From: Harlan Stenn Date: Tue, 25 Dec 2012 11:20:12 +0000 (+0000) Subject: ntp-wait, ntpd, ntpdc, ntpq, ntpsnmpd autogen documentation updates X-Git-Tag: NTP_4_2_7P339~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e4506cfc4fb93b4c1ebe6c7625b1efabff8fd6cb;p=thirdparty%2Fntp.git ntp-wait, ntpd, ntpdc, ntpq, ntpsnmpd autogen documentation updates bk: 50d98beccvLwGTFC5QgzLy5Hzv4kXA --- diff --git a/.point-changed-filelist b/.point-changed-filelist index fa298aff6..d64ada172 100644 --- a/.point-changed-filelist +++ b/.point-changed-filelist @@ -40,6 +40,7 @@ ntpsnmpd/ntpsnmpd-opts.c ntpsnmpd/ntpsnmpd-opts.h ntpsnmpd/ntpsnmpd.1ntpsnmpdman ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc +ntpsnmpd/ntpsnmpd.html ntpsnmpd/ntpsnmpd.man.in ntpsnmpd/ntpsnmpd.mdoc.in packageinfo.sh diff --git a/ChangeLog b/ChangeLog index 7e6790512..0b0a14dee 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,4 @@ +* ntp-wait, ntpd, ntpdc, ntpq, ntpsnmpd autogen documentation updates. * mdoc2texi fixes: Handle_ArCmFlIc, Handle_Fn, HandleQ. * ntp-keygen autogen documentation updates. * ntpq autogen docs. diff --git a/ntpd/ntpd.html b/ntpd/ntpd.html index 99501ac0f..cc43a7162 100644 --- a/ntpd/ntpd.html +++ b/ntpd/ntpd.html @@ -3,7 +3,7 @@ ntpd: Network Time Protocol (NTP) Daemon User's Manual - + @@ -14,18 +14,20 @@ pre.smallformat { font-family:inherit; font-size:smaller } pre.smallexample { font-size:smaller } pre.smalllisp { font-size:smaller } - span.sc { font-variant:small-caps } - span.roman { font-family: serif; font-weight: normal; } + span.sc { font-variant:small-caps } + span.roman { font-family:serif; font-weight:normal; } + span.sansserif { font-family:sans-serif; font-weight:normal; } -->

ntpd: Network Time Protocol (NTP) Daemon User's Manual

-Next: ntpd Description, +Next: ntpd Description, Previous: (dir), Up: (dir) -
+

ntpd: Network Time Protocol (NTP) Daemon User Manual

@@ -39,7 +41,7 @@ The program can operate in any of several modes, including client/server, symmetric and broadcast modes, and with both symmetric-key and public-key cryptography. -

This document applies to version {No value for `VERSION'} of ntpd. +

This document applies to version 4.2.7p337 of ntpd.

-
+

+ +

@@ -78,9 +81,10 @@ If nothing is heard after a few minutes' time, the daemon times out and exits without setting the clock.

-
+

+ +

Invoking ntpd

@@ -160,7 +164,7 @@ using the agtexi-cmd template and the option descriptions for the < This software is released under the NTP license, <http://ntp.org/license>.

-Next: ntpd ipv4, +Next: ntpd ipv4, Up: ntpd Invocation -
+

ntpd help/usage (--help)

ntpd help/usage (`--help`)

This is the automatically generated usage text for ntpd.

The text printed is the same whether selected with the help option -(--help) or the more-help option (--more-help). more-help will print +(--help) or the more-help option (--more-help). more-help will print the usage text by passing it through a pager program. more-help is disabled on platforms without a working fork(2) function. The PAGER environment variable is -used to select the program, defaulting to more. Both will exit +used to select the program, defaulting to more. Both will exit with a status code of 0. -

ntpd - NTP daemon program - Ver. 4.2.7p336
+ntpd - NTP daemon program - Ver. 4.2.7p337
 USAGE:  ntpd [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \
                 [ <server1> ... <serverN> ]
   Flg Arg Option-Name    Description
@@ -294,11 +299,12 @@ The following option preset mechanisms are supported:
 please send bug reports to:  http://bugs.ntp.org, bugs@ntp.org
 
   
+
 

-Next: ntpd ipv6,
+Next: ntpd ipv6,
 Previous: ntpd usage,
 Up: ntpd Invocation
-

+
 
 
 ipv4 option (-4)
@@ -315,11 +321,12 @@ ipv6.
   Force DNS resolution of following host names on the command line
 to the IPv4 namespace. 
 

+
 

-Next: ntpd authreq,
+Next: ntpd authreq,
 Previous: ntpd ipv4,
 Up: ntpd Invocation
-

+
 
 
 ipv6 option (-6)
@@ -336,11 +343,12 @@ ipv4.
   Force DNS resolution of following host names on the command line
 to the IPv6 namespace. 
 

+
 

-Next: ntpd authnoreq,
+Next: ntpd authnoreq,
 Previous: ntpd ipv6,
 Up: ntpd Invocation
-

+
 
 
 authreq option (-a)
@@ -358,11 +366,12 @@ authnoreq.
 multicast client and symmetric passive associations. 
 This is the default. 
 
+
 

-Next: ntpd configfile,
+Next: ntpd configfile,
 Previous: ntpd authreq,
 Up: ntpd Invocation
-

+
 
 
 authnoreq option (-A)
@@ -380,11 +389,12 @@ authreq.
 multicast client and symmetric passive associations. 
 This is almost never a good idea. 
 
+
 

-Next: ntpd driftfile,
+Next: ntpd driftfile,
 Previous: ntpd authnoreq,
 Up: ntpd Invocation
-

+
 
 
 configfile option (-c)
@@ -393,14 +403,15 @@ Up: ntpd Invocation
 This is the “configuration file name” option. 
 This option takes an argument string. 
 The name and path of the configuration file,
-/etc/ntp.conf
+/etc/ntp.conf
 by default. 
 
+
 

-Next: ntpd panicgate,
+Next: ntpd panicgate,
 Previous: ntpd configfile,
 Up: ntpd Invocation
-

+
 
 
 driftfile option (-f)
@@ -409,19 +420,20 @@ Up: ntpd Invocation
 This is the “frequency drift file name” option. 
 This option takes an argument string. 
 The name and path of the frequency file,
-/etc/ntp.drift
+/etc/ntp.drift
 by default. 
 This is the same operation as the
 driftfile driftfile
 configuration specification in the
-/etc/ntp.conf
+/etc/ntp.conf
 file. 
 
+
 

-Next: ntpd jaildir,
+Next: ntpd jaildir,
 Previous: ntpd driftfile,
 Up: ntpd Invocation
-

+
 
 
 panicgate option (-g)
@@ -447,11 +459,12 @@ See the
 tinker
 configuration file directive for other options. 
 
+
 

-Next: ntpd interface,
+Next: ntpd interface,
 Previous: ntpd panicgate,
 Up: ntpd Invocation
-

+
 
 
 jaildir option (-i)
@@ -478,18 +491,19 @@ This option is supported under NetBSD (configure with
 --enable-clockctl) and Linux (configure with
 --enable-linuxcaps). 
 
+
 

-Next: ntpd keyfile,
+Next: ntpd keyfile,
 Previous: ntpd jaildir,
 Up: ntpd Invocation
-

+
 
 
 interface option (-I)
 
 
 This is the “listen on an interface name or address” option. 
-This option takes an argument string iface.
+This option takes an argument string iface.
 
 
This option has some usage constraints.  It:
      

@@ -502,11 +516,12 @@ also implies not opening other addresses, except wildcard and localhost.
 This option is deprecated. Please consider using the configuration file
 interface command, which is more versatile. 
 
+
 

-Next: ntpd logfile,
+Next: ntpd logfile,
 Previous: ntpd interface,
 Up: ntpd Invocation
-

+
 
 
 keyfile option (-k)
@@ -515,17 +530,18 @@ Up: ntpd Invocation
 This is the “path to symmetric keys” option. 
 This option takes an argument string. 
 Specify the name and path of the symmetric key file. 
-/etc/ntp.keys
+/etc/ntp.keys
 is the default. 
 This is the same operation as the
 keys keyfile
 configuration file directive. 
 
+
 

-Next: ntpd novirtualips,
+Next: ntpd novirtualips,
 Previous: ntpd keyfile,
 Up: ntpd Invocation
-

+
 
 
 logfile option (-l)
@@ -539,11 +555,12 @@ This is the same operation as the
 logfile logfile
 configuration file directive. 
 
+
 

-Next: ntpd modifymmtimer,
+Next: ntpd modifymmtimer,
 Previous: ntpd logfile,
 Up: ntpd Invocation
-

+
 
 
 novirtualips option (-L)
@@ -555,11 +572,12 @@ names containing a colon.  This option is deprecated.  Please
 consider using the configuration file interface command, which
 is more versatile. 
 
+
 

-Next: ntpd nice,
+Next: ntpd nice,
 Previous: ntpd novirtualips,
 Up: ntpd Invocation
-

+
 
 
 modifymmtimer option (-M)
@@ -576,11 +594,12 @@ This is the “modify multimedia timer (windows only)” option.
 ensures the resolution does not change while ntpd is running,
 avoiding timekeeping glitches associated with changes. 
 
+
 

-Next: ntpd pidfile,
+Next: ntpd pidfile,
 Previous: ntpd modifymmtimer,
 Up: ntpd Invocation
-

+
 
 
 nice option (-N)
@@ -591,11 +610,12 @@ To the extent permitted by the operating system, run
 ntpd
 at the highest priority. 
 
+
 

-Next: ntpd priority,
+Next: ntpd priority,
 Previous: ntpd nice,
 Up: ntpd Invocation
-

+
 
 
 pidfile option (-p)
@@ -610,11 +630,12 @@ This is the same operation as the
 pidfile pidfile
 configuration file directive. 
 
+
 

-Next: ntpd quit,
+Next: ntpd quit,
 Previous: ntpd pidfile,
 Up: ntpd Invocation
-

+
 
 
 priority option (-P)
@@ -628,11 +649,12 @@ at the specified
 sched_setscheduler(SCHED_FIFO)
 priority. 
 
+
 

-Next: ntpd propagationdelay,
+Next: ntpd propagationdelay,
 Previous: ntpd priority,
 Up: ntpd Invocation
-

+
 
 
 quit option (-q)
@@ -658,11 +680,12 @@ and
 options can be used with this option. 
 Note: The kernel time discipline is disabled with this option. 
 
+
 

-Next: ntpd saveconfigquit,
+Next: ntpd saveconfigquit,
 Previous: ntpd quit,
 Up: ntpd Invocation
-

+
 
 
 propagationdelay option (-r)
@@ -672,11 +695,12 @@ This is the “broadcast/propagation delay” option.
 This option takes an argument string. 
 Specify the default propagation delay from the broadcast/multicast server to this client. This is necessary only if the delay cannot be computed automatically by the protocol. 
 
+
 

-Next: ntpd statsdir,
+Next: ntpd statsdir,
 Previous: ntpd propagationdelay,
 Up: ntpd Invocation
-

+
 
 
 saveconfigquit option
@@ -696,11 +720,12 @@ quit, wait-sync.
 equivalent to the given filename and exit.  This option was
 designed for automated testing. 
 
+
 

-Next: ntpd trustedkey,
+Next: ntpd trustedkey,
 Previous: ntpd saveconfigquit,
 Up: ntpd Invocation
-

+
 
 
 statsdir option (-s)
@@ -713,18 +738,19 @@ This is the same operation as the
 statsdir statsdir
 configuration file directive. 
 
+
 

-Next: ntpd user,
+Next: ntpd user,
 Previous: ntpd statsdir,
 Up: ntpd Invocation
-

+
 
 
 trustedkey option (-t)
 
 
 This is the “trusted key number” option. 
-This option takes an argument string tkey.
+This option takes an argument string tkey.
 
 
This option has some usage constraints.  It:
      

@@ -733,11 +759,12 @@ This option takes an argument string tkey.
 
   Add the specified key number to the trusted key list. 
 

+
 

-Next: ntpd updateinterval,
+Next: ntpd updateinterval,
 Previous: ntpd trustedkey,
 Up: ntpd Invocation
-

+
 
 
 user option (-u)
@@ -758,11 +785,12 @@ This option is supported under NetBSD (configure with
 --enable-clockctl) and Linux (configure with
 --enable-linuxcaps). 
 
+
 

-Next: ntpd wait-sync,
+Next: ntpd wait-sync,
 Previous: ntpd user,
 Up: ntpd Invocation
-

+
 
 
 updateinterval option (-U)
@@ -775,11 +803,13 @@ For systems with routing socket support the scans will be performed shortly afte
 has been detected by the system. 
 Use 0 to disable scanning. 60 seconds is the minimum time between scans. 
 
+
+
 

-Next: ntpd slew,
+Next: ntpd slew,
 Previous: ntpd updateinterval,
 Up: ntpd Invocation
-

+
 
 
 wait-sync option (-w)
@@ -804,11 +834,12 @@ otherwise it is ETIMEDOUT.
 This provides the option for a script starting ntpd to easily
 wait for the first set of the clock before proceeding. 
 
+
 

-Next: ntpd usepcc,
+Next: ntpd usepcc,
 Previous: ntpd wait-sync,
 Up: ntpd Invocation
-

+
 
 
 slew option (-x)
@@ -829,11 +860,12 @@ See the
 configuration file directive for other options. 
 Note: The kernel time discipline is disabled with this option. 
 
+
 

-Next: ntpd pccfreq,
+Next: ntpd pccfreq,
 Previous: ntpd slew,
 Up: ntpd Invocation
-

+
 
 
 usepcc option
@@ -851,11 +883,12 @@ The CPU counter and QueryPerformanceCounter are compared, and if
 they have the same frequency, the CPU counter (RDTSC on x86) is
 used directly, saving the overhead of a system call. 
 
+
 

-Next: ntpd mdns,
+Next: ntpd mdns,
 Previous: ntpd usepcc,
 Up: ntpd Invocation
-

+
 
 
 pccfreq option
@@ -873,11 +906,12 @@ This option takes an argument string.
 The CPU counter (RDTSC on x86) is used unconditionally with the
 given frequency (in Hz). 
 
+
 

-Next: ntpd config,
+Next: ntpd config,
 Previous: ntpd pccfreq,
 Up: ntpd Invocation
-

+
 
 
 mdns option (-m)
@@ -894,11 +928,12 @@ This is the “register with mdns as a ntp server” option.
 the server to be discovered via mDNS client lookup.
 
 
+
 

-Next: ntpd exit status,
+Next: ntpd exit status,
 Previous: ntpd mdns,
 Up: ntpd Invocation
-

+
 
 
 presetting/configuring ntpd
@@ -920,40 +955,43 @@ detail to provide.  The default is to print just the version.  The licensing inf
 first letter of the argument is examined:
 
      
-version
Only print the version.  This is the default. 
-
copyright
Name the copyright usage licensing terms. 
-
verbose
Print the full copyright usage licensing terms. 
+
‘version’
Only print the version.  This is the default. 
+
‘copyright’
Name the copyright usage licensing terms. 
+
‘verbose’
Print the full copyright usage licensing terms. 
 
 
 
+
 

-Next: ntpd Usage,
+Next: ntpd Usage,
 Previous: ntpd config,
 Up: ntpd Invocation
-

+
 
 
 ntpd exit status
 
 One of the following exit values will be returned:
      

-0 (EXIT_SUCCESS)
Successful program execution. 
-
1 (EXIT_FAILURE)
The operation failed or the command syntax was not valid. 
+
‘0 (EXIT_SUCCESS)’
Successful program execution. 
+
‘1 (EXIT_FAILURE)’
The operation failed or the command syntax was not valid. 
 
   
+
 

-Next: ntpd Files,
+Next: ntpd Files,
 Previous: ntpd exit status,
 Up: ntpd Invocation
-

+
 
 
 ntpd Usage
 
 
-

 
-

+

+
+
 
 
 How NTP Operates
@@ -1075,7 +1113,7 @@ frequency error is so large that the first sample is outside the
 acceptable range,
 ntpd
 enters the same state as when the
-ntp.drift
+ntp.drift
 file is not present. 
 The intent of this behavior
 is to quickly correct the frequency and restore operation to the
@@ -1102,9 +1140,11 @@ but this was never more than a mediocre hack and is no longer needed.
 ntpd(8)
 that often addresses all of the problems mentioned above. 
 
-

+
 
-

+

+
+
 
 
 Starting NTP (Best Current Practice)
@@ -1115,7 +1155,7 @@ First, use the
 server entries.
 
   If you can also keep a good
-ntp.drift
+ntp.drift
 file then
 ntpd(8)
 will effectively "warm-start" and your system's clock will
@@ -1148,9 +1188,10 @@ exits successfully
 it is as safe as it will ever be to start any process that require
 stable time. 
 

-

 
-

+

+
+
 
 
 Frequency Discipline
@@ -1160,7 +1201,7 @@ The
 ntpd
 behavior at startup depends on whether the
 frequency file, usually
-ntp.drift,
+ntp.drift,
 ,
 exists. 
 This file
@@ -1188,9 +1229,10 @@ immediately.
 After that the current frequency offset is written to
 the file at hourly intervals. 
 
-

 
-

+

+
+
 
 
 Operating Modes
@@ -1205,7 +1247,7 @@ manycast, as described in the
 page
 (available as part of the HTML documentation
 provided in
-/usr/share/doc/ntp). 
+/usr/share/doc/ntp). 
 )
 . 
 It normally operates continuously while
@@ -1295,9 +1337,10 @@ At each startup, the
 frequency is read from the file and initializes the kernel
 frequency. 
 
-

 
-

+

+
+
 
 
 Poll Interval Control
@@ -1339,7 +1382,7 @@ At a minimum of 1,024
 s, for example, the capture range is only 31 PPM. 
 If the intrinsic
 error is greater than this, the drift file
-ntp.drift
+ntp.drift
 will
 have to be specially tailored to reduce the residual error below
 this limit. 
@@ -1347,9 +1390,11 @@ Once this is done, the drift file is automatically
 updated once per hour and is available to initialize the frequency
 on subsequent daemon restarts. 
 
-

+
 
-

+

+
+
 
 
 The huff-n'-puff Filter
@@ -1387,26 +1432,28 @@ offset.
 huffpuff keyword, as described in
 ntp.conf(5). 
 
+
 

-Next: ntpd See Also,
+Next: ntpd See Also,
 Previous: ntpd Usage,
 Up: ntpd Invocation
-

+
 
 
 ntpd Files
 
      
-Pa
the default name of the configuration file
-
Pa
the default name of the drift file
-
Pa
the default name of the key file
+
‘Pa’
the default name of the configuration file
+
‘Pa’
the default name of the drift file
+
‘Pa’
the default name of the key file
 
 
+
 

-Next: ntpd Bugs,
+Next: ntpd Bugs,
 Previous: ntpd Files,
 Up: ntpd Invocation
-

+
 
 
 ntpd See Also
@@ -1423,7 +1470,7 @@ at
 http://www.ntp.org/
 . 
 A snapshot of this documentation is available in HTML format in
-/usr/share/doc/ntp. 
+/usr/share/doc/ntp. 
 . 
 .Rs
 .%A
@@ -1561,11 +1608,12 @@ DHCPv6
 RFC5908
 .Re
 
+
 

-Next: ntpd Notes,
+Next: ntpd Notes,
 Previous: ntpd See Also,
 Up: ntpd Invocation
-

+
 
 
 ntpd Bugs
@@ -1581,10 +1629,11 @@ the fancy features which consume the space were designed more with
 a busy primary server, rather than a high stratum workstation in
 mind. 
 
+
 

-Previous: ntpd Bugs,
+Previous: ntpd Bugs,
 Up: ntpd Invocation
-

+
 
 
 ntpd Notes
@@ -1593,9 +1642,10 @@ Up: ntpd Invocation
 Portions of this document came from FreeBSD.
 
 
-

 
-

+

+
+
 
 
      
diff --git a/ntpd/ntpd.texi b/ntpd/ntpd.texi
index 7eb86675c..0ac091b47 100644
--- a/ntpd/ntpd.texi
+++ b/ntpd/ntpd.texi
@@ -2,7 +2,7 @@
 @c %**start of header
 @setfilename ntpd.info
 @settitle ntpd: Network Time Protocol (NTP) Daemon User's Manual
-@include include/version.texi
+@include ../sntp/include/version.texi
 @paragraphindent 2
 @c %**end of header
 
diff --git a/ntpdc/ntpdc.html b/ntpdc/ntpdc.html
index 25732f730..96e1b8a46 100644
--- a/ntpdc/ntpdc.html
+++ b/ntpdc/ntpdc.html
@@ -3,7 +3,7 @@
 ntpdc: NTPD Control User's Manual
 
 
-
+
 
 
 
@@ -14,18 +14,20 @@
   pre.smallformat  { font-family:inherit; font-size:smaller }
   pre.smallexample { font-size:smaller }
   pre.smalllisp    { font-size:smaller }
-  span.sc { font-variant:small-caps }
-  span.roman { font-family: serif; font-weight: normal; } 
+  span.sc    { font-variant:small-caps }
+  span.roman { font-family:serif; font-weight:normal; } 
+  span.sansserif { font-family:sans-serif; font-weight:normal; } 
 -->
 
 
 ntpdc: NTPD Control User's Manual
 
+
 

-Next: ntpdc Description,
+Next: ntpdc Description,
 Previous: (dir),
 Up: (dir)
-

+
 
 
 ntpdc: NTPD Control User Manual
@@ -41,6 +43,13 @@ well.  It can be run as an interactive command or from a cron job.
   The program implements the SNTP protocol as defined by RFC 5905, the NTPv4
 IETF specification.
 
+                      

+Short Contents
+
+ntpdc: NTPD Control User Manual
+
+
+
 
 ntpdc Description:             Description
 
ntpdc Invocation: 		Invoking ntpdc
@@ -48,9 +57,10 @@ IETF specification.
 
 
 
-

 
-

+

+
+
 
 
 
@@ -69,9 +79,10 @@ the +4.567 +/- 0.089 secs indicates the time offset and
 error bound of the system clock relative to the server clock.
 
 
-

 
-

+

+
+
 
 
 Invoking ntpdc
@@ -101,7 +112,7 @@ using the agtexi-cmd template and the option descriptions for the <
 This software is released under the NTP license, <http://ntp.org/license>.
 
 
-ntpdc usage:                   ntpdc help/usage (--help)
+
ntpdc usage:                   ntpdc help/usage (--help)
 
ntpdc ipv4:                    ipv4 option (-4)
 
ntpdc ipv6:                    ipv6 option (-6)
 
ntpdc command:                 command option (-c)
@@ -119,23 +130,24 @@ This software is released under the NTP license, <http://ntp.org/license>.
 
 
 
+
 

-Next: ntpdc ipv4,
+Next: ntpdc ipv4,
 Up: ntpdc Invocation
-

+
 
 
-ntpdc help/usage (--help)
+ntpdc help/usage (--help)
 
 
 This is the automatically generated usage text for ntpdc.
 
   
The text printed is the same whether selected with the help option
-(--help) or the more-help option (--more-help).  more-help will print
+(--help) or the more-help option (--more-help).  more-help will print
 the usage text by passing it through a pager program. 
 more-help is disabled on platforms without a working
 fork(2) function.  The PAGER environment variable is
-used to select the program, defaulting to more.  Both will exit
+used to select the program, defaulting to more.  Both will exit
 with a status code of 0.
 
 
ntpdc - vendor-specific NTPD control program - Ver. 4.2.7p337
@@ -190,11 +202,12 @@ The following option preset mechanisms are supported:
 please send bug reports to:  http://bugs.ntp.org, bugs@ntp.org
 
   
+
 

-Next: ntpdc ipv6,
+Next: ntpdc ipv6,
 Previous: ntpdc usage,
 Up: ntpdc Invocation
-

+
 
 
 ipv4 option (-4)
@@ -211,11 +224,12 @@ ipv6.
   Force DNS resolution of following host names on the command line
 to the IPv4 namespace. 
 

