme
 can be one of the following:
-RSA-MD2, RSA-MD5, RSA-MDC2, RSA-SHA, RSA-SHA1, RSA-RIPEMD160, DSA-SHA,
+RSA-MD2, RSA-MD5, RSA-MDC2, RSA-SHA, RSA-SHA1, RSA-RIPEMD160, DSA-SHA,
 or
-DSA-SHA1.
+DSA-SHA1.
 Note that
-RSA
+RSA
 schemes must be used with an
-RSA
+RSA
 sign key and
-DSA
+DSA
 schemes must be used with a
-DSA
+DSA
 sign key.
 The default without this option is
-RSA-MD5.
+RSA-MD5.
 If compatibility with FIPS 140-2 is required, either the
-DSA-SHA
+DSA-SHA
 or
-DSA-SHA1
+DSA-SHA1
 scheme must be used.
 
                                                                                
-
                                                                                -C --cipher= cipher
                                                                                
+
                                                                                -C --cipher= cipher
                                                                                
 
                                                                                Select the OpenSSL cipher to encrypt the files containing private keys.
 The default without this option is three-key triple DES in CBC mode,
-des-ede3-cbc.
+des-ede3-cbc.
 The
-openssl -h
+openssl -h
 command provided with OpenSSL displays available ciphers.
 
                                                                                
-
                                                                                -d --debug-level
                                                                                
+
                                                                                -d --debug-level
                                                                                
 
                                                                                Increase debugging verbosity level.
 This option displays the cryptographic data produced in eye-friendly billboards.
 
                                                                                
-
                                                                                -D --set-debug-level= level
                                                                                
+
                                                                                -D --set-debug-level= level
                                                                                
 
                                                                                Set the debugging verbosity to
-level.
+level.
 This option displays the cryptographic data produced in eye-friendly billboards.
 
                                                                                
-
                                                                                -e --id-key
                                                                                
+
                                                                                -e --id-key
                                                                                
 
                                                                                Write the
-IFF
+IFF
 or
-GQ
+GQ
 public parameters from the
-IFFkey or GQkey
+IFFkey or GQkey
 client keys file previously specified
 as unencrypted data to the standard output stream
-stdout.
+stdout.
 This is intended for automatic key distribution by email.
 
                                                                                
-
                                                                                -G --gq-params
                                                                                
+
                                                                                -G --gq-params
                                                                                
 
                                                                                Generate a new encrypted
-GQ
+GQ
 parameters and key file for the Guillou-Quisquater (GQ) identity scheme.
 This option is mutually exclusive with the
--I
+-I
 and
--V
+-V
 options.
 
                                                                                
-
                                                                                -H --host-key
                                                                                
+
                                                                                -H --host-key
                                                                                
 
                                                                                Generate a new encrypted
-RSA
+RSA
 public/private host key file.
 
                                                                                
-
                                                                                -I --iffkey
                                                                                
+
                                                                                -I --iffkey
                                                                                
 
                                                                                Generate a new encrypted
-IFF
+IFF
 key file for the Schnorr (IFF) identity scheme.
 This option is mutually exclusive with the
--G
+-G
 and
 Fl V
 options.
 
                                                                                
-
                                                                                -i --ident= group
                                                                                
+
                                                                                -i --ident= group
                                                                                
 
                                                                                Set the optional Autokey group name to
-group.
+group.
 This is used in the identity scheme parameter file names of
-IFF, GQ,
+IFF, GQ,
 and
-MV
+MV
 client parameters files.
 In that role, the default is the host name if no group is provided.
 The group name, if specified using
--i
+-i
 or
--s
+-s
 following an
 ‘@’
 character, is also used in certificate subject and issuer names in the form
-host @ group
+host @ group
 and should match the group specified via
-crypto ident
+crypto ident
 or
-server ident
+server ident
 in the ntpd configuration file.
 
                                                                                
-
                                                                                -l --lifetime= days
                                                                                
+
                                                                                -l --lifetime= days
                                                                                
 
                                                                                Set the lifetime for certificate expiration to
-days.
+days.
 The default lifetime is one year (365 days).
 
                                                                                
-
                                                                                -m --modulus= bits
                                                                                
+
                                                                                -m --modulus= bits
                                                                                
 
                                                                                Set the number of bits in the prime modulus for generating files to
-bits.
+bits.
 The modulus defaults to 512, but can be set from 256 to 2048 (32 to 256 octets).
 Use the larger moduli with caution, as this can consume considerable computing
 resources and increases the size of authenticated packets.
 
                                                                                
-
                                                                                -M --md5key
                                                                                
+
                                                                                -M --md5key
                                                                                
 
                                                                                Generate a new symmetric keys file containing 10
-MD5
+MD5
 keys, and if OpenSSL is available, 10
-SHA
+SHA
 keys.
 An
-MD5
+MD5
 key is a string of 20 random printable ASCII characters, while a
-SHA
+SHA
 key is a string of 40 random hex digits.
 The file can be edited using a text editor to change the key type or key content.
 This option is mutually exclusive with all other options.
 
                                                                                
-
                                                                                -p --password= passwd
                                                                                
+
                                                                                -p --password= passwd
                                                                                
 
                                                                                Set the password for reading and writing encrypted files to
-passwd.
+passwd.
 These include the host, sign and identify key files.
 By default, the password is the string returned by the Unix
-hostname
+hostname
 command.
 
                                                                                
-
                                                                                -P --pvt-cert
                                                                                
+
                                                                                -P --pvt-cert
                                                                                
 
                                                                                Generate a new private certificate used by the
-PC
+PC
 identity scheme.
 By default, the program generates public certificates.
 Note: the PC identity scheme is not recommended for new installations.
 
                                                                                
-
                                                                                -q --export-passwd= passwd
                                                                                
+
                                                                                -q --export-passwd= passwd
                                                                                
 
                                                                                Set the password for writing encrypted
-IFF, GQ and MV
+IFF, GQ and MV
 identity files redirected to
-stdout
+stdout
 to
-passwd.
+passwd.
 In effect, these files are decrypted with the
--p
+-p
 password, then encrypted with the
--q
+-q
 password.
 By default, the password is the string returned by the Unix
-hostname
+hostname
 command.
 
                                                                                
-
                                                                                -s --subject-key= [host] [@ group]
                                                                                
+
                                                                                -s --subject-key= [host] [@ group]
                                                                                
 
                                                                                Specify the Autokey host name, where
-host
+host
 is the optional host name and
-group
+group
 is the optional group name.
 The host name, and if provided, group name are used in
-host @ group
+host @ group
 form as certificate subject and issuer.
 Specifying
--s -@ group
+-s -@ group
 is allowed, and results in leaving the host name unchanged, as with
--i group.
+-i group.
 The group name, or if no group is provided, the host name are also used in the
 file names of
-IFF, GQ,
+IFF, GQ,
 and
-MV
+MV
 identity scheme client parameter files.
 If
-host
+host
 is not specified, the default host name is the string returned by the Unix
-hostname
+hostname
 command.
 
                                                                                
-
                                                                                -S --sign-key= [RSA | DSA]
                                                                                
+
                                                                                -S --sign-key= [RSA | DSA]
                                                                                
 
                                                                                Generate a new encrypted public/private sign key file of the specified type.
 By default, the sign key is the host key and has the same type.
 If compatibility with FIPS 140-2 is required, the sign key type must be
-DSA.
+DSA.
 
                                                                                
-
                                                                                -T --trusted-cert
                                                                                
+
                                                                                -T --trusted-cert
                                                                                
 
                                                                                Generate a trusted certificate.
 By default, the program generates a non-trusted certificate.
 
                                                                                
-
                                                                                -V --mv-params nkeys
                                                                                
+
                                                                                -V --mv-params nkeys
                                                                                
 
                                                                                Generate
-nkeys
+nkeys
 encrypted server keys and parameters for the Mu-Varadharajan (MV)
 identity scheme.
 This option is mutually exclusive with the
--I
+-I
 and
--G
+-G
 options.
 Note: support for this option should be considered a work in progress.
 
                                                                                
 
                                                                                
 
-
                                                                                1.2.1.4 Random Seed File
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                1.2.1.4 Random Seed File
                                                                                
 
                                                                                All cryptographically sound key generation schemes must have means
 to randomize the entropy seed used to initialize
 the internal pseudo-random number generator used
 by the library routines.
 The OpenSSL library uses a designated random seed file for this purpose.
 The file must be available when starting the NTP daemon and
-ntp-keygen
+ntp-keygen
 program.
 If a site supports OpenSSL or its companion OpenSSH,
 it is very likely that means to do this are already available.
@@ -1133,19 +1101,19 @@ but are outside the scope of this page.
 
                                                                                
 
                                                                                The entropy seed used by the OpenSSL library is contained in a file,
 usually called
-.rnd,
+.rnd,
 which must be available when starting the NTP daemon
 or the
-ntp-keygen
+ntp-keygen
 program.
 The NTP daemon will first look for the file
 using the path specified by the
-randfile
+randfile
 subcommand of the
-crypto
+crypto
 configuration command.
 If not specified in this way, or when starting the
-ntp-keygen
+ntp-keygen
 program,
 the OpenSSL library will look for the file using the path specified
 by the
@@ -1156,48 +1124,50 @@ If the
 .Ev RANDFILE
 environment variable is not present,
 the library will look for the
-.rnd
+.rnd
 file in the user home directory.
 Since both the
-ntp-keygen
+ntp-keygen
 program and
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 daemon must run as root, the logical place to put this file is in
-/.rnd
+/.rnd
 or
-/root/.rnd.
+/root/.rnd.
 If the file is not available or cannot be written,
 the daemon exits with a message to the system log and the program
 exits with a suitable error message.
 
                                                                                
-
                                                                                1.2.1.5 Cryptographic Data Files
                                                                                
+
                                                                                
+
                                                                                
+
                                                                                1.2.1.5 Cryptographic Data Files
                                                                                
 
                                                                                All file formats begin with two nonencrypted lines.
 The first line contains the file name, including the generated host name
 and filestamp, in the format
-ntpkey_key _ name. filestamp,
+ntpkey_key _ name. filestamp,
 where
-key
+key
 is the key or parameter type,
-name
+name
 is the host or group name and
-filestamp
+filestamp
 is the filestamp (NTP seconds) when the file was created.
 By convention,
-key
+key
 names in generated file names include both upper and lower case
 characters, while
-key
+key
 names in generated link names include only lower case characters.
 The filestamp is not used in generated link names.
 The second line contains the datestamp in conventional Unix
-date
+date
 format.
 Lines beginning with
 ‘#’
 are considered comments and ignored by the
-ntp-keygen
+ntp-keygen
 program and
-ntpd(1ntpdmdoc)
+ntpd(1ntpdmdoc)
 daemon.
 