+
 

-Next: ntpdc command,
+Next: ntpdc command,
 Previous: ntpdc ipv4,
 Up: ntpdc Invocation
-

+
 
 
 ipv6 option (-6)
@@ -232,18 +246,19 @@ ipv4.
   Force DNS resolution of following host names on the command line
 to the IPv6 namespace. 
 

+
 

-Next: ntpdc interactive,
+Next: ntpdc interactive,
 Previous: ntpdc ipv6,
 Up: ntpdc Invocation
-

+
 
 
 command option (-c)
 
 
 This is the “run a command and exit” option. 
-This option takes an argument string cmd.
+This option takes an argument string cmd.
 
 
This option has some usage constraints.  It:
      

@@ -254,11 +269,12 @@ This option takes an argument string cmd.
 and is added to the list of commands to be executed on the specified
 host(s). 
 
+
 

-Next: ntpdc listpeers,
+Next: ntpdc listpeers,
 Previous: ntpdc command,
 Up: ntpdc Invocation
-

+
 
 
 interactive option (-i)
@@ -275,11 +291,12 @@ command, listpeers, peers, showpeers.
   Force ntpq to operate in interactive mode.  Prompts will be written
 to the standard output and commands read from the standard input. 
 

+
 

-Next: ntpdc numeric,
+Next: ntpdc numeric,
 Previous: ntpdc interactive,
 Up: ntpdc Invocation
-

+
 
 
 listpeers option (-l)
@@ -296,11 +313,12 @@ command.
   Print a list of the peers known to the server as well as a summary of
 their state. This is equivalent to the 'listpeers' interactive command. 
 

+
 

-Next: ntpdc peers,
+Next: ntpdc peers,
 Previous: ntpdc listpeers,
 Up: ntpdc Invocation
-

+
 
 
 numeric option (-n)
@@ -310,11 +328,12 @@ This is the “numeric host addresses” option.
 Output all host addresses in dotted-quad numeric format rather than
 converting to the canonical host names. 
 
+
 

-Next: ntpdc showpeers,
+Next: ntpdc showpeers,
 Previous: ntpdc numeric,
 Up: ntpdc Invocation
-

+
 
 
 peers option (-p)
@@ -331,11 +350,12 @@ command.
   Print a list of the peers known to the server as well as a summary
 of their state. This is equivalent to the 'peers' interactive command. 
 

+
 

-Next: ntpdc config,
+Next: ntpdc config,
 Previous: ntpdc peers,
 Up: ntpdc Invocation
-

+
 
 
 showpeers option (-s)
@@ -353,11 +373,12 @@ command.
 of their state. This is equivalent to the 'dmpeers' interactive command.
 
 
+
 

-Next: ntpdc exit status,
+Next: ntpdc exit status,
 Previous: ntpdc showpeers,
 Up: ntpdc Invocation
-

+
 
 
 presetting/configuring ntpdc
@@ -375,9 +396,9 @@ values are treated like option arguments.
 $PWD
 
   The environment variables HOME, and PWD
-are expanded and replaced when ntpdc runs. 
+are expanded and replaced when ntpdc runs. 
 For any of these that are plain files, they are simply processed. 
-For any that are directories, then a file named .ntprc is searched for
+For any that are directories, then a file named .ntprc is searched for
 within that directory and processed.
 
   Configuration files may be in a wide variety of formats. 
@@ -419,35 +440,37 @@ detail to provide.  The default is to print just the version.  The licensing inf
 first letter of the argument is examined:
 
      

-version
Only print the version.  This is the default. 
-
copyright
Name the copyright usage licensing terms. 
-
verbose
Print the full copyright usage licensing terms. 
+
‘version’
Only print the version.  This is the default. 
+
‘copyright’
Name the copyright usage licensing terms. 
+
‘verbose’
Print the full copyright usage licensing terms. 
 
 
 
+
 

-Next: ntpdc Usage,
+Next: ntpdc Usage,
 Previous: ntpdc config,
 Up: ntpdc Invocation
-

+
 
 
 ntpdc exit status
 
 One of the following exit values will be returned:
      

-0 (EXIT_SUCCESS)
Successful program execution. 
-
1 (EXIT_FAILURE)
The operation failed or the command syntax was not valid. 
-
66 (EX_NOINPUT)
A specified configuration file could not be loaded. 
-
70 (EX_SOFTWARE)
libopts had an internal operational error.  Please report
+
‘0 (EXIT_SUCCESS)’
Successful program execution. 
+
‘1 (EXIT_FAILURE)’
The operation failed or the command syntax was not valid. 
+
‘66 (EX_NOINPUT)’
A specified configuration file could not be loaded. 
+
‘70 (EX_SOFTWARE)’
libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you. 
 
   
+
 

-Next: ntpdc See Also,
+Next: ntpdc See Also,
 Previous: ntpdc exit status,
 Up: ntpdc Invocation
-

+
 
 
 ntpdc Usage
@@ -513,9 +536,10 @@ will
 attempt to read interactive format commands from the standard
 input. 
 
-

 
-

+

+
+
 
 
 Interactive Commands
@@ -528,7 +552,7 @@ uniquely identify the command need be typed.
 The output of a
 command is normally sent to the standard output, but optionally the
 output of individual commands may be sent to a file by appending a
-\&>,
+‘\&>,’
 followed by a file name, to the command line.
 
   A number of interactive format commands are executed entirely
@@ -539,13 +563,13 @@ mode 7 requests being sent to a server.
 These are described
 following.
      

-Ic
Ic
A
-Ic\&? 
+
‘Ic’
‘Ic’
A
+‘Ic\&?’
 will print a list of all the command
 keywords known to this incarnation of
 ntpdc. 
 A
-Ic\&? 
+‘Ic\&?’
 followed by a command keyword will print function and usage
 information about the command. 
 This command is probably a better
@@ -553,7 +577,7 @@ source of information about
 ntpq(8)
 than this manual
 page. 
-
Ic
Specify a time interval to be added to timestamps included in
+
‘Ic’
Specify a time interval to be added to timestamps included in
 requests which require authentication. 
 This is used to enable
 (unreliable) server reconfiguration over long delay network paths
@@ -561,10 +585,10 @@ or between machines whose clocks are unsynchronized.
 Actually the
 server does not now require timestamps in authenticated requests,
 so this command may be obsolete. 
-
Ic
Set the host to which future queries will be sent. 
+
‘Ic’
Set the host to which future queries will be sent. 
 Hostname may
 be either a host name or a numeric address. 
-
Ic
If
+
‘Ic’
If
 yes is specified, host names are printed in
 information displays. 
 If
@@ -574,20 +598,20 @@ The default is
 yes, unless
 modified using the command line
 -n switch. 
-
Ic
This command allows the specification of a key number to be
+
‘Ic’
This command allows the specification of a key number to be
 used to authenticate configuration requests. 
 This must correspond
 to a key number the server has been configured to use for this
 purpose. 
-
Ic
Exit
+
‘Ic’
Exit
 ntpdc. 
-
Ic
This command prompts you to type in a password (which will not
+
‘Ic’
This command prompts you to type in a password (which will not
 be echoed) which will be used to authenticate configuration
 requests. 
 The password must correspond to the key configured for
 use by the NTP server for this purpose if such requests are to be
 successful. 
-
Ic
Specify a timeout period for responses to server queries. 
+
‘Ic’
Specify a timeout period for responses to server queries. 
 The
 default is about 8000 milliseconds. 
 Note that since
@@ -596,9 +620,10 @@ retries each query once after a timeout, the total waiting time for
 a timeout will be twice the timeout value set.
 
 
-

 
-

+

+
+
 
 
 Control Message Commands
@@ -610,13 +635,13 @@ These are read-only commands
 in that they make no modification of the server configuration
 state.
           
-Ic
Obtains and prints a brief list of the peers for which the
+
‘Ic’
Obtains and prints a brief list of the peers for which the
 server is maintaining state. 
 These should include all configured
 peer associations as well as those peers whose stratum is such that
 they are considered by the server to be possible future
 synchronization candidates. 
-
Ic
Obtains a list of peers for which the server is maintaining
+
‘Ic’
Obtains a list of peers for which the server is maintaining
 state, along with a summary of that state. 
 Summary information
 includes the address of the remote peer, the local interface
@@ -629,20 +654,522 @@ offset and dispersion of the peer, all in seconds.
           The character in the left margin indicates the mode this peer
 entry is operating in. 
 A
-\&+
+‘\&+’
 denotes symmetric active, a
-\&-
+‘\&-’
 indicates symmetric passive, a
-\&=
+‘\&=’
 means the
 remote server is being polled in client mode, a
-\&^
+‘\&^’
 indicates that the server is broadcasting to this address, a
-\&~
+‘\&~’
 denotes that the remote peer is sending broadcasts and a
-\&~
+‘\&~’
 denotes that the remote peer is sending broadcasts and a
-\&*
+‘\&*’
 marks the peer the server is currently synchronizing
 to.
 
+          
The contents of the host field may be one of four forms. 
+It may
+be a host name, an IP address, a reference clock implementation
+name with its parameter or
+.Fn
+REFCLK
+"implementation_number"
+"parameter"
+. 
+On
+hostnames no only IP-addresses
+will be displayed. 
+
‘Ic’
A slightly different peer summary list. 
+Identical to the output
+of the
+peers command, except for the character in the
+leftmost column. 
+Characters only appear beside peers which were
+included in the final stage of the clock selection algorithm. 
+A
+‘\&.’
+indicates that this peer was cast off in the falseticker
+detection, while a
+‘\&+’
+indicates that the peer made it
+through. 
+A
+‘\&*’
+denotes the peer the server is currently
+synchronizing with. 
+
‘Ic’
Shows a detailed display of the current peer variables for one
+or more peers. 
+Most of these values are described in the NTP
+Version 2 specification. 
+
‘Ic’
Show per-peer statistic counters associated with the specified
+peer(s). 
+
‘Ic’
Obtain and print information concerning a peer clock. 
+The
+values obtained provide information on the setting of fudge factors
+and other clock performance information. 
+
‘Ic’
Obtain and print kernel phase-lock loop operating parameters. 
+This information is available only if the kernel has been specially
+modified for a precision timekeeping function. 
+
‘Ic’
Print the values of selected loop filter variables. 
+The loop
+filter is the part of NTP which deals with adjusting the local
+system clock. 
+The
+‘offset’
+is the last offset given to the
+loop filter by the packet processing code. 
+The
+‘frequency’
+is the frequency error of the local clock in parts-per-million
+(ppm). 
+The
+‘time_const’
+controls the stiffness of the
+phase-lock loop and thus the speed at which it can adapt to
+oscillator drift. 
+The
+‘watchdogtimer’
+value is the number
+of seconds which have elapsed since the last sample offset was
+given to the loop filter. 
+The
+oneline and
+multiline options specify the format in which this
+information is to be printed, with
+multiline as the
+default. 
+
‘Ic’
Print a variety of system state variables, i.e., state related
+to the local server. 
+All except the last four lines are described
+in the NTP Version 3 specification, RFC-1305.
+
+          The
+‘systemflags’
+show various system flags, some of
+which can be set and cleared by the
+enable and
+disable configuration commands, respectively. 
+These are
+the
+auth, bclient, monitor, pll, pps and
+stats flags. 
+See the
+ntpd(8)
+documentation for the meaning of these flags. 
+There
+are two additional flags which are read only, the
+kernel_pll and
+kernel_pps. These flags indicate
+the synchronization status when the precision time kernel
+modifications are in use. 
+The
+‘kernel_pll’
+indicates that
+the local clock is being disciplined by the kernel, while the
+‘kernel_pps’
+indicates the kernel discipline is provided by the PPS
+signal.
+
+          
The
+‘stability’
+is the residual frequency error remaining
+after the system frequency correction is applied and is intended for
+maintenance and debugging. 
+In most architectures, this value will
+initially decrease from as high as 500 ppm to a nominal value in
+the range .01 to 0.1 ppm. 
+If it remains high for some time after
+starting the daemon, something may be wrong with the local clock,
+or the value of the kernel variable
+.Va
+kern.clockrate.tick
+may be
+incorrect.
+
+          
The
+‘broadcastdelay’
+shows the default broadcast delay,
+as set by the
+broadcastdelay configuration command.
+
+          
The
+‘authdelay’
+shows the default authentication delay,
+as set by the
+authdelay configuration command. 
+
‘Ic’
Print statistics counters maintained in the protocol
+module. 
+
‘Ic’
Print statistics counters related to memory allocation
+code. 
+
‘Ic’
Print statistics counters maintained in the input-output
+module. 
+
‘Ic’
Print statistics counters maintained in the timer/event queue
+support code. 
+
‘Ic’
Obtain and print the server's restriction list. 
+This list is
+(usually) printed in sorted order and may help to understand how
+the restrictions are applied. 
+
‘Ic’
Obtain and print traffic counts collected and maintained by the
+monitor facility. 
+The version number should not normally need to be
+specified. 
+
‘Ic’
Obtain debugging information for a reference clock driver. 
+This
+information is provided only by some clock drivers and is mostly
+undecodable without a copy of the driver source in hand.
+
+
+
+

+
+
+
+
+Runtime Configuration Requests
+
+          Runtime Configuration Requests
+All requests which cause state changes in the server are
+authenticated by the server using a configured NTP key (the
+facility can also be disabled by the server by not configuring a
+key). 
+The key number and the corresponding key must also be made
+known to
+ntpdc. 
+This can be done using the
+keyid and
+passwd commands, the latter of which will prompt at the terminal for a
+password to use as the encryption key. 
+You will also be prompted
+automatically for both the key number and password the first time a
+command which would result in an authenticated request to the
+server is given. 
+Authentication not only provides verification that
+the requester has permission to make such changes, but also gives
+an extra degree of protection again transmission errors.
+
+            
Authenticated requests always include a timestamp in the packet
+data, which is included in the computation of the authentication
+code. 
+This timestamp is compared by the server to its receive time
+stamp. 
+If they differ by more than a small amount the request is
+rejected. 
+This is done for two reasons. 
+First, it makes simple
+replay attacks on the server, by someone who might be able to
+overhear traffic on your LAN, much more difficult. 
+Second, it makes
+it more difficult to request configuration changes to your server
+from topologically remote hosts. 
+While the reconfiguration facility
+will work well with a server on the local host, and may work
+adequately between time-synchronized hosts on the same LAN, it will
+work very poorly for more distant hosts. 
+As such, if reasonable
+passwords are chosen, care is taken in the distribution and
+protection of keys and appropriate source address restrictions are
+applied, the run time reconfiguration facility should provide an
+adequate level of security.
+
+            
The following commands all make authenticated requests.
+               

+‘Xo’
[keyid ]
+[version ]
+[prefer ]
+Add a configured peer association at the given address and
+operating in symmetric active mode. 
+Note that an existing
+association with the same peer may be deleted when this command is
+executed, or may simply be converted to conform to the new
+configuration, as appropriate. 
+If the optional
+keyid is a
+nonzero integer, all outgoing packets to the remote server will
+have an authentication field attached encrypted with this key. 
+If
+the value is 0 (or not given) no authentication will be done. 
+The
+version can be 1, 2 or 3 and defaults to 3. 
+The
+prefer keyword indicates a preferred peer (and thus will
+be used primarily for clock synchronisation if possible). 
+The
+preferred peer also determines the validity of the PPS signal - if
+the preferred peer is suitable for synchronisation so is the PPS
+signal. 
+
‘Xo’
[keyid ]
+[version ]
+[prefer ]
+Identical to the addpeer command, except that the operating
+mode is client. 
+
‘Xo’
[keyid ]
+[version ]
+[prefer ]
+Identical to the addpeer command, except that the operating
+mode is broadcast. 
+In this case a valid key identifier and key are
+required. 
+The
+peer_address parameter can be the broadcast
+address of the local network or a multicast group address assigned
+to NTP. 
+If a multicast address, a multicast-capable kernel is
+required. 
+
‘Ic’
This command causes the configured bit to be removed from the
+specified peer(s). 
+In many cases this will cause the peer
+association to be deleted. 
+When appropriate, however, the
+association may persist in an unconfigured mode if the remote peer
+is willing to continue on in this fashion. 
+
‘Xo’
[time1 ]
+[time2 ]
+[stratum ]
+[refid ]
+This command provides a way to set certain data for a reference
+clock. 
+See the source listing for further information. 
+
‘Xo’
.Oo
+auth | Cm bclient | calibrate | Cm kernel | monitor | Cm ntp | pps | Cm stats .Oc
+
‘Xo’
.Oo
+auth | Cm bclient | calibrate | Cm kernel | monitor | Cm ntp | pps | Cm stats .Oc
+These commands operate in the same way as the
+enable and
+disable configuration file commands of
+ntpd(8).
+                    
+‘Cm’
Enables the server to synchronize with unconfigured peers only
+if the peer has been correctly authenticated using either public key
+or private key cryptography. 
+The default for this flag is enable. 
+
‘Cm’
Enables the server to listen for a message from a broadcast or
+multicast server, as in the multicastclient command with
+default address. 
+The default for this flag is disable. 
+
‘Cm’
Enables the calibrate feature for reference clocks. 
+The default for this flag is disable. 
+
‘Cm’
Enables the kernel time discipline, if available. 
+The default for this flag is enable if support is available, otherwise disable. 
+
‘Cm’
Enables the monitoring facility. 
+See the
+ntpdc(8). 
+program and the monlist command or further information. 
+The default for this flag is enable. 
+
‘Cm’
Enables time and frequency discipline. 
+In effect, this switch opens and closes the feedback loop,
+which is useful for testing. 
+The default for this flag is enable. 
+
‘Cm’
Enables the pulse-per-second (PPS) signal when frequency
+and time is disciplined by the precision time kernel modifications. 
+See the
+"AKernelModelforPrecisionTimekeeping"
+(available as part of the HTML documentation
+provided in
+/usr/share/doc/ntp)
+)
+page for further information. 
+The default for this flag is disable. 
+
‘Cm’
Enables the statistics facility. 
+See the
+MonitoringMonitoring
+Options
+section of
+ntp.conf(5)
+for further information. 
+The default for this flag is disable.
+
+                    .It
+Xo
+Ic
+restrict
+Ar
+address
+Ar
+mask
+flag Oo Ar... Oc This command operates in the same way as the
+restrict configuration file commands of
+ntpd(8). 
+.It
+Xo
+Ic
+unrestrict
+Ar
+address
+Ar
+mask
+flag Oo Ar... Oc Unrestrict the matching entry from the restrict list. 
+.It
+Xo
+Ic
+delrestrict
+Ar
+address
+Ar
+mask
+[ntpport ]
+Delete the matching entry from the restrict list. 
+.It
+Ic
+readkeys
+Causes the current set of authentication keys to be purged and
+a new set to be obtained by rereading the keys file (which must
+have been specified in the
+ntpd(8)
+configuration file). 
+This
+allows encryption keys to be changed without restarting the
+server. 
+.It
+Ic
+trustedkey
+Ar
+keyid
+Oo
+Ar
+... 
+Oc
+.It
+Ic
+untrustedkey
+Ar
+keyid
+Oo
+Ar
+... 
+Oc
+These commands operate in the same way as the
+trustedkey and
+untrustedkey configuration file
+commands of
+ntpd(8). 
+.It
+Ic
+authinfo
+Returns information concerning the authentication module,
+including known keys and counts of encryptions and decryptions
+which have been done. 
+.It
+Ic
+traps
+Display the traps set in the server. 
+See the source listing for
+further information. 
+.It
+Xo
+Ic
+addtrap
+Ar
+address
+[port ]
+[interface ]
+Set a trap for asynchronous messages. 
+See the source listing
+for further information. 
+.It
+Xo
+Ic
+clrtrap
+Ar
+address
+[port ]
+[interface ]
+Clear a trap for asynchronous messages. 
+See the source listing
+for further information. 
+.It
+Ic
+reset
+Clear the statistics counters in various modules of the server. 
+See the source listing for further information.
+
+

+
+

+Next: ntpdc Authors,
+Previous: ntpdc Usage,
+Up: ntpdc Invocation
+
+
+
+ntpdc See Also
+
+                    ntp.conf(5),
+ntpd(8)
+.Rs
+.%A
+David
+L. 
+Mills
+.%T
+Network
+Time
+Protocol
+(Version
+3)
+.%O
+RFC1305
+.Re
+

+
+

+Next: ntpdc Bugs,
+Previous: ntpdc See Also,
+Up: ntpdc Invocation
+
+
+
+ntpdc Authors
+
+                    The formatting directives in this document came from FreeBSD. 
+

+
+

+Previous: ntpdc Authors,
+Up: ntpdc Invocation
+
+
+
+ntpdc Bugs
+
+                    The
+ntpdc
+utility is a crude hack. 
+Much of the information it shows is
+deadly boring and could only be loved by its implementer. 
+The
+program was designed so that new (and temporary) features were easy
+to hack in, at great expense to the program's ease of use. 
+Despite
+this, the program is occasionally useful.
+
+                      
Please report bugs to http://bugs.ntp.org .
+
+

+
+

+
+
+
+
+                    
+Usage
+
+                    The simplest use of this program is as an unprivileged command to
+check the current time, offset, and error in the local clock. 
+For example:
+
+                    
                        ntpdc ntpserver.somewhere
+
+                      With suitable privilege, it can be run as a command or in a
+cron job to reset the local clock from a reliable server, like
+the ntpdate and rdate commands. 
+For example:
+
+                    
                        ntpdc -a ntpserver.somewhere
+
+                      
+
diff --git a/ntpdc/ntpdc.texi b/ntpdc/ntpdc.texi
index a4c7f269c..3a828065a 100644
--- a/ntpdc/ntpdc.texi
+++ b/ntpdc/ntpdc.texi
@@ -2,7 +2,7 @@
 @c %**start of header
 @setfilename ntpdc.info
 @settitle ntpdc: NTPD Control User's Manual
-@include include/version.texi
+@include ../sntp/include/version.texi
 @paragraphindent 2
 @c %**end of header
 
diff --git a/ntpq/invoke-ntpq.texi b/ntpq/invoke-ntpq.texi
index 84528d967..4a4440624 100644
--- a/ntpq/invoke-ntpq.texi
+++ b/ntpq/invoke-ntpq.texi
@@ -6,7 +6,7 @@
 # 
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpq.texi)
 # 
-# It has been AutoGen-ed  December 24, 2012 at 08:22:53 AM by AutoGen 5.16.2
+# It has been AutoGen-ed  December 25, 2012 at 11:02:01 AM by AutoGen 5.16.2
 # From the definitions    ntpq-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -108,11 +108,12 @@ source of information about
 than this manual
 page.
 @item Ic
-... @item Ic
+@code{...} @item Ic
 @item Ic
 The data carried by NTP mode 6 messages consists of a list of
 items of the form
-@quoteleft{}variable_name=value,@quoteright{}
+@quoteleft{}variable_name=value@quoteright{},
+,
 where the
 @quoteleft{}=value@quoteright{}
 is ignored, and can be omitted,
@@ -139,7 +140,7 @@ Normally
 does not authenticate requests unless
 they are write requests.
 The command
-@quoteleft{}authenticateyes@quoteright{}
+@quoteleft{}authenticate yes@quoteright{}
 causes
 @code{ntpq}
 to send authentication with all requests it
@@ -165,7 +166,8 @@ Variables which
 @code{ntpq}
 thinks should have a decodable value but didn't are
 marked with a trailing
-@quoteleft{}\&?.@quoteright{}
+@quoteleft{}\&?@quoteright{}.
+.
 @item Xo
 @code{debug} .Oo
 @code{more} | @code{less} | @code{off} .Oc
@@ -182,7 +184,7 @@ server does not now require timestamps in authenticated requests,
 so this command may be obsolete.
 @item Ic
 Set the host to which future queries will be sent.
-@kbd{hostname} may be either a host name or a numeric address.
+@code{hostname} may be either a host name or a numeric address.
 @item Ic
 If
 @code{yes} is specified, host names are printed in
@@ -236,8 +238,7 @@ Note that since
 @code{ntpq}
 retries each query once after a timeout, the total waiting time for
 a timeout will be twice the timeout value set.
-
-@end multitable
+@end table
 