                                                                                
 
                                                                                The remainder of the file contains cryptographic data, encoded first using ASN.1
@@ -1205,7 +1175,7 @@ rules, then encrypted if necessary, and finally written in PEM-encoded
 printable ASCII text, preceded and followed by MIME content identifier lines.
 
                                                                                
 
                                                                                The format of the symmetric keys file, ordinarily named
-ntp.keys,
+ntp.keys,
 is somewhat different than the other files in the interest of backward compatibility.
 Ordinarily, the file is generated by this program, but it can be constructed
 and edited using an ordinary text editor.
@@ -1233,31 +1203,31 @@ and edited using an ordinary text editor.
 19 RIPEMD160 77ca332cafb30e3cafb174dcd5b80ded7ba9b3d2  # RIPEMD160 key
 20 AES128CMAC f92ff73eee86c1e7dc638d6489a04e4e555af878  # AES128CMAC key
-
Figure 1. Typical Symmetric Key File
+
Figure 1. Typical Symmetric Key File

Figure 1 shows a typical symmetric keys file used by the reference implementation. Following the header the keys are entered one per line in the format

-
keyno type key
+
keyno type key

where -keyno +keyno is a positive integer in the range 1-65535; -type +type is the key type for the message digest algorithm, which in the absence of the OpenSSL library must be -MD5 +MD5 to designate the MD5 message digest algorithm; if the OpenSSL library is installed, the key type can be any message digest algorithm supported by that library; however, if compatibility with FIPS 140-2 is required, the key type must be either -SHA +SHA or -SHA1; -key +SHA1; +key is the key itself, which is a printable ASCII string 20 characters or less in length: each character is chosen from the 93 printable characters @@ -1274,113 +1244,64 @@ An OpenSSL key consists of a hex-encoded ASCII string of 40 characters, which is truncated as necessary.

Note that the keys used by the -ntpq(1ntpqmdoc) +ntpq(1ntpqmdoc) and -ntpdc(1ntpdcmdoc) +ntpdc(1ntpdcmdoc) programs are checked against passwords requested by the programs and entered by hand, so it is generally appropriate to specify these keys in human readable ASCII format.

The -ntp-keygen +ntp-keygen program generates a symmetric keys file -ntpkey_MD5key_hostname. filestamp. +ntpkey_MD5key_hostname. filestamp. Since the file contains private shared keys, it should be visible only to root and distributed by secure means to other subnet hosts. The NTP daemon loads the file -ntp.keys, +ntp.keys, so -ntp-keygen +ntp-keygen installs a soft link from this name to the generated file. Subsequently, similar soft links must be installed by manual or automated means on the other subnet hosts. While this file is not used with the Autokey Version 2 protocol, it is needed to authenticate some remote configuration commands used by the -ntpq(1ntpqmdoc) +ntpq(1ntpqmdoc) and -ntpdc(1ntpdcmdoc) +ntpdc(1ntpdcmdoc) utilities.

-

This section was generated by AutoGen, -using the agtexi-cmd template and the option descriptions for the ntp-keygen program. +

This section was generated by AutoGen, +using the agtexi-cmd template and the option descriptions for the ntp-keygen program. This software is released under the NTP license, <http://ntp.org/license>.

- - - - - - - - - - - - - - - - - - - - - - - - - - -
ntp-keygen usage  ntp-keygen help/usage (--help) -
ntp-keygen imbits  imbits option (-b) -
ntp-keygen certificate  certificate option (-c) -
ntp-keygen cipher  cipher option (-C) -
ntp-keygen id-key  id-key option (-e) -
ntp-keygen gq-params  gq-params option (-G) -
ntp-keygen host-key  host-key option (-H) -
ntp-keygen iffkey  iffkey option (-I) -
ntp-keygen ident  ident option (-i) -
ntp-keygen lifetime  lifetime option (-l) -
ntp-keygen modulus  modulus option (-m) -
ntp-keygen md5key  md5key option (-M) -
ntp-keygen pvt-cert  pvt-cert option (-P) -
ntp-keygen password  password option (-p) -
ntp-keygen export-passwd  export-passwd option (-q) -
ntp-keygen subject-name  subject-name option (-s) -
ntp-keygen sign-key  sign-key option (-S) -
ntp-keygen trusted-cert  trusted-cert option (-T) -
ntp-keygen mv-params  mv-params option (-V) -
ntp-keygen mv-keys  mv-keys option (-v) -
ntp-keygen config  presetting/configuring ntp-keygen -
ntp-keygen exit status  exit status -
ntp-keygen Usage  Usage -
ntp-keygen Notes  Notes -
ntp-keygen Bugs  Bugs -
-
+
+ +
+

-Next: , Up: ntp-keygen Invocation  

+Next: , Up: Invoking ntp-keygen  

-

1.2.2 ntp-keygen help/usage (--help)

- +

1.2.2 ntp-keygen help/usage (--help)

+

This is the automatically generated usage text for ntp-keygen.

-

The text printed is the same whether selected with the help option -(--help) or the more-help option (--more-help). more-help will print +

The text printed is the same whether selected with the help option +(--help) or the more-help option (--more-help). more-help will print the usage text by passing it through a pager program. -more-help is disabled on platforms without a working -fork(2) function. The PAGER environment variable is -used to select the program, defaulting to more. Both will exit +more-help is disabled on platforms without a working +fork(2) function. The PAGER environment variable is +used to select the program, defaulting to more. Both will exit with a status code of 0.

-
ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p17
+
ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p17
 Usage:  ntp-keygen [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
   Flg Arg Option-Name    Description
    -b Num imbits         identity modulus bits
@@ -1431,36 +1352,40 @@ Please send bug reports to:  <https://bugs.ntp.org, bugs@ntp.org>
-
+
+
+

-Next: , Previous: , Up: ntp-keygen Invocation  

+Next: , Previous: , Up: Invoking ntp-keygen  

-

1.2.3 imbits option (-b)

- +

1.2.3 imbits option (-b)

+

This is the “identity modulus bits” option. -This option takes a number argument imbits. +This option takes a number argument imbits.

This option has some usage constraints. It: -

    -
  • must be compiled in by defining AUTOKEY during the compilation. +

      +
    • must be compiled in by defining AUTOKEY during the compilation.

    The number of bits in the identity modulus. The default is 512.

    -
    +
    +
    +

    -Next: , Previous: , Up: ntp-keygen Invocation  

    +Next: , Previous: , Up: Invoking ntp-keygen  

    -

    1.2.4 certificate option (-c)

    - +

    1.2.4 certificate option (-c)

    +

    This is the “certificate scheme” option. -This option takes a string argument scheme. +This option takes a string argument scheme.

    This option has some usage constraints. It: -

      -
    • must be compiled in by defining AUTOKEY during the compilation. +

        +
      • must be compiled in by defining AUTOKEY during the compilation.

      scheme is one of @@ -1472,193 +1397,215 @@ Note that RSA schemes must be used with a RSA sign key and DSA schemes must be used with a DSA sign key. The default without this option is RSA-MD5.

      -
      +
      +
      +

      -Next: , Previous: , Up: ntp-keygen Invocation  

      +Next: , Previous: , Up: Invoking ntp-keygen  

      -

      1.2.5 cipher option (-C)

      - +

      1.2.5 cipher option (-C)

      +

      This is the “privatekey cipher” option. -This option takes a string argument cipher. +This option takes a string argument cipher.

      This option has some usage constraints. It: -

        -
      • must be compiled in by defining AUTOKEY during the compilation. +

          +
        • must be compiled in by defining AUTOKEY during the compilation.

        Select the cipher which is used to encrypt the files containing private keys. The default is three-key triple DES in CBC mode, -equivalent to "-C des-ede3-cbc". The openssl tool lists ciphers -available in "openssl -h" output. +equivalent to "-C des-ede3-cbc". The openssl tool lists ciphers +available in "openssl -h" output.

        -
        +
        +
        +

        -Next: , Previous: , Up: ntp-keygen Invocation  

        +Next: , Previous: , Up: Invoking ntp-keygen  

        -

        1.2.6 id-key option (-e)

        - +

        1.2.6 id-key option (-e)

        +

        This is the “write iff or gq identity keys” option.

        This option has some usage constraints. It: -

          -
        • must be compiled in by defining AUTOKEY during the compilation. +

            +
          • must be compiled in by defining AUTOKEY during the compilation.

          Write the public parameters from the IFF or GQ client keys to the standard output. This is intended for automatic key distribution by email.

          -
          +
          +
          +

          -Next: , Previous: , Up: ntp-keygen Invocation  

          +Next: , Previous: , Up: Invoking ntp-keygen  

          -

          1.2.7 gq-params option (-G)

          - +

          1.2.7 gq-params option (-G)

          +

          This is the “generate gq parameters and keys” option.

          This option has some usage constraints. It: -

            -
          • must be compiled in by defining AUTOKEY during the compilation. +

              +
            • must be compiled in by defining AUTOKEY during the compilation.

            Generate parameters and keys for the GQ identification scheme, obsoleting any that may exist.

            -
            +
            +
            +

            -Next: , Previous: , Up: ntp-keygen Invocation  

            +Next: , Previous: , Up: Invoking ntp-keygen  

            -

            1.2.8 host-key option (-H)

            - +

            1.2.8 host-key option (-H)

            +

            This is the “generate rsa host key” option.

            This option has some usage constraints. It: -

              -
            • must be compiled in by defining AUTOKEY during the compilation. +

                +
              • must be compiled in by defining AUTOKEY during the compilation.

              Generate new host keys, obsoleting any that may exist.

              -
              +
              +
              +

              -Next: , Previous: , Up: ntp-keygen Invocation  

              +Next: , Previous: , Up: Invoking ntp-keygen  

              -

              1.2.9 iffkey option (-I)

              - +

              1.2.9 iffkey option (-I)

              +

              This is the “generate iff parameters” option.

              This option has some usage constraints. It: -

                -
              • must be compiled in by defining AUTOKEY during the compilation. +

                  +
                • must be compiled in by defining AUTOKEY during the compilation.

                Generate parameters for the IFF identification scheme, obsoleting any that may exist.

                -
                +
                +
                +

                -Next: , Previous: , Up: ntp-keygen Invocation  

                +Next: , Previous: , Up: Invoking ntp-keygen  

                -

                1.2.10 ident option (-i)

                - +

                1.2.10 ident option (-i)

                +

                This is the “set autokey group name” option. -This option takes a string argument group. +This option takes a string argument group.

                This option has some usage constraints. It: -

                  -
                • must be compiled in by defining AUTOKEY during the compilation. +

                    +
                  • must be compiled in by defining AUTOKEY during the compilation.