 This section was generated by @strong{AutoGen},
 using the @code{agtexi-cmd} template and the option descriptions for the @code{ntpq} program.
diff --git a/ntpq/ntpq-opts.c b/ntpq/ntpq-opts.c
index 03620fd0c..43d15b7a0 100644
--- a/ntpq/ntpq-opts.c
+++ b/ntpq/ntpq-opts.c
@@ -1,7 +1,7 @@
 /*  
  *  EDIT THIS FILE WITH CAUTION  (ntpq-opts.c)
  *  
- *  It has been AutoGen-ed  December 22, 2012 at 11:53:20 AM by AutoGen 5.16.2
+ *  It has been AutoGen-ed  December 25, 2012 at 11:01:46 AM by AutoGen 5.16.2
  *  From the definitions    ntpq-opts.def
  *  and the template file   options
  *
diff --git a/ntpq/ntpq-opts.h b/ntpq/ntpq-opts.h
index b9528189b..ddc338673 100644
--- a/ntpq/ntpq-opts.h
+++ b/ntpq/ntpq-opts.h
@@ -1,7 +1,7 @@
 /*  
  *  EDIT THIS FILE WITH CAUTION  (ntpq-opts.h)
  *  
- *  It has been AutoGen-ed  December 22, 2012 at 11:53:20 AM by AutoGen 5.16.2
+ *  It has been AutoGen-ed  December 25, 2012 at 11:01:46 AM by AutoGen 5.16.2
  *  From the definitions    ntpq-opts.def
  *  and the template file   options
  *
diff --git a/ntpq/ntpq.1ntpqman b/ntpq/ntpq.1ntpqman
index 392b0bf08..06c00c744 100644
--- a/ntpq/ntpq.1ntpqman
+++ b/ntpq/ntpq.1ntpqman
@@ -1,8 +1,8 @@
-.TH ntpq 1ntpqman "22 Dec 2012" "4.2.7p337" "User Commands"
+.TH ntpq 1ntpqman "25 Dec 2012" "4.2.7p337" "User Commands"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.man)
 .\"  
-.\"  It has been AutoGen-ed  December 22, 2012 at 11:53:27 AM by AutoGen 5.16.2
+.\"  It has been AutoGen-ed  December 25, 2012 at 11:02:03 AM by AutoGen 5.16.2
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agman-cmd.tpl
 .\"
@@ -13,6 +13,264 @@ ntpq \- standard NTP query program
 .\" Mixture of short (flag) options and long options
 .RB [ \-\fIflag\fP " [\fIvalue\fP]]... [" \-\-\fIopt\-name\fP " [[=| ]\fIvalue\fP]]..." [ host ...]
 .SH DESCRIPTION
+The
+.B 
+utility program is used to query NTP servers which
+implement the standard NTP mode 6 control message formats defined
+in Appendix B of the NTPv3 specification RFC1305, requesting
+information about current state and/or changes in that state.
+The same formats are used in NTPv4, although some of the
+variables have changed and new ones added. The description on this
+page is for the NTPv4 variables.
+The program may be run either in interactive mode or controlled using
+command line arguments.
+Requests to read and write arbitrary
+variables can be assembled, with raw and pretty-printed output
+options being available.
+The
+.B 
+utility can also obtain and print a
+list of peers in a common format by sending multiple queries to the
+server.
+If one or more request options is included on the command line
+when
+.B 
+is executed, each of the requests will be sent
+to the NTP servers running on each of the hosts given as command
+line arguments, or on localhost by default.
+If no request options
+are given,
+.B 
+will attempt to read commands from the
+standard input and execute these on the NTP server running on the
+first host given on the command line, again defaulting to localhost
+when no other host is specified.
+The
+.B 
+utility will prompt for
+commands if the standard input is a terminal device.
+.B 
+uses NTP mode 6 packets to communicate with the
+NTP server, and hence can be used to query any compatible server on
+the network which permits it.
+Note that since NTP is a UDP protocol
+this communication will be somewhat unreliable, especially over
+large distances in terms of network topology.
+The
+.B 
+utility makes
+one attempt to retransmit requests, and will time requests out if
+the remote host is not heard from within a suitable timeout
+time.
+Specifying a
+command line option other than
+i
+or
+n
+will
+cause the specified query (queries) to be sent to the indicated
+host(s) immediately.
+Otherwise,
+.B 
+will attempt to read
+interactive format commands from the standard input.
+.SS "Internal Commands"
+Interactive format commands consist of a keyword followed by zero
+to four arguments.
+Only enough characters of the full keyword to
+uniquely identify the command need be typed.
+A
+number of interactive format commands are executed entirely within
+the
+.B 
+utility itself and do not result in NTP mode 6
+requests being sent to a server.
+These are described following.
+.TP
+.BR Ic ? Op Ar command_keyword
+.TP
+.BR Ic help Op Ar command_keyword
+A
+.Ql \&?
+by itself will print a list of all the command
+keywords known to this incarnation of
+.Nm .
+A
+.Ql \&?
+followed by a command keyword will print function and usage
+information about the command.
+This command is probably a better
+source of information about
+.Nm
+than this manual
+page.
+.TP
+.BR Ic addvars Ar variable_name Xo Op Ic =value
+.Ic ...
+.Xc
+.TP
+.BR Ic rmvars Ar variable_name Ic ...
+.TP
+.BR Ic clearvars
+The data carried by NTP mode 6 messages consists of a list of
+items of the form
+.Ql variable_name=value ,
+where the
+.Ql =value
+is ignored, and can be omitted,
+in requests to the server to read variables.
+The
+.Nm
+utility maintains an internal list in which data to be included in control
+messages can be assembled, and sent using the
+.Ic readlist
+and
+.Ic writelist
+commands described below.
+The
+.Ic addvars
+command allows variables and their optional values to be added to
+the list.
+If more than one variable is to be added, the list should
+be comma-separated and not contain white space.
+The
+.Ic rmvars
+command can be used to remove individual variables from the list,
+while the
+.Ic clearlist
+command removes all variables from the
+list.
+.TP
+.BR Ic authenticate Op yes | no
+Normally
+.Nm
+does not authenticate requests unless
+they are write requests.
+The command
+.Ql authenticate yes
+causes
+.Nm
+to send authentication with all requests it
+makes.
+Authenticated requests causes some servers to handle
+requests slightly differently, and can occasionally melt the CPU in
+fuzzballs if you turn authentication on before doing a
+.Ic peer
+display.
+The command
+.Ql authenticate
+causes
+.Nm
+to display whether or not
+.Nm
+is currently autheinticating requests.
+.TP
+.BR Ic cooked
+Causes output from query commands to be "cooked", so that
+variables which are recognized by
+.Nm
+will have their
+values reformatted for human consumption.
+Variables which
+.Nm
+thinks should have a decodable value but didn't are
+marked with a trailing
+.Ql \&? .
+.TP
+.BR Xo
+.Ic debug
+.Oo
+.Cm more |
+.Cm less |
+.Cm off
+.Oc
+.Xc
+With no argument, displays the current debug level.
+Otherwise, the debug level is changed to the indicated level.
+.TP
+.BR Ic delay Ar milliseconds
+Specify a time interval to be added to timestamps included in
+requests which require authentication.
+This is used to enable
+(unreliable) server reconfiguration over long delay network paths
+or between machines whose clocks are unsynchronized.
+Actually the
+server does not now require timestamps in authenticated requests,
+so this command may be obsolete.
+.TP
+.BR Ic host Ar hostname
+Set the host to which future queries will be sent.
+\fIhostname\fR
+may be either a host name or a numeric address.
+.TP
+.BR Ic hostnames Op Cm yes | Cm no
+If
+.Cm yes
+is specified, host names are printed in
+information displays.
+If
+.Cm no
+is specified, numeric
+addresses are printed instead.
+The default is
+.Cm yes ,
+unless
+modified using the command line
+n
+switch.
+.TP
+.BR Ic keyid Ar keyid
+This command allows the specification of a key number to be
+used to authenticate configuration requests.
+This must correspond
+to a key number the server has been configured to use for this
+purpose.
+.TP
+.BR Ic ntpversion Xo Oo
+.Cm 1 |
+.Cm 2 |
+.Cm 3 |
+.Cm 4
+.Oc
+.Xc
+Sets the NTP version number which
+.Nm
+claims in
+packets.
+Defaults to 3, and note that mode 6 control messages (and
+modes, for that matter) didn't exist in NTP version 1.
+There appear
+to be no servers left which demand version 1.
+With no argument, displays the current NTP version that will be used
+when communicating with servers.
+.TP
+.BR Ic quit
+Exit
+.Nm
+.TP
+.BR Ic passwd
+This command prompts you to type in a password (which will not
+be echoed) which will be used to authenticate configuration
+requests.
+The password must correspond to the key configured for
+use by the NTP server for this purpose if such requests are to be
+successful.
+.TP
+.BR Ic raw
+Causes all output from query commands is printed as received
+from the remote server.
+The only formating/interpretation done on
+the data is to transform nonascii data into a printable (but barely
+understandable) form.
+.TP
+.BR Ic timeout Ar milliseconds
+Specify a timeout period for responses to server queries.
+The
+default is about 5000 milliseconds.
+Note that since
+.Nm
+retries each query once after a timeout, the total waiting time for
+a timeout will be twice the timeout value set.
 .SH "OPTIONS"
 .TP
 .BR \-4 ", " -\-ipv4
diff --git a/ntpq/ntpq.1ntpqmdoc b/ntpq/ntpq.1ntpqmdoc
index 89da4f22c..aff2a6ce7 100644
--- a/ntpq/ntpq.1ntpqmdoc
+++ b/ntpq/ntpq.1ntpqmdoc
@@ -1,9 +1,9 @@
-.Dd December 22 2012
+.Dd December 25 2012
 .Dt NTPQ 1ntpqmdoc User Commands
-.Os SunOS 5.10
+.Os FreeBSD 6.4-STABLE
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.mdoc)
 .\"  
-.\"  It has been AutoGen-ed  December 22, 2012 at 11:53:32 AM by AutoGen 5.16.2
+.\"  It has been AutoGen-ed  December 25, 2012 at 11:01:58 AM by AutoGen 5.16.2
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -18,6 +18,249 @@
 [ host ...]
 .Pp
 .Sh DESCRIPTION
+The
+.Nm
+utility program is used to query NTP servers which
+implement the standard NTP mode 6 control message formats defined
+in Appendix B of the NTPv3 specification RFC1305, requesting
+information about current state and/or changes in that state.
+The same formats are used in NTPv4, although some of the
+variables have changed and new ones added. The description on this
+page is for the NTPv4 variables.
+The program may be run either in interactive mode or controlled using
+command line arguments.
+Requests to read and write arbitrary
+variables can be assembled, with raw and pretty-printed output
+options being available.
+The
+.Nm
+utility can also obtain and print a
+list of peers in a common format by sending multiple queries to the
+server.
+If one or more request options is included on the command line
+when
+.Nm
+is executed, each of the requests will be sent
+to the NTP servers running on each of the hosts given as command
+line arguments, or on localhost by default.
+If no request options
+are given,
+.Nm
+will attempt to read commands from the
+standard input and execute these on the NTP server running on the
+first host given on the command line, again defaulting to localhost
+when no other host is specified.
+The
+.Nm
+utility will prompt for
+commands if the standard input is a terminal device.
+.Nm
+uses NTP mode 6 packets to communicate with the
+NTP server, and hence can be used to query any compatible server on
+the network which permits it.
+Note that since NTP is a UDP protocol
+this communication will be somewhat unreliable, especially over
+large distances in terms of network topology.
+The
+.Nm
+utility makes
+one attempt to retransmit requests, and will time requests out if
+the remote host is not heard from within a suitable timeout
+time.
+Specifying a
+command line option other than
+.Fl i
+or
+.Fl n
+will
+cause the specified query (queries) to be sent to the indicated
+host(s) immediately.
+Otherwise,
+.Nm
+will attempt to read
+interactive format commands from the standard input.
+.Ss "Internal Commands"
+Interactive format commands consist of a keyword followed by zero
+to four arguments.
+Only enough characters of the full keyword to
+uniquely identify the command need be typed.
+A
+number of interactive format commands are executed entirely within
+the
+.Nm
+utility itself and do not result in NTP mode 6
+requests being sent to a server.
+These are described following.
+.Bl -tag -width "? [command_keyword]" -compact -offset indent
+.It Ic ? Op  Ar command_keyword
+.It Ic help Op Ar command_keyword
+A
+.Ql \&?
+by itself will print a list of all the command
+keywords known to this incarnation of
+.Nm .
+A
+.Ql \&?
+followed by a command keyword will print function and usage
+information about the command.
+This command is probably a better
+source of information about
+.Nm
+than this manual
+page.
+.It Ic addvars Ar variable_name Xo Op Ic =value
+.Ic ...
+.Xc
+.It Ic rmvars Ar variable_name Ic ...
+.It Ic clearvars
+The data carried by NTP mode 6 messages consists of a list of
+items of the form
+.Ql variable_name=value ,
+where the
+.Ql =value
+is ignored, and can be omitted,
+in requests to the server to read variables.
+The
+.Nm
+utility maintains an internal list in which data to be included in control
+messages can be assembled, and sent using the
+.Ic readlist
+and
+.Ic writelist
+commands described below.
+The
+.Ic addvars
+command allows variables and their optional values to be added to
+the list.
+If more than one variable is to be added, the list should
+be comma-separated and not contain white space.
+The
+.Ic rmvars
+command can be used to remove individual variables from the list,
+while the
+.Ic clearlist
+command removes all variables from the
+list.
+.It Ic authenticate Op yes | no
+Normally
+.Nm
+does not authenticate requests unless
+they are write requests.
+The command
+.Ql authenticate yes
+causes
+.Nm
+to send authentication with all requests it
+makes.
+Authenticated requests causes some servers to handle
+requests slightly differently, and can occasionally melt the CPU in
+fuzzballs if you turn authentication on before doing a
+.Ic peer
+display.
+The command
+.Ql authenticate
+causes
+.Nm
+to display whether or not
+.Nm
+is currently autheinticating requests.
+.It Ic cooked
+Causes output from query commands to be "cooked", so that
+variables which are recognized by
+.Nm
+will have their
+values reformatted for human consumption.
+Variables which
+.Nm
+thinks should have a decodable value but didn't are
+marked with a trailing
+.Ql \&? .
+.It Xo
+.Ic debug
+.Oo
+.Cm more |
+.Cm less |
+.Cm off
+.Oc
+.Xc
+With no argument, displays the current debug level.
+Otherwise, the debug level is changed to the indicated level.
+.It Ic delay Ar milliseconds
+Specify a time interval to be added to timestamps included in
+requests which require authentication.
+This is used to enable
+(unreliable) server reconfiguration over long delay network paths
+or between machines whose clocks are unsynchronized.
+Actually the
+server does not now require timestamps in authenticated requests,
+so this command may be obsolete.
+.It Ic host Ar hostname
+Set the host to which future queries will be sent.
+.Ar hostname
+may be either a host name or a numeric address.
+.It Ic hostnames Op Cm yes | Cm no
+If
+.Cm yes
+is specified, host names are printed in
+information displays.
+If
+.Cm no
+is specified, numeric
+addresses are printed instead.
+The default is
+.Cm yes ,
+unless
+modified using the command line
+.Fl n
+switch.
+.It Ic keyid Ar keyid
+This command allows the specification of a key number to be
+used to authenticate configuration requests.
+This must correspond
+to a key number the server has been configured to use for this
+purpose.
+.It Ic ntpversion Xo Oo
+.Cm 1 |
+.Cm 2 |
+.Cm 3 |
+.Cm 4
+.Oc
+.Xc
+Sets the NTP version number which
+.Nm
+claims in
+packets.
+Defaults to 3, and note that mode 6 control messages (and
+modes, for that matter) didn't exist in NTP version 1.
+There appear
+to be no servers left which demand version 1.
+With no argument, displays the current NTP version that will be used
+when communicating with servers.
+.It Ic quit
+Exit
+.Nm
+.It Ic passwd
+This command prompts you to type in a password (which will not
+be echoed) which will be used to authenticate configuration
+requests.
+The password must correspond to the key configured for
+use by the NTP server for this purpose if such requests are to be
+successful.
+.It Ic raw
+Causes all output from query commands is printed as received
+from the remote server.
+The only formating/interpretation done on
+the data is to transform nonascii data into a printable (but barely
+understandable) form.
+.It Ic timeout Ar milliseconds
+Specify a timeout period for responses to server queries.
+The
+default is about 5000 milliseconds.
+Note that since
+.Nm
+retries each query once after a timeout, the total waiting time for
+a timeout will be twice the timeout value set.
+.El
 .Sh "OPTIONS"
 .Bl -tag
 .It  \-4 ", " -\-ipv4
diff --git a/ntpq/ntpq.html b/ntpq/ntpq.html
index 3570dac42..56132c42a 100644
--- a/ntpq/ntpq.html
+++ b/ntpq/ntpq.html
@@ -24,7 +24,6 @@
   
 Short Contents
 
-Top
 ntpq: Network Time Protocol Query User Manual
 
 
@@ -34,11 +33,20 @@
 
 
 

+Next: ntpq Description,
+Previous: (dir),
 Up: (dir)
 
 
 
-Top
+ntpq: Network Time Protocol Query User Manual
+
+The ntpq utility program is used to
+monitor the operational status
+and determine the performance of
+ntpd, the NTP daemon.
+
+  
This document applies to version 4.2.7p337 of ntpq.
 
 

 ntpq Description
@@ -52,28 +60,6 @@ Up: (dir)
 
Clock Variables
 
 
-
-
-

-Next: ntpq Description,
-Previous: (dir),
-Up: (dir)
-
-
-
-ntpq: Network Time Protocol Query User Manual
-
-The ntpq utility program is used to monitor NTP daemon ntpd
-operations and determine performance.  It uses the standard NTP mode 6 control
-
-  
This document applies to version {No value for `VERSION'} of ntpq.
-
-

-ntpq Description:             Description
-
ntpq Invocation: 		Invoking ntpq
-
Usage:                        Usage
-
-
 
 
 

@@ -102,6 +88,554 @@ The description on this page is for the NTPv4 variables.
 
   For examples and usage, see the NTP Debugging Techniques page.
 
+

+
+

+
+
+
+
+Invoking ntpq
+
+
+
+  
The
+ntpq
+utility program is used to query NTP servers which
+implement the standard NTP mode 6 control message formats defined
+in Appendix B of the NTPv3 specification RFC1305, requesting
+information about current state and/or changes in that state. 
+The same formats are used in NTPv4, although some of the
+variables have changed and new ones added. The description on this
+page is for the NTPv4 variables. 
+The program may be run either in interactive mode or controlled using
+command line arguments. 
+Requests to read and write arbitrary
+variables can be assembled, with raw and pretty-printed output
+options being available. 
+The
+ntpq
+utility can also obtain and print a
+list of peers in a common format by sending multiple queries to the
+server.
+
+  
If one or more request options is included on the command line
+when
+ntpq
+is executed, each of the requests will be sent
+to the NTP servers running on each of the hosts given as command
+line arguments, or on localhost by default. 
+If no request options
+are given,
+ntpq
+will attempt to read commands from the
+standard input and execute these on the NTP server running on the
+first host given on the command line, again defaulting to localhost
+when no other host is specified. 
+The
+ntpq
+utility will prompt for
+commands if the standard input is a terminal device.
+
+  
ntpq
+uses NTP mode 6 packets to communicate with the
+NTP server, and hence can be used to query any compatible server on
+the network which permits it. 
+Note that since NTP is a UDP protocol
+this communication will be somewhat unreliable, especially over
+large distances in terms of network topology. 
+The
+ntpq
+utility makes
+one attempt to retransmit requests, and will time requests out if
+the remote host is not heard from within a suitable timeout
+time.
+
+  
Specifying a
+command line option other than
+-i or
+-n will
+cause the specified query (queries) to be sent to the indicated
+host(s) immediately. 
+Otherwise,
+ntpq
+will attempt to read
+interactive format commands from the standard input. 
+

+
+

+
+
+
+
+Internal Commands
+
+Internal Commands
+Interactive format commands consist of a keyword followed by zero
+to four arguments. 
+Only enough characters of the full keyword to
+uniquely identify the command need be typed.
+
+  
A
+number of interactive format commands are executed entirely within
+the
+ntpq
+utility itself and do not result in NTP mode 6
+requests being sent to a server. 
+These are described following.
+     

+‘Ic’
‘Ic’
A
+‘\&?’
+by itself will print a list of all the command
+keywords known to this incarnation of
+ntpq. 
+A
+‘\&?’
+followed by a command keyword will print function and usage
+information about the command. 
+This command is probably a better
+source of information about
+ntpq
+than this manual
+page. 
+
‘Ic’
... 
‘Ic’
‘Ic’
The data carried by NTP mode 6 messages consists of a list of
+items of the form
+‘variable_name=value’,
+,
+where the
+‘=value’
+is ignored, and can be omitted,
+in requests to the server to read variables. 
+The
+ntpq
+utility maintains an internal list in which data to be included in control
+messages can be assembled, and sent using the
+readlist and
+writelist commands described below. 
+The
+addvars command allows variables and their optional values to be added to
+the list. 
+If more than one variable is to be added, the list should
+be comma-separated and not contain white space. 
+The
+rmvars command can be used to remove individual variables from the list,
+while the
+clearlist command removes all variables from the
+list. 
+
‘Ic’
Normally
+ntpq
+does not authenticate requests unless
+they are write requests. 
+The command
+‘authenticate yes’
+causes
+ntpq
+to send authentication with all requests it
+makes. 
+Authenticated requests causes some servers to handle
+requests slightly differently, and can occasionally melt the CPU in
+fuzzballs if you turn authentication on before doing a
+peer display. 
+The command
+‘authenticate’
+causes
+ntpq
+to display whether or not
+ntpq
+is currently autheinticating requests. 
+
‘Ic’
Causes output from query commands to be "cooked", so that
+variables which are recognized by
+ntpq
+will have their
+values reformatted for human consumption. 
+Variables which
+ntpq
+thinks should have a decodable value but didn't are
+marked with a trailing
+‘\&?’. 
+. 
+
‘Xo’
debug .Oo
+more | less | off .Oc
+With no argument, displays the current debug level. 
+Otherwise, the debug level is changed to the indicated level. 
+
‘Ic’
Specify a time interval to be added to timestamps included in
+requests which require authentication. 
+This is used to enable
+(unreliable) server reconfiguration over long delay network paths
+or between machines whose clocks are unsynchronized. 
+Actually the
+server does not now require timestamps in authenticated requests,
+so this command may be obsolete. 
+
‘Ic’
Set the host to which future queries will be sent. 
+hostname may be either a host name or a numeric address. 
+
‘Ic’
If
+yes is specified, host names are printed in
+information displays. 
+If
+no is specified, numeric
+addresses are printed instead. 
+The default is
+yes, unless
+modified using the command line
+-n switch. 
+
‘Ic’
This command allows the specification of a key number to be
+used to authenticate configuration requests. 
+This must correspond
+to a key number the server has been configured to use for this
+purpose. 
+
‘Ic’
1 | 2 | 3 | 4 .Oc
+Sets the NTP version number which
+ntpq
+claims in
+packets. 
+Defaults to 3, and note that mode 6 control messages (and
+modes, for that matter) didn't exist in NTP version 1. 
+There appear
+to be no servers left which demand version 1. 
+With no argument, displays the current NTP version that will be used
+when communicating with servers. 
+
‘Ic’
Exit
+ntpq
+
‘Ic’
This command prompts you to type in a password (which will not
+be echoed) which will be used to authenticate configuration
+requests. 
+The password must correspond to the key configured for
+use by the NTP server for this purpose if such requests are to be
+successful. 
+
‘Ic’
Causes all output from query commands is printed as received
+from the remote server. 
+The only formating/interpretation done on
+the data is to transform nonascii data into a printable (but barely
+understandable) form. 
+
‘Ic’
Specify a timeout period for responses to server queries. 
+The
+default is about 5000 milliseconds. 
+Note that since
+ntpq
+retries each query once after a timeout, the total waiting time for
+a timeout will be twice the timeout value set. 
+
+
+  This section was generated by AutoGen,
+using the agtexi-cmd template and the option descriptions for the ntpq program. 
+This software is released under the NTP license, <http://ntp.org/license>.
+
+