                  Set the optional Autokey group name to name. This is used in the file name of IFF, GQ, and MV client parameters files. In that role, the default is the host name if this option is not -provided. The group name, if specified using -i/--ident or -using -s/--subject-name following an ’@’ character, +provided. The group name, if specified using -i/--ident or +using -s/--subject-name following an ’@’ character, is also a part of the self-signed host certificate subject and -issuer names in the form host@group and should match the -’crypto ident’ or ’server ident’ configuration in the -ntpd configuration file. +issuer names in the form host@group and should match the +’crypto ident’ or ’server ident’ configuration in the +ntpd configuration file.

                  -
                  +
                  +
                  +

                  -Next: , Previous: , Up: ntp-keygen Invocation  

                  +Next: , Previous: , Up: Invoking ntp-keygen  

                  -

                  1.2.11 lifetime option (-l)

                  - +

                  1.2.11 lifetime option (-l)

                  +

                  This is the “set certificate lifetime” option. -This option takes a number argument lifetime. +This option takes a number argument lifetime.

                  This option has some usage constraints. It: -

                    -
                  • must be compiled in by defining AUTOKEY during the compilation. +

                      +
                    • must be compiled in by defining AUTOKEY during the compilation.

                    Set the certificate expiration to lifetime days from now.

                    -
                    +
                    +
                    +

                    -Next: , Previous: , Up: ntp-keygen Invocation  

                    +Next: , Previous: , Up: Invoking ntp-keygen  

                    -

                    1.2.12 modulus option (-m)

                    - +

                    1.2.12 modulus option (-m)

                    +

                    This is the “prime modulus” option. -This option takes a number argument modulus. +This option takes a number argument modulus.

                    This option has some usage constraints. It: -

                      -
                    • must be compiled in by defining AUTOKEY during the compilation. +

                        +
                      • must be compiled in by defining AUTOKEY during the compilation.

                      The number of bits in the prime modulus. The default is 512.

                      -
                      +
                      +
                      +

                      -Next: , Previous: , Up: ntp-keygen Invocation  

                      +Next: , Previous: , Up: Invoking ntp-keygen  

                      -

                      1.2.13 md5key option (-M)

                      - +

                      1.2.13 md5key option (-M)

                      +

                      This is the “generate symmetric keys” option. Generate symmetric keys, obsoleting any that may exist.

                      -
                      +
                      +
                      +

                      -Next: , Previous: , Up: ntp-keygen Invocation  

                      +Next: , Previous: , Up: Invoking ntp-keygen  

                      -

                      1.2.14 pvt-cert option (-P)

                      - +

                      1.2.14 pvt-cert option (-P)

                      +

                      This is the “generate pc private certificate” option.

                      This option has some usage constraints. It: -

                        -
                      • must be compiled in by defining AUTOKEY during the compilation. +

                          +
                        • must be compiled in by defining AUTOKEY during the compilation.

                        Generate a private certificate. By default, the program generates public certificates.

                        -
                        +
                        +
                        +

                        -Next: , Previous: , Up: ntp-keygen Invocation  

                        +Next: , Previous: , Up: Invoking ntp-keygen  

                        -

                        1.2.15 password option (-p)

                        - +

                        1.2.15 password option (-p)

                        +

                        This is the “local private password” option. -This option takes a string argument passwd. +This option takes a string argument passwd.

                        This option has some usage constraints. It: -

                          -
                        • must be compiled in by defining AUTOKEY during the compilation. +

                            +
                          • must be compiled in by defining AUTOKEY during the compilation.

                          Local files containing private data are encrypted with the @@ -1667,19 +1614,21 @@ must be specified to the local ntpd via the "crypto pw password" configuration command. The default password is the local hostname.

                          -
                          +
                          +
                          +

                          -Next: , Previous: , Up: ntp-keygen Invocation  

                          +Next: , Previous: , Up: Invoking ntp-keygen  

                          -

                          1.2.16 export-passwd option (-q)

                          - +

                          1.2.16 export-passwd option (-q)

                          +

                          This is the “export iff or gq group keys with password” option. -This option takes a string argument passwd. +This option takes a string argument passwd.

                          This option has some usage constraints. It: -

                            -
                          • must be compiled in by defining AUTOKEY during the compilation. +

                              +
                            • must be compiled in by defining AUTOKEY during the compilation.

                            Export IFF or GQ identity group keys to the standard output, @@ -1688,128 +1637,140 @@ The same password must be specified to the remote ntpd via the "crypto pw password" configuration command. See also the option –id-key (-e) for unencrypted exports.

                            -
                            +
                            +
                            +

                            -Next: , Previous: , Up: ntp-keygen Invocation  

                            +Next: , Previous: , Up: Invoking ntp-keygen  

                            -

                            1.2.17 subject-name option (-s)

                            - +

                            1.2.17 subject-name option (-s)

                            +

                            This is the “set host and optionally group name” option. -This option takes a string argument host@group. +This option takes a string argument host@group.

                            This option has some usage constraints. It: -

                              -
                            • must be compiled in by defining AUTOKEY during the compilation. +

                                +
                              • must be compiled in by defining AUTOKEY during the compilation.

                              Set the Autokey host name, and optionally, group name specified -following an ’@’ character. The host name is used in the file +following an ’@’ character. The host name is used in the file name of generated host and signing certificates, without the group name. The host name, and if provided, group name are used -in host@group form for the host certificate subject and issuer -fields. Specifying ’-s @group’ is allowed, and results in -leaving the host name unchanged while appending @group to the -subject and issuer fields, as with -i group. The group name, or +in host@group form for the host certificate subject and issuer +fields. Specifying ’-s @group’ is allowed, and results in +leaving the host name unchanged while appending @group to the +subject and issuer fields, as with -i group. The group name, or if not provided, the host name are also used in the file names of IFF, GQ, and MV client parameter files.

                              -
                              +
                              +
                              +

                              -Next: , Previous: , Up: ntp-keygen Invocation  

                              +Next: , Previous: , Up: Invoking ntp-keygen  

                              -

                              1.2.18 sign-key option (-S)

                              - +

                              1.2.18 sign-key option (-S)

                              +

                              This is the “generate sign key (rsa or dsa)” option. -This option takes a string argument sign. +This option takes a string argument sign.

                              This option has some usage constraints. It: -

                                -
                              • must be compiled in by defining AUTOKEY during the compilation. +

                                  +
                                • must be compiled in by defining AUTOKEY during the compilation.

                                Generate a new sign key of the designated type, obsoleting any that may exist. By default, the program uses the host key as the sign key.

                                -
                                +
                                +
                                +

                                -Next: , Previous: , Up: ntp-keygen Invocation  

                                +Next: , Previous: , Up: Invoking ntp-keygen  

                                -

                                1.2.19 trusted-cert option (-T)

                                - +

                                1.2.19 trusted-cert option (-T)

                                +

                                This is the “trusted certificate (tc scheme)” option.

                                This option has some usage constraints. It: -

                                  -
                                • must be compiled in by defining AUTOKEY during the compilation. +

                                    +
                                  • must be compiled in by defining AUTOKEY during the compilation.

                                  Generate a trusted certificate. By default, the program generates a non-trusted certificate.

                                  -
                                  +
                                  +
                                  +

                                  -Next: , Previous: , Up: ntp-keygen Invocation  

                                  +Next: , Previous: , Up: Invoking ntp-keygen  

                                  -

                                  1.2.20 mv-params option (-V)

                                  - +

                                  1.2.20 mv-params option (-V)

                                  +

                                  This is the “generate <num> mv parameters” option. -This option takes a number argument num. +This option takes a number argument num.

                                  This option has some usage constraints. It: -

                                    -
                                  • must be compiled in by defining AUTOKEY during the compilation. +

                                      +
                                    • must be compiled in by defining AUTOKEY during the compilation.

                                    Generate parameters and keys for the Mu-Varadharajan (MV) identification scheme.

                                    -
                                    +
                                    +
                                    +

                                    -Next: , Previous: , Up: ntp-keygen Invocation  

                                    +Next: , Previous: , Up: Invoking ntp-keygen  

                                    -

                                    1.2.21 mv-keys option (-v)

                                    - +

                                    1.2.21 mv-keys option (-v)

                                    +

                                    This is the “update <num> mv keys” option. -This option takes a number argument num. +This option takes a number argument num.

                                    This option has some usage constraints. It: -

                                      -
                                    • must be compiled in by defining AUTOKEY during the compilation. +

                                        +
                                      • must be compiled in by defining AUTOKEY during the compilation.
                                      -

                                      This option has no ‘doc’ documentation. +

                                      This option has no ‘doc’ documentation.

                                      -
                                      +
                                      +
                                      +

                                      -Next: , Previous: , Up: ntp-keygen Invocation  

                                      +Next: , Previous: , Up: Invoking ntp-keygen  

                                      -

                                      1.2.22 presetting/configuring ntp-keygen

                                      +

                                      1.2.22 presetting/configuring ntp-keygen

                                      -

                                      Any option that is not marked as not presettable may be preset by -loading values from configuration ("rc" or "ini") files, and values from environment variables named NTP-KEYGEN and NTP-KEYGEN_<OPTION_NAME>. <OPTION_NAME> must be one of +

                                      Any option that is not marked as not presettable may be preset by +loading values from configuration ("rc" or "ini") files, and values from environment variables named NTP-KEYGEN and NTP-KEYGEN_<OPTION_NAME>. <OPTION_NAME> must be one of the options listed above in upper case and segmented with underscores. -The NTP-KEYGEN variable will be tokenized and parsed like +The NTP-KEYGEN variable will be tokenized and parsed like the command line. The remaining variables are tested for existence and their values are treated like option arguments.

                                      -

                                      libopts will search in 2 places for configuration files: -

                                        -
                                      • $HOME -
                                      • $PWD +

                                        libopts will search in 2 places for configuration files: +

                                          +
                                        • $HOME +
                                        • $PWD
                                        -

                                        The environment variables HOME, and PWD -are expanded and replaced when ntp-keygen runs. +

                                        The environment variables HOME, and PWD +are expanded and replaced when ntp-keygen runs. For any of these that are plain files, they are simply processed. -For any that are directories, then a file named .ntprc is searched for +For any that are directories, then a file named .ntprc is searched for within that directory and processed.

                                        Configuration files may be in a wide variety of formats. @@ -1822,98 +1783,109 @@ lines by escaping the newline with a backslash. Common options are collected at the top, followed by program specific segments. The segments are separated by lines like:

                                        -
                                        [NTP-KEYGEN]
+
                                        [NTP-KEYGEN]

                                        or by

                                        -
                                        <?program ntp-keygen>
+
                                        <?program ntp-keygen>

                                        Do not mix these styles within one configuration file.