+ntpq usage:                   ntpq help/usage (--help)
+
ntpq ipv4:                    ipv4 option (-4)
+
ntpq ipv6:                    ipv6 option (-6)
+
ntpq command:                 command option (-c)
+
ntpq peers:                   peers option (-p)
+
ntpq interactive:             interactive option (-i)
+
ntpq numeric:                 numeric option (-n)
+
ntpq old-rv:                  old-rv option
+
ntpq config:                  presetting/configuring ntpq
+
ntpq exit status:             exit status
+
+
+
+
+

+Next: ntpq ipv4,
+Up: Internal Commands
+
+
+
+ntpq help/usage (--help)
+
+
+This is the automatically generated usage text for ntpq.
+
+  
The text printed is the same whether selected with the help option
+(--help) or the more-help option (--more-help).  more-help will print
+the usage text by passing it through a pager program. 
+more-help is disabled on platforms without a working
+fork(2) function.  The PAGER environment variable is
+used to select the program, defaulting to more.  Both will exit
+with a status code of 0.
+
+
ntpq - standard NTP query program - Ver. 4.2.7p337
+USAGE:  ntpq [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]
+  Flg Arg Option-Name    Description
+   -4 no  ipv4           Force IPv4 DNS name resolution
+                                - prohibits these options:
+                                ipv6
+   -6 no  ipv6           Force IPv6 DNS name resolution
+                                - prohibits these options:
+                                ipv4
+   -c Str command        run a command and exit
+                                - may appear multiple times
+   -d no  debug-level    Increase debug verbosity level
+                                - may appear multiple times
+   -D Num set-debug-level Set the debug verbosity level
+                                - may appear multiple times
+   -p no  peers          Print a list of the peers
+                                - prohibits these options:
+                                interactive
+   -i no  interactive    Force ntpq to operate in interactive mode
+                                - prohibits these options:
+                                command
+                                peers
+   -n no  numeric        numeric host addresses
+      no  old-rv         Always output status line with readvar
+      opt version        Output version information and exit
+   -? no  help           Display extended usage information and exit
+   -! no  more-help      Extended usage information passed thru pager
+   -> opt save-opts      Save the option state to a config file
+   -< Str load-opts      Load options from a config file
+                                - disabled as --no-load-opts
+                                - may appear multiple times
+
+Options are specified by doubled hyphens and their name or by a single
+hyphen and the flag character.
+
+The following option preset mechanisms are supported:
+ - reading file $HOME/.ntprc
+ - reading file ./.ntprc
+ - examining environment variables named NTPQ_*
+
+please send bug reports to:  http://bugs.ntp.org, bugs@ntp.org
+
+  
+
+

+Next: ntpq ipv6,
+Previous: ntpq usage,
+Up: Internal Commands
+
+
+
+ipv4 option (-4)
+
+
+This is the “force ipv4 dns name resolution” option.
+
+
This option has some usage constraints.  It:
+     

+must not appear in combination with any of the following options:
+ipv6. 
+
+
+  Force DNS resolution of following host names on the command line
+to the IPv4 namespace. 
+

+
+

+Next: ntpq command,
+Previous: ntpq ipv4,
+Up: Internal Commands
+
+
+
+ipv6 option (-6)
+
+
+This is the “force ipv6 dns name resolution” option.
+
+
This option has some usage constraints.  It:
+     

+must not appear in combination with any of the following options:
+ipv4. 
+
+
+  Force DNS resolution of following host names on the command line
+to the IPv6 namespace. 
+

+
+

+Next: ntpq peers,
+Previous: ntpq ipv6,
+Up: Internal Commands
+
+
+
+command option (-c)
+
+
+This is the “run a command and exit” option. 
+This option takes an argument string cmd.
+
+
This option has some usage constraints.  It:
+     

+may appear an unlimited number of times. 
+
+
+  The following argument is interpreted as an interactive format command
+and is added to the list of commands to be executed on the specified
+host(s). 
+

+
+

+Next: ntpq interactive,
+Previous: ntpq command,
+Up: Internal Commands
+
+
+
+peers option (-p)
+
+
+This is the “print a list of the peers” option.
+
+
This option has some usage constraints.  It:
+     

+must not appear in combination with any of the following options:
+interactive. 
+
+
+  Print a list of the peers known to the server as well as a summary
+of their state. This is equivalent to the 'peers' interactive command. 
+

+
+

+Next: ntpq numeric,
+Previous: ntpq peers,
+Up: Internal Commands
+
+
+
+interactive option (-i)
+
+
+This is the “force ntpq to operate in interactive mode” option.
+
+
This option has some usage constraints.  It:
+     

+must not appear in combination with any of the following options:
+command, peers. 
+
+
+  Force ntpq to operate in interactive mode.  Prompts will be written
+to the standard output and commands read from the standard input. 
+

+
+

+Next: ntpq old-rv,
+Previous: ntpq interactive,
+Up: Internal Commands
+
+
+
+numeric option (-n)
+
+
+This is the “numeric host addresses” option. 
+Output all host addresses in dotted-quad numeric format rather than
+converting to the canonical host names. 
+

+
+
+

+Next: ntpq config,
+Previous: ntpq numeric,
+Up: Internal Commands
+
+
+
+old-rv option
+
+
+This is the “always output status line with readvar” option. 
+By default, ntpq now suppresses the associd=... line that
+precedes the output of "readvar" (alias "rv") when a single
+variable is requested, such as ntpq -c "rv 0 offset".  This
+option causes ntpq to include both lines of output for a
+single-variable readvar.  Using an environment variable to
+preset this option in a script will enable both older and
+newer ntpq to behave identically in this regard.
+
+

+
+

+Next: ntpq exit status,
+Previous: ntpq old-rv,
+Up: Internal Commands
+
+
+
+presetting/configuring ntpq
+
+Any option that is not marked as not presettable may be preset by
+loading values from configuration ("rc" or "ini") files, and values from environment variables named NTPQ and NTPQ_<OPTION_NAME>.  <OPTION_NAME> must be one of
+the options listed above in upper case and segmented with underscores. 
+The NTPQ variable will be tokenized and parsed like
+the command line.  The remaining variables are tested for existence and their
+values are treated like option arguments.
+
+
libopts will search in 2 places for configuration files:
+     

+$HOME
+
$PWD
+
+  The environment variables HOME, and PWD
+are expanded and replaced when ntpq runs. 
+For any of these that are plain files, they are simply processed. 
+For any that are directories, then a file named .ntprc is searched for
+within that directory and processed.
+
+  Configuration files may be in a wide variety of formats. 
+The basic format is an option name followed by a value (argument) on the
+same line.  Values may be separated from the option name with a colon,
+equal sign or simply white space.  Values may be continued across multiple
+lines by escaping the newline with a backslash.
+
+  
Multiple programs may also share the same initialization file. 
+Common options are collected at the top, followed by program specific
+segments.  The segments are separated by lines like:
+
    [NTPQ]
+
+  or by
+
    <?program ntpq>
+
+  Do not mix these styles within one configuration file.
+
+  
Compound values and carefully constructed string values may also be
+specified using XML syntax:
+
    <option-name>
+       <sub-opt>...&lt;...&gt;...</sub-opt>
+    </option-name>
+
+  yielding an option-name.sub-opt string value of
+
    "...<...>..."
+
+  AutoOpts does not track suboptions.  You simply note that it is a
+hierarchicly valued option.  AutoOpts does provide a means for searching
+the associated name/value pair list (see: optionFindValue).
+
+  
The command line options relating to configuration and/or usage help are:
+
+
version (-)
+
+Print the program version to standard out, optionally with licensing
+information, then exit 0.  The optional argument specifies how much licensing
+detail to provide.  The default is to print just the version.  The licensing infomation may be selected with an option argument.  Only the
+first letter of the argument is examined:
+
+     

+‘version’
Only print the version.  This is the default. 
+
‘copyright’
Name the copyright usage licensing terms. 
+
‘verbose’
Print the full copyright usage licensing terms. 
+
+
+
+
+

+Previous: ntpq config,
+Up: Internal Commands
+
+
+
+ntpq exit status
+
+One of the following exit values will be returned:
+     

+‘0 (EXIT_SUCCESS)’
Successful program execution. 
+
‘1 (EXIT_FAILURE)’
The operation failed or the command syntax was not valid. 
+
‘66 (EX_NOINPUT)’
A specified configuration file could not be loaded. 
+
‘70 (EX_SOFTWARE)’
libopts had an internal operational error.  Please report
+it to autogen-users@lists.sourceforge.net.  Thank you. 
+
+
 
 
 

@@ -147,6 +681,7 @@ Up: Top
 /usr/local/etc
 -k
 keysdir
+

 
 
 
@@ -163,65 +698,66 @@ Up: Top
 Interactive format commands consist of a keyword followed by zero to four arguments.  Only enough characters of the full keyword to uniquely identify the command need be typed.  The output of a command is normally sent to the standard output, but optionally the output of individual commands may be sent to a file by appending a >, followed by a file name, to the command line.  A number of interactive format commands are executed entirely within the ntpq program itself and do not result in NTP mode-6 requests being sent to a server.  These are described following.
 
      

-? [command_keyword
help [command_keyword]
A ? by itself will print a list of all the command keywords known to ntpq.  A ? followed by a command keyword will print function and usage information about the command.
+
? [command_keyword]
help [command_keyword]
A ? by itself will print a list of all the command keywords known to ntpq.  A ? followed by a command keyword will print function and usage information about the command.
 
-     
>addvars name [ = value] [...]
rmvars name [...]
clearvars</dt>
The arguments to these commands consist of a list of items of the form
-name = value, where the = value is ignored,
+     
>addvars name [ = value] [...]
rmvars name [...]
clearvars</dt>
The arguments to these commands consist of a list of items of the form
+name = value, where the = value is ignored,
 and can be omitted in read requests. 
-ntpq maintains an internal list in which data to be included
-in control messages can be assembled, and sent using the readlist
-and writelist commands described below. 
-The addvars command allows variables and optional values
+ntpq maintains an internal list in which data to be included
+in control messages can be assembled, and sent using the readlist
+and writelist commands described below. 
+The addvars command allows variables and optional values
 to be added to the list. 
 If more than one variable is to be added
 the list should be comma-separated and not contain white space. 
-The rmvars command can be used to remove individual variables
+The rmvars command can be used to remove individual variables
 from the list,
-while the clearlist command removes all variables from the list.
+while the clearlist command removes all variables from the list.
 
-     
cooked
Display server messages in prettyprint format.
+     
cooked
Display server messages in prettyprint format.
 
-     
debug more | less | off
Turns internal query program debugging on and off.
+     
debug more | less | off
Turns internal query program debugging on and off.
 
-     
delay milliseconds
Specify a time interval to be added to timestamps included in requests which require authentication.  This is used to enable (unreliable) server reconfiguration over long delay network paths or between machines whose clocks are unsynchronized.  Actually the server does not now require timestamps in authenticated requests, so this command may be obsolete.
+     
delay milliseconds
Specify a time interval to be added to timestamps included in requests which require authentication.  This is used to enable (unreliable) server reconfiguration over long delay network paths or between machines whose clocks are unsynchronized.  Actually the server does not now require timestamps in authenticated requests, so this command may be obsolete.
 
-     
host name
Set the host to which future queries will be sent. 
+     
host name
Set the host to which future queries will be sent. 
 The name may be either a DNS name or a numeric address.
 
-     
hostnames [yes | no]
If yes is specified, host names are printed in information displays. 
-If no is specified, numeric addresses are printed instead. 
-The default is yes,
-unless modified using the command line -n switch.
+     
hostnames [yes | no]
If yes is specified, host names are printed in information displays. 
+If no is specified, numeric addresses are printed instead. 
+The default is yes,
+unless modified using the command line -n switch.
 
-     
keyid keyid
This command specifies the key number to be used
+     
keyid keyid
This command specifies the key number to be used
 to authenticate configuration requests. 
-This must correspond to a key ID configured in ntp.conf for this purpose.
+This must correspond to a key ID configured in ntp.conf for this purpose.
 
-     
keytype
Specify the digest algorithm to use for authenticated requests,
-with default MD5. 
+     
keytype
Specify the digest algorithm to use for authenticated requests,
+with default MD5. 
 If the OpenSSL library is installed,
 digest can be be any message digest algorithm supported by the library. 
-The current selections are: MD2, MD4, MD5, MDC2, RIPEMD160, SHA and SHA1.
+The current selections are: MD2, MD4, MD5, MDC2, RIPEMD160, SHA and SHA1.
 
-     
ntpversion 1 | 2 | 3 | 4
Sets the NTP version number which ntpq claims in packets. 
+     
ntpversion 1 | 2 | 3 | 4
Sets the NTP version number which ntpq claims in packets. 
 Defaults to 2. 
 Note that mode-6 control messages (and modes, for that matter)
 didn't exist in NTP version 1.
 
-     
passwd
This command prompts for a password to authenticate requests. 
-The password must correspond to the key ID configured in ntp.conf for this purpose.
+     
passwd
This command prompts for a password to authenticate requests. 
+The password must correspond to the key ID configured in ntp.conf for this purpose.
 
-     
quit
Exit ntpq.
+     
quit
Exit ntpq.
 
-     
raw
Display server messages as received and without reformatting.
+     
raw
Display server messages as received and without reformatting.
 
-     
timeout millseconds
Specify a timeout period for responses to server queries. 
+     
timeout millseconds
Specify a timeout period for responses to server queries. 
 The default is about 5000 milliseconds. 
-Note that since ntpq retries each query once after a timeout
+Note that since ntpq retries each query once after a timeout
 the total waiting time for a timeout will be twice the timeout value set.
 
   

-  

+
+
 
 

 Next: Status Words and Kiss Codes,
@@ -248,77 +784,67 @@ which iterate over a range of associations.
 
associations
Display a list of mobilized associations in the form:
 

 ind assid status conf reach auth condition last_event cnt
-
-  
Variable Description
 
-

ind
-index on this list
+     
Variable Description
+
+     
ind
+ index on this list
 
-
assid
- association ID
+     
assid
+ association ID
 
-
status
- peer status word
+     
status
+ peer status word
 
-
conf
- yes: persistent, no: ephemeral
+     
conf
+ yes: persistent, no: ephemeral
 
-
reach
- yes: reachable, no: unreachable
+     
reach
+ yes: reachable, no: unreachable
 
-
auth
- ok, yes, bad and none
+     
auth
+ ok, yes, bad and none
 
-
condition
- selection status (see the select field of the peer status word)
+     
condition
+ selection status (see the select field of the peer status word)
 
-
last_event
- event report (see the event field of the peer status word)
+     
last_event
+ event report (see the event field of the peer status word)
 
-
cnt
+     
cnt
 event count (see the count field of the peer status word)
 
-  

+     

 
-  
clockvar assocID [name [ = value [...]] [...]] 
- cv assocID [name [ = value [...] ][...]] 
-Display a list of See clock variables for those associations supporting a reference clock.
+     
clockvar assocID [name [ = value [...]] [...]]
cv assocID [name [ = value [...] ][...]]
Display a list of clock variables for those associations supporting a reference clock.
 
-  :config [...] 
-Send the remainder of the command line, including whitespace, to the server
+     
:config [...]
Send the remainder of the command line, including whitespace, to the server
 as a run-time configuration command in the same format
 as the configuration file. 
 This command is experimental until further notice and clarification. 
 Authentication is of course required.
 
-  config-from-file filename
-Send the each line of filename to the server as
+     
config-from-file filename
Send the each line of filename to the server as
 run-time configuration commands in the same format as the configuration file. 
 This command is experimental until further notice and clarification. 
 Authentication is required.
 
-  ifstats
-Display statistics for each local network address. 
+     
ifstats
Display statistics for each local network address. 
 Authentication is required.
 
-  iostats
-Display network and reference clock I/O statistics.
+     
iostats
Display network and reference clock I/O statistics.
 
-  kerninfo
-Display kernel loop and PPS statistics. 
+     
kerninfo
Display kernel loop and PPS statistics. 
 As with other ntpq output, times are in milliseconds. 
 The precision value displayed is in milliseconds as well,
 unlike the precision system variable.
 
-  lassociations
-Perform the same function as the associations command,
+     
lassociations
Perform the same function as the associations command,
 except display mobilized and unmobilized associations.
 
-  monstats
-Display monitor facility statistics.
+     
monstats
Display monitor facility statistics.
 
-  mrulist [limited | kod | mincount=count | laddr=localaddr | sort=sortorder | resany=hexmask | resall=hexmask]
-Obtain and print traffic counts collected and maintained by
+     
mrulist [limited | kod | mincount=count | laddr=localaddr | sort=sortorder | resany=hexmask | resall=hexmask]
Obtain and print traffic counts collected and maintained by
 the monitor facility. 
 With the exception of sort=sortorder,
 the options filter the list returned by ntpd. 
@@ -338,87 +864,83 @@ The sortorder defaults to lstint and may be any of
 any of those preceded by a minus sign (hyphen) to reverse the sort order. 
 The output columns are:
 
-  Column Description
+     Column Description
 
-
lstint
+     
lstint
 
 Interval in s between the receipt of the most recent packet from this
 address and the completion of the retrieval of the MRU list by ntpq
 
-
avgint
+     
avgint
 
 Average interval in s between packets from this address.
 
-
rstr
+     
rstr
 
 Restriction flags associated with this address. 
 Most are copied unchanged from the matching restrict command,
 however 0x400 (kod) and 0x20 (limited) flags are cleared unless
 the last packet from this address triggered a rate control response.
 
-
r
+     
r
 
 Rate control indicator, either a period, L or K for
 no rate control response, rate limiting by discarding, or
 rate limiting with a KoD response, respectively.
 
-
m
+     
m
 
 Packet mode. 
 
v
 
 Packet version number.
 
-
count
+     
count
 
 Packets received from this address.
 
-
rport
+     
rport
 
 Source port of last packet from this address.
 
-
remote address
+     
remote address
 
 DNS name, numeric address, or address followed by claimed DNS name which
 could not be verified in parentheses.
 
-  

+     

 
-  
mreadvar assocID assocID [ variable_name [ = value[ ... ]
- mrv assocID assocID [ variable_name [ = value[ ... ]
-Perform the same function as the readvar command,
+     
mreadvar assocID assocID [ variable_name [ = value[ ... ]
mrv assocID assocID [ variable_name [ = value[ ... ]
Perform the same function as the readvar command,
 except for a range of association IDs. 
 This range is determined from the association list cached by
 the most recent associations command.
 
-  passociations
-Perform the same function as the associations command, except that
+     
passociations
Perform the same function as the associations command, except that
 it uses previously stored data rather than making a new query.
 
-  peers
-Display a list of peers in the form:
+     
peers
Display a list of peers in the form:
 

 [tally]remote refid st t when pool reach delay offset jitter
 
-  Variable Description
+     Variable Description
 
[tally]
 
 single-character code indicating current value of the select field
 of the peer status word.
 
-
remote
+     
remote
 
 host name (or IP number) of peer
 
-
refid
+     
refid
 
 association ID or kiss code.
 
-
st
+     
st
 
 stratum
 
-
t
+     
t
 
 u: unicast or manycast client,
 b: broadcast or multicast client,
@@ -428,35 +950,33 @@ stratum
 B: broadcast server,
 M: multicast server.
 
-
when
+     
when
 
 sec/min/hr since last received packet
 
-
poll
+     
poll
 
 poll interval (log(2) s)
 
-
reach
+     
reach
 
 reach shift register (octal)
 
-
delay
+     
delay
 
 roundtrip delay
 
-
offset
+     
offset
 
 offset of server relative to this host
 
-
jitter
+     
jitter
 
 jitter
 
-  

+     

 
-  
readvar assocID name [ = value ] [,...] 
- rv assocID [ name ] [,...] 
-Display the specified variables. 
+     
readvar assocID name [ = value ] [,...]
rv assocID [ name ] [,...]
Display the specified variables. 
 If assocID is zero,
 the variables are from the system variables name space,
 otherwise they are from the peer variables name space. 
@@ -471,8 +991,7 @@ Some NTP timestamps are represented in the format YYYYMMDDTTTT,
 where YYYY is the year, MM the month of year, DD the day of month and
 TTTT the time of day.
 
-  saveconfig filename
-Write the current configuration, including any runtime modifications
+     
saveconfig filename
Write the current configuration, including any runtime modifications
 given with :config or config-from-file,
 to the ntpd host's file filename. 
 This command will be rejected by the server unless
@@ -484,17 +1003,29 @@ to substitute the current date and time, for example,
 The filename used is stored in system variable savedconfig. 
 Authentication is required.
 
-  writevar assocID name = value [,...] 
-Write the specified variables. 
+     
writevar assocID name = value [,...]
Write the specified variables. 
 If the assocID is zero, the variables are from the
 system variables name space, otherwise they are from the
 peer variables name	space. 
 The assocID is required,
 as the same name can occur in both spaces.
 
-   System Variables, Control Message Commands, Top
-
+     
sysinfo
Display operational summary.
+
+     
sysstats
Print statistics counters maintained in the protocol module.
 