                                        Compound values and carefully constructed string values may also be specified using XML syntax:

                                        -
                                        <option-name>
+
                                        <option-name>
    <sub-opt>...&lt;...&gt;...</sub-opt>
 </option-name>
                                        -

                                        yielding an option-name.sub-opt string value of +

                                        yielding an option-name.sub-opt string value of

                                        -
                                        "...<...>..."
+
                                        "...<...>..."
                                        -

                                        AutoOpts does not track suboptions. You simply note that it is a -hierarchicly valued option. AutoOpts does provide a means for searching +

                                        AutoOpts does not track suboptions. You simply note that it is a +hierarchicly valued option. AutoOpts does provide a means for searching the associated name/value pair list (see: optionFindValue).

                                        The command line options relating to configuration and/or usage help are:

                                        -

                                        version (-)

                                        +

                                        version (-)

                                        Print the program version to standard out, optionally with licensing information, then exit 0. The optional argument specifies how much licensing detail to provide. The default is to print just the version. The licensing information may be selected with an option argument. Only the first letter of the argument is examined:

                                        -
                                        -
                                        version
                                        +
                                        +
                                        version

                                        Only print the version. This is the default.

                                        -
                                        copyright
                                        +
                                        copyright

                                        Name the copyright usage licensing terms.

                                        -
                                        verbose
                                        +
                                        verbose

                                        Print the full copyright usage licensing terms.

                                        -
                                        +
                                        +
                                        +

                                        -Next: , Previous: , Up: ntp-keygen Invocation  

                                        +Next: , Previous: , Up: Invoking ntp-keygen  

                                        -

                                        1.2.23 ntp-keygen exit status

                                        +

                                        1.2.23 ntp-keygen exit status

                                        One of the following exit values will be returned: -

                                        -
                                        0 (EXIT_SUCCESS)
                                        +

                                        +
                                        0 (EXIT_SUCCESS)

                                        Successful program execution.

                                        -
                                        1 (EXIT_FAILURE)
                                        +
                                        1 (EXIT_FAILURE)

                                        The operation failed or the command syntax was not valid.

                                        -
                                        66 (EX_NOINPUT)
                                        +
                                        66 (EX_NOINPUT)

                                        A specified configuration file could not be loaded.

                                        -
                                        70 (EX_SOFTWARE)
                                        +
                                        70 (EX_SOFTWARE)

                                        libopts had an internal operational error. Please report it to autogen-users@lists.sourceforge.net. Thank you.

                                        -
                                        +
                                        +
                                        +

                                        -Next: , Previous: , Up: ntp-keygen Invocation  

                                        +Next: , Previous: , Up: Invoking ntp-keygen  

                                        -

                                        1.2.24 ntp-keygen Usage

                                        +

                                        1.2.24 ntp-keygen Usage

                                        -
                                        +
                                        +
                                        +

                                        -Next: , Previous: , Up: ntp-keygen Invocation  

                                        +Next: , Previous: , Up: Invoking ntp-keygen  

                                        -

                                        1.2.25 ntp-keygen Notes

                                        +

                                        1.2.25 ntp-keygen Notes

                                        -
                                        +
                                        +
                                        +

                                        -Previous: , Up: ntp-keygen Invocation  

                                        +Previous: , Up: Invoking ntp-keygen  

                                        -

                                        1.2.26 ntp-keygen Bugs

                                        +

                                        1.2.26 ntp-keygen Bugs

                                        -
                                        +
                                        +
                                        +
                                        +

                                        -Next: , Previous: , Up: Top  

                                        +Next: , Previous: , Up: NTP Key Generation Program User Manual  

                                        -

                                        1.3 Random Seed File

                                        +

                                        1.3 Random Seed File

                                        All cryptographically sound key generation schemes must have means to randomize the entropy seed used to initialize the internal @@ -1921,32 +1893,34 @@ pseudo-random number generator used by the OpenSSL library routines. If a site supports ssh, it is very likely that means to do this are already available. The entropy seed used by the OpenSSL library is contained in a file, -usually called .rnd, which must be available when -starting the ntp-keygen program or ntpd daemon. +usually called .rnd, which must be available when +starting the ntp-keygen program or ntpd daemon.

                                        The OpenSSL library looks for the file using the path specified by the -RANDFILE environment variable in the user home directory, whether root +RANDFILE environment variable in the user home directory, whether root or some other user. -If the RANDFILE environment variable is not -present, the library looks for the .rnd file in the user home +If the RANDFILE environment variable is not +present, the library looks for the .rnd file in the user home directory. -Since both the ntp-keygen program and ntpd daemon must run -as root, the logical place to put this file is in /.rnd or -/root/.rnd. +Since both the ntp-keygen program and ntpd daemon must run +as root, the logical place to put this file is in /.rnd or +/root/.rnd. If the file is not available or cannot be written, the program exits with a message to the system log.

                                        -
                                        +
                                        +
                                        +

                                        -Previous: , Up: Top  

                                        +Previous: , Up: NTP Key Generation Program User Manual  

                                        -

                                        1.4 Cryptographic Data Files

                                        +

                                        1.4 Cryptographic Data Files

                                        -

                                        File and link names are in the form ntpkey_key_name.fstamp, -where key is the key or parameter type, -name is the host or group name and -fstamp is the filestamp (NTP seconds) when the file was created). +

                                        File and link names are in the form ntpkey_key_name.fstamp, +where key is the key or parameter type, +name is the host or group name and +fstamp is the filestamp (NTP seconds) when the file was created). By convention, key names in generated file names include both upper and lower case characters, while key names in generated link names include only lower case characters. The filestamp is not used in generated link @@ -1961,23 +1935,23 @@ server files for responses have a key subtype, as in the GQ response GQkey.