+  
+
+
+
+

+Next: System Variables,
+Previous: Control Message Commands,
+Up: Top
+
+
+
+
 Status Words and Kiss Codes
 
 The current state of the operating program is shown
diff --git a/ntpq/ntpq.man.in b/ntpq/ntpq.man.in
index 8ab4f0994..84957c8b3 100644
--- a/ntpq/ntpq.man.in
+++ b/ntpq/ntpq.man.in
@@ -1,8 +1,8 @@
-.TH ntpq @NTPQ_MS@ "22 Dec 2012" "4.2.7p337" "User Commands"
+.TH ntpq @NTPQ_MS@ "25 Dec 2012" "4.2.7p337" "User Commands"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.man)
 .\"  
-.\"  It has been AutoGen-ed  December 22, 2012 at 11:53:27 AM by AutoGen 5.16.2
+.\"  It has been AutoGen-ed  December 25, 2012 at 11:02:03 AM by AutoGen 5.16.2
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agman-cmd.tpl
 .\"
@@ -13,6 +13,264 @@ ntpq \- standard NTP query program
 .\" Mixture of short (flag) options and long options
 .RB [ \-\fIflag\fP " [\fIvalue\fP]]... [" \-\-\fIopt\-name\fP " [[=| ]\fIvalue\fP]]..." [ host ...]
 .SH DESCRIPTION
+The
+.B 
+utility program is used to query NTP servers which
+implement the standard NTP mode 6 control message formats defined
+in Appendix B of the NTPv3 specification RFC1305, requesting
+information about current state and/or changes in that state.
+The same formats are used in NTPv4, although some of the
+variables have changed and new ones added. The description on this
+page is for the NTPv4 variables.
+The program may be run either in interactive mode or controlled using
+command line arguments.
+Requests to read and write arbitrary
+variables can be assembled, with raw and pretty-printed output
+options being available.
+The
+.B 
+utility can also obtain and print a
+list of peers in a common format by sending multiple queries to the
+server.
+If one or more request options is included on the command line
+when
+.B 
+is executed, each of the requests will be sent
+to the NTP servers running on each of the hosts given as command
+line arguments, or on localhost by default.
+If no request options
+are given,
+.B 
+will attempt to read commands from the
+standard input and execute these on the NTP server running on the
+first host given on the command line, again defaulting to localhost
+when no other host is specified.
+The
+.B 
+utility will prompt for
+commands if the standard input is a terminal device.
+.B 
+uses NTP mode 6 packets to communicate with the
+NTP server, and hence can be used to query any compatible server on
+the network which permits it.
+Note that since NTP is a UDP protocol
+this communication will be somewhat unreliable, especially over
+large distances in terms of network topology.
+The
+.B 
+utility makes
+one attempt to retransmit requests, and will time requests out if
+the remote host is not heard from within a suitable timeout
+time.
+Specifying a
+command line option other than
+i
+or
+n
+will
+cause the specified query (queries) to be sent to the indicated
+host(s) immediately.
+Otherwise,
+.B 
+will attempt to read
+interactive format commands from the standard input.
+.SS "Internal Commands"
+Interactive format commands consist of a keyword followed by zero
+to four arguments.
+Only enough characters of the full keyword to
+uniquely identify the command need be typed.
+A
+number of interactive format commands are executed entirely within
+the
+.B 
+utility itself and do not result in NTP mode 6
+requests being sent to a server.
+These are described following.
+.TP
+.BR Ic ? Op Ar command_keyword
+.TP
+.BR Ic help Op Ar command_keyword
+A
+.Ql \&?
+by itself will print a list of all the command
+keywords known to this incarnation of
+.Nm .
+A
+.Ql \&?
+followed by a command keyword will print function and usage
+information about the command.
+This command is probably a better
+source of information about
+.Nm
+than this manual
+page.
+.TP
+.BR Ic addvars Ar variable_name Xo Op Ic =value
+.Ic ...
+.Xc
+.TP
+.BR Ic rmvars Ar variable_name Ic ...
+.TP
+.BR Ic clearvars
+The data carried by NTP mode 6 messages consists of a list of
+items of the form
+.Ql variable_name=value ,
+where the
+.Ql =value
+is ignored, and can be omitted,
+in requests to the server to read variables.
+The
+.Nm
+utility maintains an internal list in which data to be included in control
+messages can be assembled, and sent using the
+.Ic readlist
+and
+.Ic writelist
+commands described below.
+The
+.Ic addvars
+command allows variables and their optional values to be added to
+the list.
+If more than one variable is to be added, the list should
+be comma-separated and not contain white space.
+The
+.Ic rmvars
+command can be used to remove individual variables from the list,
+while the
+.Ic clearlist
+command removes all variables from the
+list.
+.TP
+.BR Ic authenticate Op yes | no
+Normally
+.Nm
+does not authenticate requests unless
+they are write requests.
+The command
+.Ql authenticate yes
+causes
+.Nm
+to send authentication with all requests it
+makes.
+Authenticated requests causes some servers to handle
+requests slightly differently, and can occasionally melt the CPU in
+fuzzballs if you turn authentication on before doing a
+.Ic peer
+display.
+The command
+.Ql authenticate
+causes
+.Nm
+to display whether or not
+.Nm
+is currently autheinticating requests.
+.TP
+.BR Ic cooked
+Causes output from query commands to be "cooked", so that
+variables which are recognized by
+.Nm
+will have their
+values reformatted for human consumption.
+Variables which
+.Nm
+thinks should have a decodable value but didn't are
+marked with a trailing
+.Ql \&? .
+.TP
+.BR Xo
+.Ic debug
+.Oo
+.Cm more |
+.Cm less |
+.Cm off
+.Oc
+.Xc
+With no argument, displays the current debug level.
+Otherwise, the debug level is changed to the indicated level.
+.TP
+.BR Ic delay Ar milliseconds
+Specify a time interval to be added to timestamps included in
+requests which require authentication.
+This is used to enable
+(unreliable) server reconfiguration over long delay network paths
+or between machines whose clocks are unsynchronized.
+Actually the
+server does not now require timestamps in authenticated requests,
+so this command may be obsolete.
+.TP
+.BR Ic host Ar hostname
+Set the host to which future queries will be sent.
+\fIhostname\fR
+may be either a host name or a numeric address.
+.TP
+.BR Ic hostnames Op Cm yes | Cm no
+If
+.Cm yes
+is specified, host names are printed in
+information displays.
+If
+.Cm no
+is specified, numeric
+addresses are printed instead.
+The default is
+.Cm yes ,
+unless
+modified using the command line
+n
+switch.
+.TP
+.BR Ic keyid Ar keyid
+This command allows the specification of a key number to be
+used to authenticate configuration requests.
+This must correspond
+to a key number the server has been configured to use for this
+purpose.
+.TP
+.BR Ic ntpversion Xo Oo
+.Cm 1 |
+.Cm 2 |
+.Cm 3 |
+.Cm 4
+.Oc
+.Xc
+Sets the NTP version number which
+.Nm
+claims in
+packets.
+Defaults to 3, and note that mode 6 control messages (and
+modes, for that matter) didn't exist in NTP version 1.
+There appear
+to be no servers left which demand version 1.
+With no argument, displays the current NTP version that will be used
+when communicating with servers.
+.TP
+.BR Ic quit
+Exit
+.Nm
+.TP
+.BR Ic passwd
+This command prompts you to type in a password (which will not
+be echoed) which will be used to authenticate configuration
+requests.
+The password must correspond to the key configured for
+use by the NTP server for this purpose if such requests are to be
+successful.
+.TP
+.BR Ic raw
+Causes all output from query commands is printed as received
+from the remote server.
+The only formating/interpretation done on
+the data is to transform nonascii data into a printable (but barely
+understandable) form.
+.TP
+.BR Ic timeout Ar milliseconds
+Specify a timeout period for responses to server queries.
+The
+default is about 5000 milliseconds.
+Note that since
+.Nm
+retries each query once after a timeout, the total waiting time for
+a timeout will be twice the timeout value set.
 .SH "OPTIONS"
 .TP
 .BR \-4 ", " -\-ipv4
diff --git a/ntpq/ntpq.mdoc.in b/ntpq/ntpq.mdoc.in
index 3928bd098..270805327 100644
--- a/ntpq/ntpq.mdoc.in
+++ b/ntpq/ntpq.mdoc.in
@@ -1,9 +1,9 @@
-.Dd December 22 2012
+.Dd December 25 2012
 .Dt NTPQ @NTPQ_MS@ User Commands
-.Os SunOS 5.10
+.Os FreeBSD 6.4-STABLE
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.mdoc)
 .\"  
-.\"  It has been AutoGen-ed  December 22, 2012 at 11:53:32 AM by AutoGen 5.16.2
+.\"  It has been AutoGen-ed  December 25, 2012 at 11:01:58 AM by AutoGen 5.16.2
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -18,6 +18,249 @@
 [ host ...]
 .Pp
 .Sh DESCRIPTION
+The
+.Nm
+utility program is used to query NTP servers which
+implement the standard NTP mode 6 control message formats defined
+in Appendix B of the NTPv3 specification RFC1305, requesting
+information about current state and/or changes in that state.
+The same formats are used in NTPv4, although some of the
+variables have changed and new ones added. The description on this
+page is for the NTPv4 variables.
+The program may be run either in interactive mode or controlled using
+command line arguments.
+Requests to read and write arbitrary
+variables can be assembled, with raw and pretty-printed output
+options being available.
+The
+.Nm
+utility can also obtain and print a
+list of peers in a common format by sending multiple queries to the
+server.
+If one or more request options is included on the command line
+when
+.Nm
+is executed, each of the requests will be sent
+to the NTP servers running on each of the hosts given as command
+line arguments, or on localhost by default.
+If no request options
+are given,
+.Nm
+will attempt to read commands from the
+standard input and execute these on the NTP server running on the
+first host given on the command line, again defaulting to localhost
+when no other host is specified.
+The
+.Nm
+utility will prompt for
+commands if the standard input is a terminal device.
+.Nm
+uses NTP mode 6 packets to communicate with the
+NTP server, and hence can be used to query any compatible server on
+the network which permits it.
+Note that since NTP is a UDP protocol
+this communication will be somewhat unreliable, especially over
+large distances in terms of network topology.
+The
+.Nm
+utility makes
+one attempt to retransmit requests, and will time requests out if
+the remote host is not heard from within a suitable timeout
+time.
+Specifying a
+command line option other than
+.Fl i
+or
+.Fl n
+will
+cause the specified query (queries) to be sent to the indicated
+host(s) immediately.
+Otherwise,
+.Nm
+will attempt to read
+interactive format commands from the standard input.
+.Ss "Internal Commands"
+Interactive format commands consist of a keyword followed by zero
+to four arguments.
+Only enough characters of the full keyword to
+uniquely identify the command need be typed.
+A
+number of interactive format commands are executed entirely within
+the
+.Nm
+utility itself and do not result in NTP mode 6
+requests being sent to a server.
+These are described following.
+.Bl -tag -width "? [command_keyword]" -compact -offset indent
+.It Ic ? Op  Ar command_keyword
+.It Ic help Op Ar command_keyword
+A
+.Ql \&?
+by itself will print a list of all the command
+keywords known to this incarnation of
+.Nm .
+A
+.Ql \&?
+followed by a command keyword will print function and usage
+information about the command.
+This command is probably a better
+source of information about
+.Nm
+than this manual
+page.
+.It Ic addvars Ar variable_name Xo Op Ic =value
+.Ic ...
+.Xc
+.It Ic rmvars Ar variable_name Ic ...
+.It Ic clearvars
+The data carried by NTP mode 6 messages consists of a list of
+items of the form
+.Ql variable_name=value ,
+where the
+.Ql =value
+is ignored, and can be omitted,
+in requests to the server to read variables.
+The
+.Nm
+utility maintains an internal list in which data to be included in control
+messages can be assembled, and sent using the
+.Ic readlist
+and
+.Ic writelist
+commands described below.
+The
+.Ic addvars
+command allows variables and their optional values to be added to
+the list.
+If more than one variable is to be added, the list should
+be comma-separated and not contain white space.
+The
+.Ic rmvars
+command can be used to remove individual variables from the list,
+while the
+.Ic clearlist
+command removes all variables from the
+list.
+.It Ic authenticate Op yes | no
+Normally
+.Nm
+does not authenticate requests unless
+they are write requests.
+The command
+.Ql authenticate yes
+causes
+.Nm
+to send authentication with all requests it
+makes.
+Authenticated requests causes some servers to handle
+requests slightly differently, and can occasionally melt the CPU in
+fuzzballs if you turn authentication on before doing a
+.Ic peer
+display.
+The command
+.Ql authenticate
+causes
+.Nm
+to display whether or not
+.Nm
+is currently autheinticating requests.
+.It Ic cooked
+Causes output from query commands to be "cooked", so that
+variables which are recognized by
+.Nm
+will have their
+values reformatted for human consumption.
+Variables which
+.Nm
+thinks should have a decodable value but didn't are
+marked with a trailing
+.Ql \&? .
+.It Xo
+.Ic debug
+.Oo
+.Cm more |
+.Cm less |
+.Cm off
+.Oc
+.Xc
+With no argument, displays the current debug level.
+Otherwise, the debug level is changed to the indicated level.
+.It Ic delay Ar milliseconds
+Specify a time interval to be added to timestamps included in
+requests which require authentication.
+This is used to enable
+(unreliable) server reconfiguration over long delay network paths
+or between machines whose clocks are unsynchronized.
+Actually the
+server does not now require timestamps in authenticated requests,
+so this command may be obsolete.
+.It Ic host Ar hostname
+Set the host to which future queries will be sent.
+.Ar hostname
+may be either a host name or a numeric address.
+.It Ic hostnames Op Cm yes | Cm no
+If
+.Cm yes
+is specified, host names are printed in
+information displays.
+If
+.Cm no
+is specified, numeric
+addresses are printed instead.
+The default is
+.Cm yes ,
+unless
+modified using the command line
+.Fl n
+switch.
+.It Ic keyid Ar keyid
+This command allows the specification of a key number to be
+used to authenticate configuration requests.
+This must correspond
+to a key number the server has been configured to use for this
+purpose.
+.It Ic ntpversion Xo Oo
+.Cm 1 |
+.Cm 2 |
+.Cm 3 |
+.Cm 4
+.Oc
+.Xc
+Sets the NTP version number which
+.Nm
+claims in
+packets.
+Defaults to 3, and note that mode 6 control messages (and
+modes, for that matter) didn't exist in NTP version 1.
+There appear
+to be no servers left which demand version 1.
+With no argument, displays the current NTP version that will be used
+when communicating with servers.
+.It Ic quit
+Exit
+.Nm
+.It Ic passwd
+This command prompts you to type in a password (which will not
+be echoed) which will be used to authenticate configuration
+requests.
+The password must correspond to the key configured for
+use by the NTP server for this purpose if such requests are to be
+successful.
+.It Ic raw
+Causes all output from query commands is printed as received
+from the remote server.
+The only formating/interpretation done on
+the data is to transform nonascii data into a printable (but barely
+understandable) form.
+.It Ic timeout Ar milliseconds
+Specify a timeout period for responses to server queries.
+The
+default is about 5000 milliseconds.
+Note that since
+.Nm
+retries each query once after a timeout, the total waiting time for
+a timeout will be twice the timeout value set.
+.El
 .Sh "OPTIONS"
 .Bl -tag
 .It  \-4 ", " -\-ipv4
diff --git a/ntpq/ntpq.texi b/ntpq/ntpq.texi
index 3f6a30cc5..cbc721f98 100644
--- a/ntpq/ntpq.texi
+++ b/ntpq/ntpq.texi
@@ -2,7 +2,7 @@
 @c %**start of header
 @setfilename ntpq.info
 @settitle ntpq: Network Time Protocol Query User's Manual
-@include include/version.texi
+@include ../sntp/include/version.texi
 @paragraphindent 2
 @c %**end of header
 
@@ -26,6 +26,16 @@ querying the state of an NTP server.
 
 @shortcontents
 
+@node Top, ntpq Description, (dir), (dir)
+@top ntpq: Network Time Protocol Query User Manual
+
+The @code{ntpq} utility program is used to
+monitor the operational status
+and determine the performance of
+@code{ntpd}, the NTP daemon.
+
+This document applies to version @value{VERSION} of @code{ntpq}.
+
 @menu
 * ntpq Description::            
 * ntpq Invocation::             Invoking ntpq
@@ -38,20 +48,6 @@ querying the state of an NTP server.
 * Clock Variables::             
 @end menu
 
-@node Top, ntpq Description, (dir), (dir)
-@top ntpq: Network Time Protocol Query User Manual
-
-The @code{ntpq} utility program is used to monitor NTP daemon @code{ntpd}
-operations and determine performance.  It uses the standard NTP mode 6 control
-
-This document applies to version @value{VERSION} of @code{ntpq}.
-
-@menu
-* ntpq Description::            Description
-* ntpq Invocation::		Invoking ntpq
-* Usage::                       Usage
-@end menu
-
 @node ntpq Description, Usage, Top, Top
 @comment  node-name,  next,  previous,  up
 @section Description
@@ -112,7 +108,7 @@ For examples and usage, see the @url{debug.html, NTP Debugging Techniques} page.
 @tab @code{/usr/local/etc}
 @tab @code{-k}
 @tab @code{keysdir}
-
+@end multitable
 
 @node Internal Commands, Control Message Commands, Usage, Top
 @comment  node-name,  next,  previous,  up
@@ -122,8 +118,8 @@ Interactive format commands consist of a keyword followed by zero to four argume
 
 @table @code
 
-@item @anchor{help} @code{? [@kbd{command_keyword}
-@itemx @code{help [@kbd{command_keyword}]}
+@item @anchor{help} @code{? [}@kbd{command_keyword}@code{]}
+@itemx @code{help [}@kbd{command_keyword}@code{]}
 A @code{?} by itself will print a list of all the command keywords known to @code{ntpq}.  A @code{?} followed by a command keyword will print function and usage information about the command.
 
 @item @anchor{addvars} >@code{addvars @kbd{name} [ = @kbd{value}] [...]}
@@ -218,7 +214,6 @@ which iterate over a range of associations.
 Display a list of mobilized associations in the form:
 @*
 @code{ind assid status conf reach auth condition last_event cnt}
-@end table
 
 @multitable @columnfractions .1 .4
 @headitem Variable @tab Description
@@ -254,7 +249,7 @@ event count (see the @code{count} field of the @url{decode.html#peer, peer statu
 
 @item @anchor{cv} clockvar @kbd{assocID} [@kbd{name} [ = @kbd{value} [...]] [...]]
 @itemx cv @kbd{assocID} [@kbd{name} [ = @kbd{value} [...] ][...]]
-Display a list of @xref{clock,,clock variables} for those associations supporting a reference clock.
+Display a list of @ref{clock,,clock variables} for those associations supporting a reference clock.
 
 @item @anchor{:config} :config [...]
 Send the remainder of the command line, including whitespace, to the server
@@ -466,7 +461,7 @@ If the @code{@kbd{assocID}} is zero, the variables are from the
 The @code{@kbd{assocID}} is required,
 as the same name can occur in both spaces.
 
-@item @anchor{sysinfo">@code{sysinfo}
+@item @anchor{sysinfo} @code{sysinfo}
 Display operational summary.
 
 @item @anchor{sysstats} @code{sysstats}
diff --git a/ntpsnmpd/Makefile.am b/ntpsnmpd/Makefile.am
index 8bb08c44d..016824bb7 100644
--- a/ntpsnmpd/Makefile.am
+++ b/ntpsnmpd/Makefile.am
@@ -31,12 +31,19 @@ EXTRA_DIST=			\
 	ntpsnmpd.1ntpsnmpdmdoc	\
 	ntpsnmpd.man.in		\
 	ntpsnmpd.mdoc.in	\
+	ntpsnmpd.html		\
+	ntpsnmpd.texi		\
 	ntpv4-mib.mib		\
 	$(NULL)
 
 BUILT_SOURCES=	ntpsnmpd-opts.c ntpsnmpd-opts.h
 CLEANFILES=
 DISTCLEANFILES=	config.log $(man_MANS)
+
+html_DATA=				\
+	$(srcdir)/ntpsnmpd.html		\
+	$(NULL)
+
 noinst_DATA=				\
 	$(srcdir)/invoke-ntpsnmpd.menu	\
 	$(srcdir)/invoke-ntpsnmpd.texi	\
@@ -44,6 +51,8 @@ noinst_DATA=				\
 	$(srcdir)/ntpsnmpd.mdoc.in	\
 	$(NULL)
 
+install-data-local: install-html
+
 man1_MANS=
 man8_MANS=
 man_MANS=	ntpsnmpd.$(NTPSNMPD_MS)
@@ -98,6 +107,9 @@ $(srcdir)/invoke-ntpsnmpd.texi: $(srcdir)/ntpsnmpd-opts.def $(std_def_list)
 	$(run_ag) -Tagtexi-cmd.tpl -DLEVEL=section ntpsnmpd-opts.def
 	$(top_srcdir)/scripts/check--help $@
 
+$(srcdir)/ntpsnmpd.html: $(srcdir)/ntpsnmpd.texi $(top_srcdir)/sntp/include/version.texi
+	cd $(srcdir) && ( makeinfo --force --html --no-split -o ntpsnmpd.html ntpsnmpd.texi || true )
+
 include $(top_srcdir)/bincheck.mf
 include $(top_srcdir)/sntp/check-libntp.mf
 include $(top_srcdir)/check-libopts.mf
diff --git a/ntpsnmpd/invoke-ntpsnmpd.texi b/ntpsnmpd/invoke-ntpsnmpd.texi
index b66234126..797785186 100644
--- a/ntpsnmpd/invoke-ntpsnmpd.texi
+++ b/ntpsnmpd/invoke-ntpsnmpd.texi
@@ -6,13 +6,16 @@
 # 
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpsnmpd.texi)
 # 
-# It has been AutoGen-ed  December 22, 2012 at 11:53:47 AM by AutoGen 5.16.2
+# It has been AutoGen-ed  December 25, 2012 at 10:18:52 AM by AutoGen 5.16.2
 # From the definitions    ntpsnmpd-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
 
 
 
+@code{ntpsnmpd}
+is an SNMP MIB agent designed to interface with
+@code{ntpd(1ntpdmdoc)}.
 
 This section was generated by @strong{AutoGen},
 using the @code{agtexi-cmd} template and the option descriptions for the @code{ntpsnmpd} program.
@@ -23,6 +26,7 @@ This software is released under the NTP license, .
 * ntpsnmpd agentxsocket::           agentxsocket option
 * ntpsnmpd config::                 presetting/configuring ntpsnmpd
 * ntpsnmpd exit status::            exit status
+* ntpsnmpd Usage::                  Usage
 * ntpsnmpd Notes::                  Notes
 * ntpsnmpd Authors::                Authors
 @end menu
@@ -78,7 +82,9 @@ please send bug reports to:  http://bugs.ntp.org, bugs@@ntp.org
 This is the ``the socket address ntpsnmpd uses to connect to net-snmpd'' option.
 This option takes an argument string.
 [:]
-The default is the Unix Domain socket "unix:/var/agentx/master". Another common alternative is tcp:localhost:705.
+The default "agent X socket" is the Unix Domain socket
+@file{unix:/var/agentx/master}.
+Another common alternative is @file{tcp:localhost:705}.
 
 
 @node ntpsnmpd config
@@ -176,8 +182,61 @@ A specified configuration file could not be loaded.
 libopts had an internal operational error.  Please report
 it to autogen-users@@lists.sourceforge.net.  Thank you.
 @end table
+@node ntpsnmpd Usage
+@subsection ntpsnmpd Usage
+@code{ntpsnmpd}
+currently uses a private MIB OID,
+@quoteleft{}enterprises.5597@quoteright{},
+,
+which is the Meinberg top level OEM OID, and
+@quoteleft{}99@quoteright{}
+is the temporary working space for this project. 
+The final OID has to be registered with IANA
+and this is done by the RFC Editor
+when the NTPv4 MIB RFC is standardized. 
+
+If you have
+@code{snmpwalk(1)}
+installed you can run
+.Dl
+%
+snmpwalk
+-v2c
+-c
+public
+localhost
+enterprises.5597.99
+to see a list of all currently supported NTP MIB objects
+and their current values.
 @node ntpsnmpd Notes
 @subsection ntpsnmpd Notes
+The following objects are currently supported:
+
+@table @samp
+@item Li
+please fill me in...
+@item Li
+please fill me in...
+@item Li
+please fill me in...
+@item Li
+please fill me in...
+@item Li
+please fill me in...
+@item Li
+please fill me in...
+@item Li
+please fill me in...
+@item Li
+please fill me in...
+@item Li
+please fill me in...
+@item Li
+please fill me in...
+
+@end multitable
+
 This document corresponds to version @VERSION@ of NTP.
 @node ntpsnmpd Authors
 @subsection ntpsnmpd Authors
+1@*
diff --git a/ntpsnmpd/ntpsnmpd-opts.c b/ntpsnmpd/ntpsnmpd-opts.c
index d0c6a29ee..bd25f9674 100644
--- a/ntpsnmpd/ntpsnmpd-opts.c
+++ b/ntpsnmpd/ntpsnmpd-opts.c
@@ -1,7 +1,7 @@
 /*  
  *  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.c)
  *  
- *  It has been AutoGen-ed  December 22, 2012 at 11:53:35 AM by AutoGen 5.16.2
+ *  It has been AutoGen-ed  December 25, 2012 at 10:18:44 AM by AutoGen 5.16.2
  *  From the definitions    ntpsnmpd-opts.def
  *  and the template file   options
  *
diff --git a/ntpsnmpd/ntpsnmpd-opts.def b/ntpsnmpd/ntpsnmpd-opts.def
index d02451e43..b80e4b26f 100644
--- a/ntpsnmpd/ntpsnmpd-opts.def
+++ b/ntpsnmpd/ntpsnmpd-opts.def
@@ -35,7 +35,9 @@ flag = {
     descrip   = "The socket address ntpsnmpd uses to connect to net-snmpd";
     doc = <<-  _EndOfDoc_
 	[:]
-	The default is the Unix Domain socket "unix:/var/agentx/master". Another common alternative is tcp:localhost:705.
+	The default "agent X socket" is the Unix Domain socket
+	@file{unix:/var/agentx/master}.
+	Another common alternative is @file{tcp:localhost:705}.
 	_EndOfDoc_;
 };
 
@@ -47,6 +49,9 @@ doc-section	= {
   ds-type	= 'DESCRIPTION';
   ds-format	= 'mdoc';
   ds-text	= <<- _END_PROG_MDOC_DESCRIP
+	.Nm
+	is an SNMP MIB agent designed to interface with
+	.Xr ntpd 1ntpdmdoc .
 	_END_PROG_MDOC_DESCRIP;
 };
 
@@ -55,19 +60,58 @@ prog-info-descrip = <<- _END_PROG_INFO_DESCRIP
 	_END_PROG_INFO_DESCRIP;
 */
 
-/*
 doc-section	= {
   ds-type	= 'USAGE';
   ds-format	= 'mdoc';
   ds-text	= <<- _END_MDOC_USAGE
+	.Nm
+	currently uses a private MIB OID,
+	.Ql enterprises.5597 ,
+	which is the Meinberg top level OEM OID, and
+	.Ql 99
+	is the temporary working space for this project. 
+	The final OID has to be registered with IANA
+	and this is done by the RFC Editor
+	when the NTPv4 MIB RFC is standardized. 
+	.Pp
+	If you have
+	.Xr snmpwalk 1
+	installed you can run
+	.Dl % snmpwalk -v2c -c public localhost enterprises.5597.99
+	to see a list of all currently supported NTP MIB objects
+	and their current values.
 	_END_MDOC_USAGE;
 };
-*/
 
 doc-section	= {
   ds-type	= 'NOTES';
   ds-format	= 'mdoc';
   ds-text	= <<- _END_MDOC_NOTES
+The following objects are currently supported:
+.Pp
+.Bl -tag -width ".Li ntpEntSoftwareVersionVal" -compact -offset indent
+.It Li ntpEntSoftwareName
+please fill me in...
+.It Li ntpEntSoftwareVersion
+please fill me in...
+.It Li ntpEntSoftwareVersionVal
+please fill me in...
+.It Li ntpEntSoftwareVendor
+please fill me in...
+.It Li ntpEntSystemType
+please fill me in...
+.It Li ntpEntTimeResolution
+please fill me in...
+.It Li ntpEntTimeResolutionVal
+please fill me in...
+.It Li ntpEntTimePrecision
+please fill me in...
+.It Li ntpEntTimePrecisionVal
+please fill me in...
+.It Li ntpEntTimeDistance
+please fill me in...
+.El
+.Pp
 This document corresponds to version @VERSION@ of NTP.
 	_END_MDOC_NOTES;
 };
diff --git a/ntpsnmpd/ntpsnmpd-opts.h b/ntpsnmpd/ntpsnmpd-opts.h
index a2cbcbd50..db3c36188 100644
--- a/ntpsnmpd/ntpsnmpd-opts.h
+++ b/ntpsnmpd/ntpsnmpd-opts.h
@@ -1,7 +1,7 @@
 /*  
  *  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.h)
  *  
- *  It has been AutoGen-ed  December 22, 2012 at 11:53:35 AM by AutoGen 5.16.2
+ *  It has been AutoGen-ed  December 25, 2012 at 10:18:44 AM by AutoGen 5.16.2
  *  From the definitions    ntpsnmpd-opts.def
  *  and the template file   options
  *
diff --git a/ntpsnmpd/ntpsnmpd.1ntpsnmpdman b/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
index 09f09a6f7..95a64b461 100644
--- a/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
+++ b/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
@@ -1,8 +1,8 @@
-.TH ntpsnmpd 1ntpsnmpdman "22 Dec 2012" "4.2.7p337" "User Commands"
+.TH ntpsnmpd 1ntpsnmpdman "25 Dec 2012" "4.2.7p337" "User Commands"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.man)
 .\"  
-.\"  It has been AutoGen-ed  December 22, 2012 at 11:53:44 AM by AutoGen 5.16.2
+.\"  It has been AutoGen-ed  December 25, 2012 at 10:18:54 AM by AutoGen 5.16.2
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agman-cmd.tpl
 .\"
@@ -16,6 +16,9 @@ ntpsnmpd \- NTP SNMP MIB agent
 All arguments must be options.
 .PP
 .SH DESCRIPTION
+.B 
+is an SNMP MIB agent designed to interface with
+.Xr ntpd 1ntpdmdoc .
 .SH "OPTIONS"
 .TP
 .BR \-n ", " -\-nofork
@@ -33,7 +36,9 @@ The default \fIstring\fP for this option is:
  unix:/var/agentx/master
 .sp
 [:]
-The default is the Unix Domain socket "unix:/var/agentx/master". Another common alternative is tcp:localhost:705.
+The default "agent X socket" is the Unix Domain socket
+\fIunix:/var/agentx/master\fP.
+Another common alternative is \fItcp:localhost:705\fP.
 .TP
 .BR \-? , " \-\-help"
 Display usage information and exit.
@@ -68,6 +73,23 @@ the configuration files.
 The \fIhomerc\fP files are "\fI$HOME\fP", and "\fI.\fP".
 If any of these are directories, then the file \fI.ntprc\fP
 is searched for within those directories.
+.SH USAGE
+.B 
+currently uses a private MIB OID,
+.Ql enterprises.5597 ,
+which is the Meinberg top level OEM OID, and
+.Ql 99
+is the temporary working space for this project. 
+The final OID has to be registered with IANA
+and this is done by the RFC Editor
+when the NTPv4 MIB RFC is standardized. 
+.PP
+If you have
+.Xr snmpwalk 1
+installed you can run
+.Dl % snmpwalk -v2c -c public localhost enterprises.5597.99
+to see a list of all currently supported NTP MIB objects
+and their current values.
 .SH "ENVIRONMENT"
 See \fBOPTION PRESETS\fP for configuration environment variables.
 .SH "FILES"
@@ -88,12 +110,47 @@ A specified configuration file could not be loaded.
 libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you.
 .SH AUTHORS
+.An "Heiko Gerstung"
 .SH "COPYRIGHT"
 Copyright (C) 1970-2012 The University of Delaware all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
 .SH NOTES
+The following objects are currently supported:
+.PP
+.TP
+.BR Li ntpEntSoftwareName
+please fill me in...
+.TP
+.BR Li ntpEntSoftwareVersion
+please fill me in...
+.TP
+.BR Li ntpEntSoftwareVersionVal
+please fill me in...
+.TP
+.BR Li ntpEntSoftwareVendor
+please fill me in...
+.TP
+.BR Li ntpEntSystemType
+please fill me in...
+.TP
+.BR Li ntpEntTimeResolution
+please fill me in...
+.TP
+.BR Li ntpEntTimeResolutionVal
+please fill me in...
+.TP
+.BR Li ntpEntTimePrecision
+please fill me in...
+.TP
+.BR Li ntpEntTimePrecisionVal
+please fill me in...
+.TP
+.BR Li ntpEntTimeDistance
+please fill me in...
+.PP
+This document corresponds to version @VERSION@ of NTP.
 .PP
 This manual page was \fIAutoGen\fP-erated from the \fBntpsnmpd\fP
 option definitions.
diff --git a/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc b/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
index 6245452e0..4458ef4dd 100644
--- a/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
+++ b/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
@@ -1,9 +1,9 @@
-.Dd December 22 2012
+.Dd December 25 2012
 .Dt NTPSNMPD 1ntpsnmpdmdoc User Commands
-.Os SunOS 5.10
+.Os FreeBSD 6.4-STABLE
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.mdoc)
 .\"  
-.\"  It has been AutoGen-ed  December 22, 2012 at 11:53:49 AM by AutoGen 5.16.2
+.\"  It has been AutoGen-ed  December 25, 2012 at 10:18:49 AM by AutoGen 5.16.2
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -19,6 +19,9 @@
 All arguments must be options.
 .Pp
 .Sh DESCRIPTION
+.Nm
+is an SNMP MIB agent designed to interface with
+.Xr ntpd 1ntpdmdoc .
 .Sh "OPTIONS"
 .Bl -tag
 .It  \-n ", " -\-nofork
@@ -36,7 +39,9 @@ The default \fIstring\fP for this option is:
  unix:/var/agentx/master
 .sp
 [:]
-The default is the Unix Domain socket "unix:/var/agentx/master". Another common alternative is tcp:localhost:705.
+The default "agent X socket" is the Unix Domain socket
+\fIunix:/var/agentx/master\fP.
+Another common alternative is \fItcp:localhost:705\fP.
 .It \-? , " \-\-help"
 Display usage information and exit.
 .It \-! , " \-\-more-help"
@@ -67,6 +72,23 @@ the configuration files.
 The \fIhomerc\fP files are "\fI$HOME\fP", and "\fI.\fP".
 If any of these are directories, then the file \fI.ntprc\fP
 is searched for within those directories.
+.Sh USAGE
+.Nm
+currently uses a private MIB OID,
+.Ql enterprises.5597 ,
+which is the Meinberg top level OEM OID, and
+.Ql 99
+is the temporary working space for this project. 
+The final OID has to be registered with IANA
+and this is done by the RFC Editor
+when the NTPv4 MIB RFC is standardized. 
+.Pp
+If you have
+.Xr snmpwalk 1
+installed you can run
+.Dl % snmpwalk -v2c -c public localhost enterprises.5597.99
+to see a list of all currently supported NTP MIB objects
+and their current values.
 .Sh "ENVIRONMENT"
 See \fBOPTION PRESETS\fP for configuration environment variables.
 .Sh "FILES"
@@ -85,12 +107,39 @@ libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you.
 .El
 .Sh AUTHORS
+.An "Heiko Gerstung"
 .Sh "COPYRIGHT"
 Copyright (C) 1970-2012 The University of Delaware all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
 .Sh NOTES
+The following objects are currently supported:
+.Pp
+.Bl -tag -width ".Li ntpEntSoftwareVersionVal" -compact -offset indent
+.It Li ntpEntSoftwareName
+please fill me in...
+.It Li ntpEntSoftwareVersion
+please fill me in...
+.It Li ntpEntSoftwareVersionVal
+please fill me in...
+.It Li ntpEntSoftwareVendor
+please fill me in...
+.It Li ntpEntSystemType
+please fill me in...
+.It Li ntpEntTimeResolution
+please fill me in...
+.It Li ntpEntTimeResolutionVal
+please fill me in...
+.It Li ntpEntTimePrecision
+please fill me in...
+.It Li ntpEntTimePrecisionVal
+please fill me in...
+.It Li ntpEntTimeDistance
+please fill me in...
+.El
+.Pp
+This document corresponds to version @VERSION@ of NTP.
 .Pp
 This manual page was \fIAutoGen\fP-erated from the \fBntpsnmpd\fP
 option definitions.
diff --git a/ntpsnmpd/ntpsnmpd.html b/ntpsnmpd/ntpsnmpd.html
new file mode 100644
index 000000000..6b90951f3
--- /dev/null
+++ b/ntpsnmpd/ntpsnmpd.html
@@ -0,0 +1,84 @@
+
+
+ntpsnmpd: Network Time Protocol SNMP Daemon User's Manual
+
+
+
+
+
+
+
+
+
+
ntpsnmpd: Network Time Protocol SNMP Daemon User's Manual
+  
+Short Contents
+
+ntpsnmpd: Network Time Protocol Query User Manual
+
+
+
+
+
+
+
+

+Next: ntpsnmpd Description,
+Previous: (dir),
+Up: (dir)
+
+
+
+ntpsnmpd: Network Time Protocol Query User Manual
+
+The ntpsnmpd utility program is used to monitor NTP daemon ntpd
+operations and determine performance.  It uses the standard NTP mode 6 control
+
+  
This document applies to version 4.2.7p337 of ntpsnmpd.
+
+

+ntpsnmpd Description:             Description
+
ntpsnmpd Invocation: 		Invoking ntpsnmpd
+
Usage:                        Usage
+
+
+
+
+

+Next: Usage,
+Previous: Top,
+Up: Top
+
+
+
+
+Description
+
+The ntpsnmpd utility program provides an SNMP MIB agent for ntpd.
+
+

+
+

+Next: Internal Commands,
+Previous: ntpsnmpd Description,
+Up: Top
+
+
+
+
+Usage
+
+(what should we say here?)
+
+
+
diff --git a/ntpsnmpd/ntpsnmpd.man.in b/ntpsnmpd/ntpsnmpd.man.in
index 6270d33ab..5f3d031d5 100644
--- a/ntpsnmpd/ntpsnmpd.man.in
+++ b/ntpsnmpd/ntpsnmpd.man.in
@@ -1,8 +1,8 @@
-.TH ntpsnmpd @NTPSNMPD_MS@ "22 Dec 2012" "4.2.7p337" "User Commands"
+.TH ntpsnmpd @NTPSNMPD_MS@ "25 Dec 2012" "4.2.7p337" "User Commands"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.man)
 .\"  
-.\"  It has been AutoGen-ed  December 22, 2012 at 11:53:44 AM by AutoGen 5.16.2
+.\"  It has been AutoGen-ed  December 25, 2012 at 10:18:54 AM by AutoGen 5.16.2
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agman-cmd.tpl
 .\"
@@ -16,6 +16,9 @@ ntpsnmpd \- NTP SNMP MIB agent
 All arguments must be options.
 .PP
 .SH DESCRIPTION
+.B 
+is an SNMP MIB agent designed to interface with
+.Xr ntpd @NTPD_MS@ .
 .SH "OPTIONS"
 .TP
 .BR \-n ", " -\-nofork
@@ -33,7 +36,9 @@ The default \fIstring\fP for this option is:
  unix:/var/agentx/master
 .sp
 [:]
-The default is the Unix Domain socket "unix:/var/agentx/master". Another common alternative is tcp:localhost:705.
+The default "agent X socket" is the Unix Domain socket
+\fIunix:/var/agentx/master\fP.
+Another common alternative is \fItcp:localhost:705\fP.
 .TP
 .BR \-? , " \-\-help"
 Display usage information and exit.
@@ -68,6 +73,23 @@ the configuration files.
 The \fIhomerc\fP files are "\fI$HOME\fP", and "\fI.\fP".
 If any of these are directories, then the file \fI.ntprc\fP
 is searched for within those directories.
+.SH USAGE
+.B 
+currently uses a private MIB OID,
+.Ql enterprises.5597 ,
+which is the Meinberg top level OEM OID, and
+.Ql 99
+is the temporary working space for this project. 
+The final OID has to be registered with IANA
+and this is done by the RFC Editor
+when the NTPv4 MIB RFC is standardized. 
+.PP
+If you have
+.Xr snmpwalk 1
+installed you can run
+.Dl % snmpwalk -v2c -c public localhost enterprises.5597.99
+to see a list of all currently supported NTP MIB objects
+and their current values.
 .SH "ENVIRONMENT"
 See \fBOPTION PRESETS\fP for configuration environment variables.
 .SH "FILES"
@@ -88,12 +110,47 @@ A specified configuration file could not be loaded.
 libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you.
 .SH AUTHORS
+.An "Heiko Gerstung"
 .SH "COPYRIGHT"
 Copyright (C) 1970-2012 The University of Delaware all rights reserved.
 This program is released under the terms of the NTP license, .
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
 .SH NOTES
+The following objects are currently supported:
+.PP
+.TP
+.BR Li ntpEntSoftwareName
+please fill me in...
+.TP
+.BR Li ntpEntSoftwareVersion
+please fill me in...
+.TP
+.BR Li ntpEntSoftwareVersionVal
+please fill me in...
+.TP
+.BR Li ntpEntSoftwareVendor
+please fill me in...
+.TP
+.BR Li ntpEntSystemType
+please fill me in...
+.TP
+.BR Li ntpEntTimeResolution
+please fill me in...
+.TP
+.BR Li ntpEntTimeResolutionVal
+please fill me in...
+.TP
+.BR Li ntpEntTimePrecision
+please fill me in...
+.TP
+.BR Li ntpEntTimePrecisionVal
+please fill me in...
+.TP
+.BR Li ntpEntTimeDistance
+please fill me in...
+.PP
+This document corresponds to version @VERSION@ of NTP.
 .PP
 This manual page was \fIAutoGen\fP-erated from the \fBntpsnmpd\fP
 option definitions.
diff --git a/ntpsnmpd/ntpsnmpd.mdoc.in b/ntpsnmpd/ntpsnmpd.mdoc.in
index 8e9079d56..ecb1ef63d 100644
--- a/ntpsnmpd/ntpsnmpd.mdoc.in
+++ b/ntpsnmpd/ntpsnmpd.mdoc.in
@@ -1,9 +1,9 @@
-.Dd December 22 2012
+.Dd December 25 2012
 .Dt NTPSNMPD @NTPSNMPD_MS@ User Commands
-.Os SunOS 5.10
+.Os FreeBSD 6.4-STABLE
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.mdoc)
 .\"  
-.\"  It has been AutoGen-ed  December 22, 2012 at 11:53:49 AM by AutoGen 5.16.2
+.\"  It has been AutoGen-ed  December 25, 2012 at 10:18:49 AM by AutoGen 5.16.2
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -19,6 +19,9 @@
 All arguments must be options.
 .Pp
 .Sh DESCRIPTION
+.Nm
+is an SNMP MIB agent designed to interface with
+.Xr ntpd @NTPD_MS@ .
 .Sh "OPTIONS"
 .Bl -tag
 .It  \-n ", " -\-nofork
@@ -36,7 +39,9 @@ The default \fIstring\fP for this option is:
  unix:/var/agentx/master
 .sp
 [:]
-The default is the Unix Domain socket "unix:/var/agentx/master". Another common alternative is tcp:localhost:705.
+The default "agent X socket" is the Unix Domain socket
+\fIunix:/var/agentx/master\fP.
+Another common alternative is \fItcp:localhost:705\fP.
 .It \-? , " \-\-help"
 Display usage information and exit.
 .It \-! , " \-\-more-help"
@@ -67,6 +72,23 @@ the configuration files.
 The \fIhomerc\fP files are "\fI$HOME\fP", and "\fI.\fP".
 If any of these are directories, then the file \fI.ntprc\fP
 is searched for within those directories.
+.Sh USAGE
+.Nm
+currently uses a private MIB OID,
+.Ql enterprises.5597 ,
+which is the Meinberg top level OEM OID, and
+.Ql 99
+is the temporary working space for this project. 
+The final OID has to be registered with IANA
+and this is done by the RFC Editor
+when the NTPv4 MIB RFC is standardized. 
+.Pp
+If you have
+.Xr snmpwalk 1
+installed you can run
+.Dl % snmpwalk -v2c -c public localhost enterprises.5597.99
+to see a list of all currently supported NTP MIB objects
+and their current values.
 .Sh "ENVIRONMENT"
 See \fBOPTION PRESETS\fP for configuration environment variables.
 .Sh "FILES"
@@ -85,12 +107,39 @@ libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you.
 .El
 .Sh AUTHORS
+.An "Heiko Gerstung"
 .Sh "COPYRIGHT"
 Copyright (C) 1970-2012 The University of Delaware all rights reserved.
 This program is released under the terms of the NTP license, .
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
 .Sh NOTES
+The following objects are currently supported:
+.Pp
+.Bl -tag -width ".Li ntpEntSoftwareVersionVal" -compact -offset indent
+.It Li ntpEntSoftwareName
+please fill me in...
+.It Li ntpEntSoftwareVersion
+please fill me in...
+.It Li ntpEntSoftwareVersionVal
+please fill me in...
+.It Li ntpEntSoftwareVendor
+please fill me in...
+.It Li ntpEntSystemType
+please fill me in...
+.It Li ntpEntTimeResolution
+please fill me in...
+.It Li ntpEntTimeResolutionVal
+please fill me in...
+.It Li ntpEntTimePrecision
+please fill me in...
+.It Li ntpEntTimePrecisionVal
+please fill me in...
+.It Li ntpEntTimeDistance
+please fill me in...
+.El
+.Pp
+This document corresponds to version @VERSION@ of NTP.
 .Pp
 This manual page was \fIAutoGen\fP-erated from the \fBntpsnmpd\fP
 option definitions.
diff --git a/ntpsnmpd/ntpsnmpd.texi b/ntpsnmpd/ntpsnmpd.texi
new file mode 100644
index 000000000..693559670
--- /dev/null
+++ b/ntpsnmpd/ntpsnmpd.texi
@@ -0,0 +1,53 @@
+\input texinfo    @c -*-texinfo-*-
+@c %**start of header
+@setfilename ntpsnmpd.info
+@settitle ntpsnmpd: Network Time Protocol SNMP Daemon User's Manual
+@include ../sntp/include/version.texi
+@paragraphindent 2
+@c %**end of header
+
+@ifinfo
+This file documents the use of the NTP Project's ntpsnmpd, a program for
+querying the state of an NTP server via SNMP.
+@end ifinfo
+
+@direntry
+* ntpsnmpd: (ntpsnmpd).                   NTP SNMP Daemon program
+@end direntry
+
+@titlepage
+@title ntpsnmpd: Network Time Protocol SNMP Daemon User's Manual
+@subtitle ntpsnmpd, version @value{VERSION}, @value{UPDATED}
+@c @author Max @email{foo@ntp.org}
+@end titlepage
+
+@c @page
+@c @vskip 0pt plus 1filll
+
+@shortcontents
+
+@node Top, ntpsnmpd Description, (dir), (dir)
+@top ntpsnmpd: Network Time Protocol Query User Manual
+
+The @code{ntpsnmpd} utility program is used to monitor NTP daemon @code{ntpd}
+operations and determine performance.  It uses the standard NTP mode 6 control
+
+This document applies to version @value{VERSION} of @code{ntpsnmpd}.
+
+@menu
+* ntpsnmpd Description::            Description
+* ntpsnmpd Invocation::		Invoking ntpsnmpd
+* Usage::                       Usage
+@end menu
+
+@node ntpsnmpd Description, Usage, Top, Top
+@comment  node-name,  next,  previous,  up
+@section Description
+
+The @code{ntpsnmpd} utility program provides an SNMP MIB agent for @code{ntpd}.
+
+@node Usage, , ntpsnmpd Description, Top
+@comment  node-name,  next,  previous,  up
+@section Usage
+
+(what should we say here?)
diff --git a/scripts/ntp-wait.html b/scripts/ntp-wait.html
index e40340bf2..4bc1f6af6 100644
--- a/scripts/ntp-wait.html
+++ b/scripts/ntp-wait.html
@@ -3,7 +3,7 @@
 Ntp-wait User's Manual
 
 
-
+
 
 
 
@@ -14,18 +14,20 @@
   pre.smallformat  { font-family:inherit; font-size:smaller }
   pre.smallexample { font-size:smaller }
   pre.smalllisp    { font-size:smaller }
-  span.sc { font-variant:small-caps }
-  span.roman { font-family: serif; font-weight: normal; } 
+  span.sc    { font-variant:small-caps }
+  span.roman { font-family:serif; font-weight:normal; } 
+  span.sansserif { font-family:sans-serif; font-weight:normal; } 
 -->
 
 
 
Ntp-wait User's Manual
 
+
 

-Next: ntp-wait Description,
+Next: ntp-wait Description,
 Previous: (dir),
 Up: (dir)
-

+
 
 
 Simple Network Time Protocol User Manual
@@ -56,9 +58,11 @@ accurate and stable time.
 
 
 
-

+
 
-

+

+
+
 
 
 
@@ -69,9 +73,11 @@ This can be useful at boot time, to delay the boot sequence until after
 ntpd -g has set the time.
 