                                        All files begin with two nonencrypted lines. The first line contains -the file name in the format ntpkey_key_host.fstamp. +the file name in the format ntpkey_key_host.fstamp. The second line contains the datestamp in conventional Unix date format. -Lines beginning with # are ignored. +Lines beginning with # are ignored.

                                        The remainder of the file contains cryptographic data encoded first using ASN.1 rules, then encrypted using the DES-CBC algorithm with given password and finally written in PEM-encoded printable ASCII text preceded and followed by MIME content identifier lines.

                                        -

                                        The format of the symmetric keys file, ordinarily named ntp.keys, +

                                        The format of the symmetric keys file, ordinarily named ntp.keys, is somewhat different than the other files in the interest of backward compatibility. Ordinarily, the file is generated by this program, but it can be constructed and edited using an ordinary text editor.

                                        -
                                        # ntpkey_MD5key_hms.local.3564038757
+
                                        # ntpkey_MD5key_hms.local.3564038757
 # Sun Dec  9 02:45:57 2012
 
  1 MD5 "]!ghT%O;3)WJ,/Nc:>I  # MD5 key
@@ -2026,26 +2000,28 @@ An OpenSSL
 key consists of a hex-encoded ASCII string of 40 characters, which is
 truncated as necessary.
 
                                        
-
                                        Note that the keys used by the ntpq and ntpdc programs are
+
                                        Note that the keys used by the ntpq and ntpdc programs are
 checked against passwords requested by the programs and entered by hand,
 so it
 is generally appropriate to specify these keys in human readable ASCII
 format.
 
                                        
-
                                        The ntp-keygen program generates a MD5 symmetric keys file
-ntpkey_MD5key_hostname.filestamp.
+
                                        The ntp-keygen program generates a MD5 symmetric keys file
+ntpkey_MD5key_hostname.filestamp.
 Since the file contains private
 shared keys, it should be visible only to root and distributed by
 secure means to other subnet hosts.
-The NTP daemon loads the file ntp.keys, so ntp-keygen
+The NTP daemon loads the file ntp.keys, so ntp-keygen
 installs a soft link from this name to the generated file.
 Subsequently, similar soft links must be installed by
 manual or automated means on the other subnet hosts.
 While this file is
 not used with the Autokey Version 2 protocol, it is needed to
-authenticate some remote configuration commands used by the ntpq and
-ntpdc utilities.
-
                                        
+authenticate some remote configuration commands used by the ntpq and
+ntpdc utilities.
+
                                        +
                                        +
                                        diff --git a/util/ntp-keygen.man.in b/util/ntp-keygen.man.in index 149553015..57d182980 100644 --- a/util/ntp-keygen.man.in +++ b/util/ntp-keygen.man.in @@ -10,11 +10,11 @@ .ds B-Font B .ds I-Font I .ds R-Font R -.TH ntp-keygen @NTP_KEYGEN_MS@ "06 Jun 2023" "ntp (4.2.8p17)" "User Commands" +.TH ntp-keygen @NTP_KEYGEN_MS@ "07 Jan 2024" "ntp (4.2.8p17)" "User Commands" .\" .\" EDIT THIS FILE WITH CAUTION (in-mem file) .\" -.\" It has been AutoGen-ed June 6, 2023 at 04:38:32 AM by AutoGen 5.18.16 +.\" It has been AutoGen-ed January 7, 2024 at 12:35:09 AM by AutoGen 5.18.16 .\" From the definitions ntp-keygen-opts.def .\" and the template file agman-cmd.tpl .SH NAME @@ -1351,7 +1351,7 @@ it to autogen-users@lists.sourceforge.net. Thank you. .SH "AUTHORS" The University of Delaware and Network Time Foundation .SH "COPYRIGHT" -Copyright (C) 1992-2023 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992-2024 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .SH BUGS It can take quite a while to generate some cryptographic values. diff --git a/util/ntp-keygen.mdoc.in b/util/ntp-keygen.mdoc.in index 44b1954cc..524849db6 100644 --- a/util/ntp-keygen.mdoc.in +++ b/util/ntp-keygen.mdoc.in @@ -1,9 +1,9 @@ -.Dd June 6 2023 +.Dd January 7 2024 .Dt NTP_KEYGEN @NTP_KEYGEN_MS@ User Commands .Os .\" EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.mdoc) .\" -.\" It has been AutoGen-ed June 6, 2023 at 04:38:27 AM by AutoGen 5.18.16 +.\" It has been AutoGen-ed January 7, 2024 at 12:35:05 AM by AutoGen 5.18.16 .\" From the definitions ntp-keygen-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -1208,7 +1208,7 @@ it to autogen\-users@lists.sourceforge.net. Thank you. .Sh "AUTHORS" The University of Delaware and Network Time Foundation .Sh "COPYRIGHT" -Copyright (C) 1992\-2023 The University of Delaware and Network Time Foundation all rights reserved. +Copyright (C) 1992\-2024 The University of Delaware and Network Time Foundation all rights reserved. This program is released under the terms of the NTP license, . .Sh BUGS It can take quite a while to generate some cryptographic values.