 
-

+
 
-

+

+
+
 
 
 Invoking ntp-wait
@@ -96,7 +102,7 @@ using the agtexi-cmd template and the option descriptions for the <
 This software is released under the NTP license, <http://ntp.org/license>.
 
 
-ntp-wait usage:                   ntp-wait help/usage (--help)
+
ntp-wait usage:                   ntp-wait help/usage (--help)
 
ntp-wait :                         option (-n)
 
ntp-wait :                         option (-s)
 
ntp-wait :                         option (-v)
@@ -107,23 +113,25 @@ This software is released under the NTP license, <http://ntp.org/license>.
 
 
 
+
+
 

-Next: ntp-wait,
+Next: ntp-wait,
 Up: ntp-wait Invocation
-

+
 
 
-ntp-wait help/usage (--help)
+ntp-wait help/usage (--help)
 
 
 This is the automatically generated usage text for ntp-wait.
 
   
The text printed is the same whether selected with the help option
-(--help) or the more-help option (--more-help).  more-help will print
+(--help) or the more-help option (--more-help).  more-help will print
 the usage text by passing it through a pager program. 
 more-help is disabled on platforms without a working
 fork(2) function.  The PAGER environment variable is
-used to select the program, defaulting to more.  Both will exit
+used to select the program, defaulting to more.  Both will exit
 with a status code of 0.
 
 
/deacon/backroom/snaps/ntp-dev/A.snap/scripts/ntp-wait version [unknown] calling Getopt::Std::getopts (version 1.05 [paranoid]),
@@ -141,41 +149,47 @@ Space is not required between options and their arguments.
    See ``perldoc Getopt::Std'' about $Getopt::Std::STANDARD_HELP_VERSION.]
 
   
+
+
 

-Next: ntp-wait config,
+Next: ntp-wait config,
 Previous: ntp-wait,
 Up: ntp-wait Invocation
-

+
 
 
 option (-n)
 
 
 This is the “number of times to check ntpd” option. 
-This option takes an argument number num-tries. 
+This option takes an argument number num-tries. 
 The maximum number of times we will check ntpd to see if it
 has been able to synchronize and stabilize the system clock. 
 

+
+
 

-Next: ntp-wait config,
+Next: ntp-wait config,
 Previous: ntp-wait,
 Up: ntp-wait Invocation
-

+
 
 
 option (-s)
 
 
 This is the “how long to sleep between tries” option. 
-This option takes an argument number secs-between-tries. 
-We will sleep for secs-between-tries after each query of ntpd
+This option takes an argument number secs-between-tries. 
+We will sleep for secs-between-tries after each query of ntpd
 that returns "the time is not yet stable". 
 

+
+
 

-Next: ntp-wait config,
+Next: ntp-wait config,
 Previous: ntp-wait,
 Up: ntp-wait Invocation
-

+
 
 
 option (-v)
@@ -186,11 +200,13 @@ By default, ntp-wait is silent.  With this option, ntp-wait
 will provide status information.
 
 
+
+
 

-Next: ntp-wait exit status,
+Next: ntp-wait exit status,
 Previous: ntp-wait,
 Up: ntp-wait Invocation
-

+
 
 
 presetting/configuring ntp-wait
@@ -212,41 +228,47 @@ detail to provide.  The default is to print just the version.  The licensing inf
 first letter of the argument is examined:
 
      
-version
Only print the version.  This is the default. 
-
copyright
Name the copyright usage licensing terms. 
-
verbose
Print the full copyright usage licensing terms. 
+
‘version’
Only print the version.  This is the default. 
+
‘copyright’
Name the copyright usage licensing terms. 
+
‘verbose’
Print the full copyright usage licensing terms. 
 
 
 
+
+
 

-Next: ntp-wait Authors,
+Next: ntp-wait Authors,
 Previous: ntp-wait config,
 Up: ntp-wait Invocation
-

+
 
 
 ntp-wait exit status
 
 One of the following exit values will be returned:
      

-0 (EXIT_SUCCESS)
Successful program execution. 
-
1 (EXIT_FAILURE)
The operation failed or the command syntax was not valid. 
+
‘0 (EXIT_SUCCESS)’
Successful program execution. 
+
‘1 (EXIT_FAILURE)’
The operation failed or the command syntax was not valid. 
 
   
+
+
 

-Next: ntp-wait Notes,
+Next: ntp-wait Notes,
 Previous: ntp-wait exit status,
 Up: ntp-wait Invocation
-

+
 
 
 ntp-wait Authors
 
 
+
+
 

-Previous: ntp-wait Authors,
+Previous: ntp-wait Authors,
 Up: ntp-wait Invocation
-

+
 
 
 ntp-wait Notes
diff --git a/scripts/ntp-wait.texi b/scripts/ntp-wait.texi
index 57d8fd3f6..df758bd82 100644
--- a/scripts/ntp-wait.texi
+++ b/scripts/ntp-wait.texi
@@ -2,7 +2,7 @@
 @c %**start of header
 @setfilename ntp-wait.info
 @settitle Ntp-wait User's Manual
-@include include/version.texi
+@include ../sntp/include/version.texi
 @paragraphindent 2
 @c %**end of header
 
diff --git a/util/ntp-keygen.html b/util/ntp-keygen.html
index 1b6713ec9..f800f643e 100644
--- a/util/ntp-keygen.html
+++ b/util/ntp-keygen.html
@@ -3,7 +3,7 @@
 Ntp-keygen User's Manual
 
 
-
+
 
 
 
@@ -14,8 +14,9 @@
   pre.smallformat  { font-family:inherit; font-size:smaller }
   pre.smallexample { font-size:smaller }
   pre.smalllisp    { font-size:smaller }
-  span.sc { font-variant:small-caps }
-  span.roman { font-family: serif; font-weight: normal; } 
+  span.sc    { font-variant:small-caps }
+  span.roman { font-family:serif; font-weight:normal; } 
+  span.sansserif { font-family:sans-serif; font-weight:normal; } 
 -->
 
 
@@ -31,9 +32,10 @@
 
 
 
+
 

-Up: (dir)
-

+Up: (dir)
+
 
 
 Top
@@ -47,11 +49,12 @@
 
 
 
+
 

-Next: Description,
+Next: Description,
 Previous: (dir),
 Up: (dir)
-

+
 
 
 NTP Key Generation Program User Manual
@@ -59,8 +62,8 @@ Up: (dir)
 This document describes the use of the NTP Project's ntp-keygen
 program, that generates cryptographic data files used by the NTPv4
 authentication and identity schemes. 
-It can generate message digest
-keys used in symmetric key cryptography and, if the OpenSSL software
+It can generate message digest keys used in symmetric key cryptography and,
+if the OpenSSL software
 library has been installed, it can generate host keys, sign keys,
 certificates, and identity keys and parameters used by the Autokey
 public key cryptography. 
@@ -73,11 +76,12 @@ mail to other sites.
   
This document applies to version 4.2.7p337 of ntp-keygen.
 
 

+
 

-Next: Running the Program,
+Next: Running the Program,
 Previous: Top,
 Up: Top
-

+
 
 
 
@@ -95,11 +99,14 @@ mail to other sites.
 
   When used to generate message digest keys, the program produces a file
 containing ten pseudo-random printable ASCII strings suitable for the
-MD5 message digest algorithm included in the distribution. If the
+MD5 message digest algorithm included in the distribution. 
+If the
 OpenSSL library is installed, it produces an additional ten hex-encoded
 random bit strings suitable for the SHA1 and other message digest
-algorithms. The message digest keys file must be distributed and stored
-using secure means beyond the scope of NTP itself. Besides the keys
+algorithms. 
+The message digest keys file must be distributed and stored
+using secure means beyond the scope of NTP itself. 
+Besides the keys
 used for ordinary NTP associations, additional keys can be defined as
 passwords for the ntpq and ntpdc utility programs.
 
@@ -107,92 +114,108 @@ passwords for the ntpq and ntpdc utility programs.
 applications and other Public Key Infrastructure (PKI) resources. 
 Certificates generated by this program are compatible with extant
 industry practice, although some users might find the interpretation of
-X509v3 extension fields somewhat liberal. However, the identity keys
+X509v3 extension fields somewhat liberal. 
+However, the identity keys
 are probably not compatible with anything other than Autokey.
 
   
Some files used by this program are encrypted using a private password. 
-The -p option specifies the password for local encrypted files and the
--q option the password for encrypted files sent to remote sites. If no
-password is specified, the host name returned by the Unix gethostname()
-function, normally the DNS name of the host, is used.
-
-  
The pw option of the crypto configuration command specifies the read
-password for previously encrypted local files. This must match the
-local password used by this program. If not specified, the host name is
-used. Thus, if files are generated by this program without password,
+The -p option specifies the password for local encrypted files and the
+-q option the password for encrypted files sent to remote sites. 
+If no password is specified, the host name returned by the Unix
+gethostname() function, normally the DNS name of the host, is used.
+
+  
The pw option of the crypto configuration command
+specifies the read password for previously encrypted local files. 
+This must match the local password used by this program. 
+If not specified, the host name is used. 
+Thus, if files are generated by this program without password,
 they can be read back by ntpd without password, but only on the same
 host.
 
   
Normally, encrypted files for each host are generated by that host and
 used only by that host, although exceptions exist as noted later on
-this page. The symmetric keys file, normally called ntp.keys, is
-usually installed in /etc. Other files and links are usually installed
-in /usr/local/etc, which is normally in a shared filesystem in
-NFS-mounted networks and cannot be changed by shared clients. The
-location of the keys directory can be changed by the keysdir
-configuration command in such cases. Normally, this is in /etc.
+this page. 
+The symmetric keys file, normally called ntp.keys, is
+usually installed in /etc. 
+Other files and links are usually installed
+in /usr/local/etc, which is normally in a shared filesystem in
+NFS-mounted networks and cannot be changed by shared clients. 
+The location of the keys directory can be changed by the keysdir
+configuration command in such cases. 
+Normally, this is in /etc.
 
   
This program directs commentary and error messages to the standard
-error stream stderr and remote files to the standard output stream
-stdout where they can be piped to other applications or redirected to
-files. The names used for generated files and links all begin with the
-string ntpkey and include the file type, generating host and filestamp,
-as described in the Cryptographic Data Files section below.
+error stream stderr and remote files to the standard output stream
+stdout where they can be piped to other applications or redirected to
+files. 
+The names used for generated files and links all begin with the
+string ntpkey and include the file type,
+generating host and filestamp,
+as described in the Cryptographic Data Files section below.
 
 

+
 

-Next: Random Seed File,
+Next: Random Seed File,
 Previous: Description,
 Up: Top
-

+
 
 
 
 Running the Program
 
 To test and gain experience with Autokey concepts, log in as root and
-change to the keys directory, usually /usr/local/etc. When run for the
-first time, or if all files with names beginning ntpkey have been
-removed, use the ntp-keygen command without arguments to generate a
+change to the keys directory, usually /usr/local/etc. 
+When run for the
+first time, or if all files with names beginning ntpkey] have been
+removed, use the ntp-keygen command without arguments to generate a
 default RSA host key and matching RSA-MD5 certificate with expiration
-date one year hence. If run again without options, the program uses the
+date one year hence. 
+If run again without options, the program uses the
 existing keys and parameters and generates only a new certificate with
 new expiration date one year hence.
 
-  
Run the command on as many hosts as necessary. Designate one of them as
-the trusted host (TH) using ntp-keygen with the -T option and configure
-it to synchronize from reliable Internet servers. Then configure the
-other hosts to synchronize to the TH directly or indirectly. A
-certificate trail is created when Autokey asks the immediately
+  
Run the command on as many hosts as necessary. 
+Designate one of them as the trusted host (TH) using ntp-keygen
+with the -T option and configure
+it to synchronize from reliable Internet servers. 
+Then configure the other hosts to synchronize to the TH directly or indirectly. 
+A certificate trail is created when Autokey asks the immediately
 ascendant host towards the TH to sign its certificate, which is then
-provided to the immediately descendant host on request. All group hosts
-should have acyclic certificate trails ending on the TH.
+provided to the immediately descendant host on request. 
+All group hosts should have acyclic certificate trails ending on the TH.
 
   
The host key is used to encrypt the cookie when required and so must be
-RSA type. By default, the host key is also the sign key used to encrypt
-signatures. A different sign key can be assigned using the -S option
-and this can be either RSA or DSA type. By default, the signature
+RSA type. 
+By default, the host key is also the sign key used to encrypt signatures. 
+A different sign key can be assigned using the -S option
+and this can be either RSA or DSA type. 
+By default, the signature
 message digest type is MD5, but any combination of sign key type and
 message digest type supported by the OpenSSL library can be specified
-using the -c option.
+using the -c option.
 
   
The rules say cryptographic media should be generated with proventic
 filestamps, which means the host should already be synchronized before
-this program is run. This of course creates a chicken-and-egg problem
-when the host is started for the first time. Accordingly, the host time
+this program is run. 
+This of course creates a chicken-and-egg problem
+when the host is started for the first time. 
+Accordingly, the host time
 should be set by some other means, such as eyeball-and-wristwatch, at
 least so that the certificate lifetime is within the current year. 
 After that and when the host is synchronized to a proventic source, the
 certificate should be re-generated.
 
   
Additional information on trusted groups and identity schemes is on the
-Autokey Public-Key Authentication
-page.
+Autokey Public-Key Authentication page.
 
 

-

+
 
-

+

+
+
 
 
 Invoking ntp-keygen
@@ -223,7 +246,11 @@ digest algorithms.
 The message digest keys file must be distributed and stored
 using secure means beyond the scope of NTP itself. 
 Besides the keys used for ordinary NTP associations, additional keys
-can be defined as passwords for the ntpq and ntpdc utility programs.
+can be defined as passwords for the
+ntpq(1ntpqmdoc)
+and
+ntpdc(1ntpdcmdoc)
+utility programs.
 
   The remaining generated files are compatible with other OpenSSL
 applications and other Public Key Infrastructure (PKI) resources. 
@@ -235,55 +262,52 @@ other than Autokey.
 
   
Some files used by this program are encrypted using a private password. 
 The
---p option specifies the password for local encrypted files and the
---q option the password for encrypted files sent to remote sites. 
+-p option specifies the password for local encrypted files and the
+-q option the password for encrypted files sent to remote sites. 
 If no password is specified, the host name returned by the Unix
-.Fn
-gethostname
+gethostname()
 function, normally the DNS name of the host is used.
 
   
The
-pw option of the
-crypto configuration command specifies the read
+pw option of the
+crypto configuration command specifies the read
 password for previously encrypted local files. 
 This must match the local password used by this program. 
 If not specified, the host name is used. 
 Thus, if files are generated by this program without password,
 they can be read back by
-ntpd without password but only on the same host.
+ntpd without password but only on the same host.
 
   
Normally, encrypted files for each host are generated by that host and
 used only by that host, although exceptions exist as noted later on
 this page. 
 The symmetric keys file, normally called
-ntp.keys, is usually installed in
-/etc. 
-. 
+ntp.keys, is usually installed in
+/etc. 
 Other files and links are usually installed in
-/usr/local/etc,
-,
+/usr/local/etc,
 which is normally in a shared filesystem in
 NFS-mounted networks and cannot be changed by shared clients. 
 The location of the keys directory can be changed by the
-keysdir configuration command in such cases. 
+keysdir configuration command in such cases. 
 Normally, this is in
-/etc. 
-.
+/etc.
 
   
This program directs commentary and error messages to the standard
 error stream
-stderr and remote files to the standard output stream
-stdout where they can be piped to other applications or redirected to files. 
+stderr and remote files to the standard output stream
+stdout where they can be piped to other applications or redirected to files. 
 The names used for generated files and links all begin with the
 string
-ntpkey and include the file type, generating host and filestamp,
+ntpkey and include the file type, generating host and filestamp,
 as described in the
-CryptographicDataFiles
+“Cryptographic Data Files”
 section below. 
 

-

 
-

+

+
+
 
 
 Running
@@ -293,9 +317,9 @@ the
 Program
 To test and gain experience with Autokey concepts, log in as root and
 change to the keys directory, usually
-/usr/local/etc
+/usr/local/etc
 When run for the first time, or if all files with names beginning with
-ntpkey have been removed, use the
+ntpkey have been removed, use the
 ntp-keygen
 command without arguments to generate a
 default RSA host key and matching RSA-MD5 certificate with expiration
@@ -339,13 +363,13 @@ After that and when the host is synchronized to a proventic source, the
 certificate should be re-generated.
 
   Additional information on trusted groups and identity schemes is on the
-AutokeyPublic-KeyAuthentication
+“Autokey Public-Key Authentication”
 page.
 
   
The
-ntpd(8)
+ntpd(1ntpdmdoc)
 configuration command
-crypto pw Ar password specifies the read password for previously encrypted files. 
+crypto pw password specifies the read password for previously encrypted files. 
 The daemon expires on the spot if the password is missing
 or incorrect. 
 For convenience, if a file has been previously encrypted,
@@ -356,23 +380,22 @@ these files can be read by that host with no explicit password.
 
   
File names begin with the prefix
 ntpkey_ and end with the postfix
-_hostname.filestamp, where
-hostname is the owner name, usually the string returned
+_hostname.filestamp, where
+hostname is the owner name, usually the string returned
 by the Unix gethostname() routine, and
-filestamp is the NTP seconds when the file was generated, in decimal digits. 
+filestamp is the NTP seconds when the file was generated, in decimal digits. 
 This both guarantees uniqueness and simplifies maintenance
 procedures, since all files can be quickly removed
 by a
-rmntpkey\&* command or all files generated
+rm ntpkey\&* command or all files generated
 at a specific time can be removed by a
-rm \&*filestamp command. 
+rm \&*filestamp command. 
 To further reduce the risk of misconfiguration,
 the first two lines of a file contain the file name
 and generation date and time as comments.
 
   
All files are installed by default in the keys directory
-/usr/local/etc,
-,
+/usr/local/etc,
 which is normally in a shared filesystem
 in NFS-mounted networks. 
 The actual location of the keys directory
@@ -402,7 +425,7 @@ by changing the link.
 If a link is present, ntpd follows it to the file name
 to extract the filestamp. 
 If a link is not present,
-ntpd(8)
+ntpd(1ntpdmdoc)
 extracts the filestamp from the file itself. 
 This allows clients to verify that the file and generation times
 are always current. 
@@ -412,9 +435,10 @@ program uses the same timestamp extension for all files generated
 at one time, so each generation is distinct and can be readily
 recognized in monitoring data. 
 

-

 
-

+

+
+
 
 
 Running
@@ -427,8 +451,7 @@ The safest way to run the
 program is logged in directly as root. 
 The recommended procedure is change to the keys directory,
 usually
-/usr/local/etc,
-,
+/usr/local/etc,
 then run the program. 
 When run for the first time,
 or if all
@@ -465,18 +488,18 @@ as the other files, are probably not compatible with anything other than Autokey
 su command
 to assume root may not work properly, since by default the OpenSSL library
 looks for the random seed file
-.rnd in the user home directory. 
+.rnd in the user home directory. 
 However, there should be only one
-.rnd, most conveniently
+.rnd, most conveniently
 in the root directory, so it is convenient to define the
-$RANDFILE environment variable used by the OpenSSL library as the path to
-/.rnd. 
+$RANDFILE environment variable used by the OpenSSL library as the path to
+/.rnd. 
 Installing the keys as root might not work in NFS-mounted
 shared file systems, as NFS clients may not be able to write
 to the shared keys directory, even as root. 
 In this case, NFS clients can specify the files in another
 directory such as
-/etc
+/etc
 using the
 keysdir command. 
 There is no need for one client to read the keys and certificates
@@ -494,8 +517,7 @@ The owner name is also used for the host and sign key files,
 while the trusted name is used for the identity files.
 
   All files are installed by default in the keys directory
-/usr/local/etc,
-,
+/usr/local/etc,
 which is normally in a shared filesystem
 in NFS-mounted networks. 
 The actual location of the keys directory
@@ -525,7 +547,7 @@ by changing the link.
 If a link is present, ntpd follows it to the file name
 to extract the filestamp. 
 If a link is not present,
-ntpd(8)
+ntpd(1ntpdmdoc)
 extracts the filestamp from the file itself. 
 This allows clients to verify that the file and generation times
 are always current. 
@@ -535,9 +557,10 @@ program uses the same timestamp extension for all files generated
 at one time, so each generation is distinct and can be readily
 recognized in monitoring data. 
 

-

 
-

+

+
+
 
 
 Running
@@ -550,8 +573,7 @@ The safest way to run the
 program is logged in directly as root. 
 The recommended procedure is change to the keys directory,
 usually
-/usr/local/etc,
-,
+/usr/local/etc,
 then run the program. 
 When run for the first time,
 or if all
@@ -588,18 +610,18 @@ as the other files, are probably not compatible with anything other than Autokey
 su command
 to assume root may not work properly, since by default the OpenSSL library
 looks for the random seed file
-.rnd in the user home directory. 
+.rnd in the user home directory. 
 However, there should be only one
-.rnd, most conveniently
+.rnd, most conveniently
 in the root directory, so it is convenient to define the
-$RANDFILE environment variable used by the OpenSSL library as the path to
-/.rnd. 
+$RANDFILE environment variable used by the OpenSSL library as the path to
+/.rnd. 
 Installing the keys as root might not work in NFS-mounted
 shared file systems, as NFS clients may not be able to write
 to the shared keys directory, even as root. 
 In this case, NFS clients can specify the files in another
 directory such as
-/etc
+/etc
 using the
 keysdir command. 
 There is no need for one client to read the keys and certificates
@@ -663,16 +685,16 @@ throughout the subnet, but setting up the environment is completely automatic.
 scheme than the default, run
 ntp-keygen
 with the
--S -Ar -type option, where
-type is either
+-S -type option, where
+type is either
 RSA or
 DSA. The most often need to do this is when a DSA-signed certificate is used. 
 If it is necessary to use a different certificate scheme than the default,
 run
 ntp-keygen
 with the
--c -Ar -scheme option and selected
-scheme as needed. 
+-c -scheme option and selected
+scheme as needed. 
 f
 ntp-keygen
 is run again without these options, it generates a new certificate
@@ -685,17 +707,18 @@ Simply run
 with the same flags as before to generate new certificates
 using existing keys. 
 However, if the host or sign key is changed,
-ntpd(8)
+ntpd(1ntpdmdoc)
 should be restarted. 
 When
-ntpd(8)
+ntpd(1ntpdmdoc)
 is restarted, it loads any new files and restarts the protocol. 
 Other dependent hosts will continue as usual until signatures are refreshed,
 at which time the protocol is restarted. 
 
-

 
-

+

+
+
 
 
 Identity
@@ -706,7 +729,7 @@ As mentioned on the Autonomous Authentication page,
 the default TC identity scheme is vulnerable to a middleman attack. 
 However, there are more secure identity schemes available,
 including PC, IFF, GQ and MV described on the
-"IdentificationSchemes"
+"Identification Schemes"
 page
 (maybe available at
 .Li
@@ -734,29 +757,16 @@ only as clients have key files that contain only client keys.
   The PC scheme supports only one trusted host in the group. 
 On trusted host alice run
 ntp-keygen
--P -p -Ar -password to generate the host key file
-ntpkey_RSAkey_NsAralice.filestamp
-Ns
-Ar
-alice.filestamp
+-P -p -password to generate the host key file
+ntpkey_RSAkey_NsAralice.filestamp
 and trusted private certificate file
-ntpkey_RSA-MD5_cert_NsAralice.filestamp. 
-Ns
-Ar
-alice.filestamp
-. 
+ntpkey_RSA-MD5_cert_NsAralice.filestamp. 
 Copy both files to all group hosts;
 they replace the files which would be generated in other schemes. 
 On each host bob install a soft link from the generic name
-ntpkey_host_NsArbob
-Ns
-Ar
-bob
+ntpkey_host_NsArbob
 to the host key file and soft link
-ntpkey_cert_NsArbob
-Ns
-Ar
-bob
+ntpkey_cert_NsArbob
 to the private certificate file. 
 Note the generic links are on bob, but point to files generated
 by trusted host alice. 
@@ -769,19 +779,12 @@ and certificates for all group hosts, then for every trusted host in the group,
 generate the IFF parameter file. 
 On trusted host alice run
 ntp-keygen
--T -I -p -Ar -password to produce her parameter file
-ntpkey_IFFpar_NsAralice.filestamp,
-Ns
-Ar
-alice.filestamp
-,
+-T -I -p -password to produce her parameter file
+ntpkey_IFFpar_NsAralice.filestamp,
 which includes both server and client keys. 
 Copy this file to all group hosts that operate as both servers
 and clients and install a soft link from the generic
-ntpkey_iff_NsAralice
-Ns
-Ar
-alice
+ntpkey_iff_NsAralice
 to this file. 
 If there are no hosts restricted to operate only as clients,
 there is nothing further to do. 
@@ -797,10 +800,7 @@ After generating the parameter file, on alice run
 -e and pipe the output to a file or mail program. 
 Copy or mail this file to all restricted clients. 
 On these clients install a soft link from the generic
-ntpkey_iff_NsAralice
-Ns
-Ar
-alice
+ntpkey_iff_NsAralice
 to this file. 
 To further protect the integrity of the keys,
 each file can be encrypted with a secret password.
@@ -810,26 +810,16 @@ and certificates for all group hosts, then for every trusted host
 in the group, generate the IFF parameter file. 
 On trusted host alice run
 ntp-keygen
--T -G -p -Ar -password to produce her parameter file
-ntpkey_GQpar_NsAralice.filestamp,
-Ns
-Ar
-alice.filestamp
-,
+-T -G -p -password to produce her parameter file
+ntpkey_GQpar_NsAralice.filestamp,
 which includes both server and client keys. 
 Copy this file to all group hosts and install a soft link
 from the generic
-ntpkey_gq_NsAralice
-Ns
-Ar
-alice
+ntpkey_gq_NsAralice
 to this file. 
 In addition, on each host bob install a soft link
 from generic
-ntpkey_gq_NsArbob
-Ns
-Ar
-bob
+ntpkey_gq_NsArbob
 to this file. 
 As the GQ scheme updates the GQ parameters file and certificate
 at the same time, keys and certificates can be regenerated as needed.
@@ -840,27 +830,18 @@ For illustration assume trish is the TA, alice one of several trusted hosts
 and bob one of her clients. 
 On TA trish run
 ntp-keygen
--V -Ar -n -p -Ar -password, where
-n is the number of revokable keys (typically 5) to produce
+-V -n -p -password, where
+n is the number of revokable keys (typically 5) to produce
 the parameter file
-ntpkeys_MVpar_NsArtrish.filestamp
-Ns
-Ar
-trish.filestamp
+ntpkeys_MVpar_NsArtrish.filestamp
 and client key files
-ntpkeys_MVkeyd_NsArtrish.filestamp
-Ns
-Ar
-trish.filestamp
+ntpkeys_MVkeyd_NsArtrish.filestamp
 where
-d is the key number (0 \&<
-d \&<
-n). Copy the parameter file to alice and install a soft link
+d is the key number (0 \&<
+d \&<
+n). Copy the parameter file to alice and install a soft link
 from the generic
-ntpkey_mv_NsAralice
-Ns
-Ar
-alice
+ntpkey_mv_NsAralice
 to this file. 
 Copy one of the client key files to alice for later distribution
 to her clients. 
@@ -868,17 +849,15 @@ It doesn't matter which client key file goes to alice,
 since they all work the same way. 
 Alice copies the client key file to all of her cliens. 
 On client bob install a soft link from generic
-ntpkey_mvkey_NsArbob
-Ns
-Ar
-bob
+ntpkey_mvkey_NsArbob
 to the client key file. 
 As the MV scheme is independent of keys and certificates,
 these files can be refreshed as needed. 
 

-

 
-

+

+
+
 
 
 Command
@@ -887,9 +866,9 @@ these files can be refreshed as needed.
 Line
 Options
      
-Fl
Select certificate message digest/signature encryption scheme. 
+
‘Fl’
Select certificate message digest/signature encryption scheme. 
 The
-scheme can be one of the following:
+scheme can be one of the following:
 . 
 Cm
 RSA-MD2
@@ -910,41 +889,42 @@ or
 DSA-SHA1. Note that RSA schemes must be used with a RSA sign key and DSA
 schemes must be used with a DSA sign key. 
 The default without this option is
-RSA-MD5. 
Fl
Enable debugging. 
+RSA-MD5. 
‘Fl’
Enable debugging. 
 This option displays the cryptographic data produced in eye-friendly billboards. 
-
Fl
Write the IFF client keys to the standard output. 
+
‘Fl’
Write the IFF client keys to the standard output. 
 This is intended for automatic key distribution by mail. 
-
Fl
Generate parameters and keys for the GQ identification scheme,
+
‘Fl’
Generate parameters and keys for the GQ identification scheme,
 obsoleting any that may exist. 
-
Fl
Generate keys for the GQ identification scheme
+
‘Fl’
Generate keys for the GQ identification scheme
 using the existing GQ parameters. 
 If the GQ parameters do not yet exist, create them first. 
-
Fl
Generate new host keys, obsoleting any that may exist. 
-
Fl
Generate parameters for the IFF identification scheme,
+
‘Fl’
Generate new host keys, obsoleting any that may exist. 
+
‘Fl’
Generate parameters for the IFF identification scheme,
 obsoleting any that may exist. 
-
Fl
Set the suject name to
-name. This is used as the subject field in certificates
+
‘Fl’
Set the suject name to
+name. This is used as the subject field in certificates
 and in the file name for host and sign keys. 
-
Fl
Generate MD5 keys, obsoleting any that may exist. 
-
Fl
Generate a private certificate. 
+
‘Fl’
Generate MD5 keys, obsoleting any that may exist. 
+
‘Fl’
Generate a private certificate. 
 By default, the program generates public certificates. 
-
Fl
Encrypt generated files containing private data with
-password and the DES-CBC algorithm. 
-
Fl
Set the password for reading files to password. 
-
Fl
Generate a new sign key of the designated type,
+
‘Fl’
Encrypt generated files containing private data with
+password and the DES-CBC algorithm. 
+
‘Fl’
Set the password for reading files to password. 
+
‘Fl’
Generate a new sign key of the designated type,
 obsoleting any that may exist. 
 By default, the program uses the host key as the sign key. 
-
Fl
Set the issuer name to
-name. This is used for the issuer field in certificates
+
‘Fl’
Set the issuer name to
+name. This is used for the issuer field in certificates
 and in the file name for identity files. 
-
Fl
Generate a trusted certificate. 
+
‘Fl’
Generate a trusted certificate. 
 By default, the program generates a non-trusted certificate. 
-
Fl
Generate parameters and keys for the Mu-Varadharajan (MV) identification scheme.
+
‘Fl’
Generate parameters and keys for the Mu-Varadharajan (MV) identification scheme.
 
 
-

 
-

+

+
+
 
 
 Random
@@ -973,7 +953,7 @@ but are outside the scope of this page.
 
        The entropy seed used by the OpenSSL library is contained in a file,
 usually called
-.rnd, which must be available when starting the NTP daemon
+.rnd, which must be available when starting the NTP daemon
 or the
 ntp-keygen
 program. 
@@ -995,14 +975,15 @@ If the
 RANDFILE
 environment variable is not present,
 the library will look for the
-.rnd file in the user home directory. 
+.rnd file in the user home directory. 
 If the file is not available or cannot be written,
 the daemon exits with a message to the system log and the program
 exits with a suitable error message. 
 

-

 
-

+

+
+
 
 
 Cryptographic
@@ -1017,7 +998,7 @@ The second contains the datestamp in conventional Unix date format.
 Lines beginning with # are considered comments and ignored by the
 ntp-keygen
 program and
-ntpd(8)
+ntpd(1ntpdmdoc)
 daemon. 
 Cryptographic values are encoded first using ASN.1 rules,
 then encrypted if necessary, and finally written PEM-encoded
@@ -1035,19 +1016,19 @@ keyno
 type
 key
 where
-keyno is a positive integer in the range 1-65,535,
-type is the string MD5 defining the key format and
-key is the key itself,
+keyno is a positive integer in the range 1-65,535,
+type is the string MD5 defining the key format and
+key is the key itself,
 which is a printable ASCII string 16 characters or less in length. 
 Each character is chosen from the 93 printable characters
 in the range 0x21 through 0x7f excluding space and the
-#
+‘#’
 character.
 
        Note that the keys used by the
-ntpq(8)
+ntpq(1ntpqmdoc)
 and
-ntpdc(8)
+ntpdc(1ntpdcmdoc)
 programs
 are checked against passwords requested by the programs
 and entered by hand, so it is generally appropriate to specify these keys
@@ -1056,17 +1037,12 @@ in human readable ASCII format.
        
The
 ntp-keygen
 program generates a MD5 symmetric keys file
-ntpkey_MD5key_NsArhostname.filestamp. 
-Ns
-Ar
-hostname.filestamp
-. 
+ntpkey_MD5key_NsArhostname.filestamp. 
 Since the file contains private shared keys,
 it should be visible only to root and distributed by secure means
 to other subnet hosts. 
 The NTP daemon loads the file
-ntp.keys,
-,
+ntp.keys,
 so
 ntp-keygen
 installs a soft link from this name to the generated file. 
@@ -1075,9 +1051,9 @@ or automated means on the other subnet hosts.
 While this file is not used with the Autokey Version 2 protocol,
 it is needed to authenticate some remote configuration commands
 used by the
-ntpq(8)
+ntpq(1ntpqmdoc)
 and
-ntpdc(8)
+ntpdc(1ntpdcmdoc)
 utilities.
 
        
This section was generated by AutoGen,
@@ -1085,7 +1061,7 @@ using the agtexi-cmd template and the option descriptions for the <
 This software is released under the NTP license, <http://ntp.org/license>.
 
      

-ntp-keygen usage:                   ntp-keygen help/usage (--help)
+
ntp-keygen usage:                   ntp-keygen help/usage (--help)
 
ntp-keygen imbits:                  imbits option (-b)
 
ntp-keygen certificate:             certificate option (-c)
 
ntp-keygen cipher:                  cipher option (-C)
@@ -1113,26 +1089,28 @@ This software is released under the NTP license, <http://ntp.org/license>.
 
 
 
+
+
 

-Next: ntp-keygen imbits,
+Next: ntp-keygen imbits,
 Up: Cryptographic
-

+
 
 
-ntp-keygen help/usage (--help)
+ntp-keygen help/usage (--help)
 
      
 This is the automatically generated usage text for ntp-keygen.
 
        
The text printed is the same whether selected with the help option
-(--help) or the more-help option (--more-help).  more-help will print
+(--help) or the more-help option (--more-help).  more-help will print
 the usage text by passing it through a pager program. 
 more-help is disabled on platforms without a working
 fork(2) function.  The PAGER environment variable is
-used to select the program, defaulting to more.  Both will exit
+used to select the program, defaulting to more.  Both will exit
 with a status code of 0.
 
-     
     ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.7p336
+          ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.7p337
      USAGE:  ntp-keygen [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
        Flg Arg Option-Name    Description
         -b Num imbits         identity modulus bits
@@ -1183,18 +1161,20 @@ with a status code of 0.
      please send bug reports to:  http://bugs.ntp.org, bugs@ntp.org
 
        
+
+
 

-Next: ntp-keygen certificate,
+Next: ntp-keygen certificate,
 Previous: ntp-keygen usage,
 Up: Cryptographic
-

+
 
 
 imbits option (-b)
 
      
 This is the “identity modulus bits” option. 
-This option takes an argument number imbits.
+This option takes an argument number imbits.
 
      
This option has some usage constraints.  It:
           

@@ -1203,18 +1183,20 @@ This option takes an argument number imbits.
 
        The number of bits in the identity modulus.  The default is 256. 
 

+
+
 

-Next: ntp-keygen cipher,
+Next: ntp-keygen cipher,
 Previous: ntp-keygen imbits,
 Up: Cryptographic
-

+
 
 
 certificate option (-c)
 
      
 This is the “certificate scheme” option. 
-This option takes an argument string scheme.
+This option takes an argument string scheme.
 
      
This option has some usage constraints.  It:
           

@@ -1230,18 +1212,20 @@ Note that RSA schemes must be used with a RSA sign key and DSA
 schemes must be used with a DSA sign key.  The default without
 this option is RSA-MD5. 
 
+
+
 

-Next: ntp-keygen id-key,
+Next: ntp-keygen id-key,
 Previous: ntp-keygen certificate,
 Up: Cryptographic
-

+
 
 
 cipher option (-C)
 
      
 This is the “privatekey cipher” option. 
-This option takes an argument string cipher.
+This option takes an argument string cipher.
 
      
This option has some usage constraints.  It:
           

@@ -1250,14 +1234,16 @@ This option takes an argument string cipher.
 
        Select the cipher which is used to encrypt the files containing
 private keys.  The default is three-key triple DES in CBC mode,
-equivalent to "-C des-ede3-cbc".  The openssl tool lists ciphers
+equivalent to "-C des-ede3-cbc".  The openssl tool lists ciphers
 available in "openssl -h" output. 
-

+
+
+
 

-Next: ntp-keygen gq-params,
+Next: ntp-keygen gq-params,
 Previous: ntp-keygen cipher,
 Up: Cryptographic
-

+
 
 
 id-key option (-e)
@@ -1273,11 +1259,13 @@ This is the “write iff or gq identity keys” option.
        Write the IFF or GQ client keys to the standard output.  This is
 intended for automatic key distribution by mail. 
 

+
+
 

-Next: ntp-keygen host-key,
+Next: ntp-keygen host-key,
 Previous: ntp-keygen id-key,
 Up: Cryptographic
-

+
 
 
 gq-params option (-G)
@@ -1293,11 +1281,13 @@ This is the “generate gq parameters and keys” option.
        Generate parameters and keys for the GQ identification scheme,
 obsoleting any that may exist. 
 

+
+
 

-Next: ntp-keygen iffkey,
+Next: ntp-keygen iffkey,
 Previous: ntp-keygen gq-params,
 Up: Cryptographic
-

+
 
 
 host-key option (-H)
@@ -1312,11 +1302,13 @@ This is the “generate rsa host key” option.
 
        Generate new host keys, obsoleting any that may exist. 
 

+
+
 

-Next: ntp-keygen ident,
+Next: ntp-keygen ident,
 Previous: ntp-keygen host-key,
 Up: Cryptographic
-

+
 
 
 iffkey option (-I)
@@ -1332,18 +1324,20 @@ This is the “generate iff parameters” option.
        Generate parameters for the IFF identification scheme, obsoleting
 any that may exist. 
 

+
+
 

-Next: ntp-keygen lifetime,
+Next: ntp-keygen lifetime,
 Previous: ntp-keygen iffkey,
 Up: Cryptographic
-

+
 
 
 ident option (-i)
 
      
 This is the “set autokey group name” option. 
-This option takes an argument string group.
+This option takes an argument string group.
 
      
This option has some usage constraints.  It:
           

@@ -1353,24 +1347,27 @@ This option takes an argument string group.
        Set the optional Autokey group name to name.  This is used in
 the file name of IFF, GQ, and MV client parameters files.  In
 that role, the default is the host name if this option is not
-provided.  The group name, if specified using -i/–ident or
-using -s/–subject-name following an '´character, is also a
-part of the self-signed host certificate's subject and issuer
-names in the form host
-       
or 'server ident' configuration in ntpd's configuration file. 
-

+provided.  The group name, if specified using -i/--ident or
+using -s/--subject-name following an '}' character,
+is also a part of the self-signed host certificate's subject and
+issuer names in the form host
+       'crypto ident' or 'server ident' configuration in
+ntpd's configuration file. 
+

+
+
 

-Next: ntp-keygen md5key,
+Next: ntp-keygen md5key,
 Previous: ntp-keygen ident,
 Up: Cryptographic
-

+
 
 
 lifetime option (-l)
 
      
-This is the “set certificate lifetime” option. 
-This option takes an argument number lifetime.
+This is the ``set certificate lifetime'' option. 
+This option takes an argument number lifetime.
 
      
This option has some usage constraints.  It:
           

@@ -1379,31 +1376,35 @@ This option takes an argument number lifetime.
 
        Set the certificate expiration to lifetime days from now. 
 

+
+
 

-Next: ntp-keygen modulus,
+Next: ntp-keygen modulus,
 Previous: ntp-keygen lifetime,
 Up: Cryptographic
-

+
 
 
 md5key option (-M)
 
      
-This is the “generate md5 keys” option. 
+This is the ``generate md5 keys'' option. 
 Generate MD5 keys, obsoleting any that may exist. 
 

+
+
 

-Next: ntp-keygen pvt-cert,
+Next: ntp-keygen pvt-cert,
 Previous: ntp-keygen md5key,
 Up: Cryptographic
-

+
 
 
 modulus option (-m)
 
      
-This is the “modulus” option. 
-This option takes an argument number modulus.
+This is the ``modulus'' option. 
+This option takes an argument number modulus.
 
      
This option has some usage constraints.  It:
           

@@ -1412,17 +1413,19 @@ This option takes an argument number modulus.
 
        The number of bits in the prime modulus.  The default is 512. 
 

+
+
 

-Next: ntp-keygen pvt-passwd,
+Next: ntp-keygen pvt-passwd,
 Previous: ntp-keygen modulus,
 Up: Cryptographic
-

+
 
 
 pvt-cert option (-P)
 
      
-This is the “generate pc private certificate” option.
+This is the ``generate pc private certificate'' option.
 
      
This option has some usage constraints.  It:
           

@@ -1432,18 +1435,20 @@ This is the “generate pc private certificate” option.
        Generate a private certificate.  By default, the program generates
 public certificates. 
 

+
+
 

-Next: ntp-keygen get-pvt-passwd,
+Next: ntp-keygen get-pvt-passwd,
 Previous: ntp-keygen pvt-cert,
 Up: Cryptographic
-

+
 
 
 pvt-passwd option (-p)
 
      
-This is the “output private password” option. 
-This option takes an argument string passwd.
+This is the ``output private password'' option. 
+This option takes an argument string passwd.
 
      
This option has some usage constraints.  It:
           

@@ -1451,20 +1456,22 @@ This option takes an argument string passwd.
 
 
        Encrypt generated files containing private data with the specified
-password and the cipher selected with -C/–cipher. 
+password and the cipher selected with -C/--cipher. 
 

+
+
 

-Next: ntp-keygen sign-key,
+Next: ntp-keygen sign-key,
 Previous: ntp-keygen pvt-passwd,
 Up: Cryptographic
-

+
 
 
 get-pvt-passwd option (-q)
 
      
-This is the “input private password” option. 
-This option takes an argument string passwd.
+This is the ``input private password'' option. 
+This option takes an argument string passwd.
 
      
This option has some usage constraints.  It:
           

@@ -1473,18 +1480,20 @@ This option takes an argument string passwd.
 
        Set the password for reading files to the specified password. 
 

+
+
 

-Next: ntp-keygen subject-name,
+Next: ntp-keygen subject-name,
 Previous: ntp-keygen get-pvt-passwd,
 Up: Cryptographic
-

+
 
 
 sign-key option (-S)
 
      
-This is the “generate sign key (rsa or dsa)” option. 
-This option takes an argument string sign.
+This is the ``generate sign key (rsa or dsa)'' option. 
+This option takes an argument string sign.
 
      
This option has some usage constraints.  It:
           

@@ -1495,18 +1504,20 @@ This option takes an argument string sign.
 that may exist.  By default, the program uses the host key as the
 sign key. 
 
+
+
 

-Next: ntp-keygen trusted-cert,
+Next: ntp-keygen trusted-cert,
 Previous: ntp-keygen sign-key,
 Up: Cryptographic
-

+
 
 
 subject-name option (-s)
 
      
-This is the “set host and optionally group name” option. 
-This option takes an argument string host@group.
+This is the ``set host and optionally group name'' option. 
+This option takes an argument string host@group.
 
      
This option has some usage constraints.  It:
           

@@ -1514,27 +1525,29 @@ This option takes an argument string host@group.
 
 
        Set the Autokey host name, and optionally, group name specified
-following an '´character.  The host name is used in the file
+following an '}' character.  The host name is used in the file
 name of generated host and signing certificates, without the
 group name.  The host name, and if provided, group name are used
 in host
-       
fields.  Specifying '-s  is allowed, and results in
-leaving the host name unchanged while appending
+       
fields.  Specifying '-s
+       
leaving the host name unchanged while appending
        
subject and issuer fields, as with -i group.  The group name, or
 if not provided, the host name are also used in the file names
 of IFF, GQ, and MV client parameter files. 
-

+
+
+
 

-Next: ntp-keygen mv-params,
+Next: ntp-keygen mv-params,
 Previous: ntp-keygen subject-name,
 Up: Cryptographic
-

+
 
 
 trusted-cert option (-T)
 
      
-This is the “trusted certificate (tc scheme)” option.
+This is the ``trusted certificate (tc scheme)'' option.
 
      
This option has some usage constraints.  It:
           

@@ -1544,18 +1557,20 @@ This is the “trusted certificate (tc scheme)” option.
        Generate a trusted certificate.  By default, the program generates
 a non-trusted certificate. 
 

+
+
 

-Next: ntp-keygen mv-keys,
+Next: ntp-keygen mv-keys,
 Previous: ntp-keygen trusted-cert,
 Up: Cryptographic
-

+
 
 
 mv-params option (-V)
 
      
-This is the “generate <num> mv parameters” option. 
-This option takes an argument number num.
+This is the ``generate <num> mv parameters'' option. 
+This option takes an argument number num.
 
      
This option has some usage constraints.  It:
           

@@ -1565,32 +1580,36 @@ This option takes an argument number num.
        Generate parameters and keys for the Mu-Varadharajan (MV)
 identification scheme. 
 

+
+
 

-Next: ntp-keygen config,
+Next: ntp-keygen config,
 Previous: ntp-keygen mv-params,
 Up: Cryptographic
-

+
 
 
 mv-keys option (-v)
 
      
-This is the “update <num> mv keys” option. 
-This option takes an argument number num.
+This is the ``update <num> mv keys'' option. 
+This option takes an argument number num.
 
      
This option has some usage constraints.  It:
           

 must be compiled in by defining AUTOKEY during the compilation. 
 
 
-       This option has no doc documentation.
+       
This option has no ‘doc’ documentation.
 
 

+
+
 

-Next: ntp-keygen exit status,
+Next: ntp-keygen exit status,
 Previous: ntp-keygen mv-keys,
 Up: Cryptographic
-

+
 
 
 presetting/configuring ntp-keygen
@@ -1608,9 +1627,9 @@ values are treated like option arguments.
 $PWD
 
        The environment variables HOME, and PWD
-are expanded and replaced when ntp-keygen runs. 
+are expanded and replaced when ntp-keygen runs. 
 For any of these that are plain files, they are simply processed. 
-For any that are directories, then a file named .ntprc is searched for
+For any that are directories, then a file named .ntprc is searched for
 within that directory and processed.
 
        Configuration files may be in a wide variety of formats. 
@@ -1623,10 +1642,10 @@ lines by escaping the newline with a backslash.
 Common options are collected at the top, followed by program specific
 segments.  The segments are separated by lines like:
      
         [NTP-KEYGEN]
-    
+
        or by
      
         <?program ntp-keygen>
-    
+

Variable	Description + +
`ind` +	index on this list -
`assid` -	association ID +
`assid` +	association ID -
`status` -	peer status word +
`status` +	peer status word -
`conf` -	`yes`: persistent, `no`: ephemeral +
`conf` +	`yes`: persistent, `no`: ephemeral -
`reach` -	`yes`: reachable, `no`: unreachable +
`reach` +	`yes`: reachable, `no`: unreachable -
`auth` -	`ok`, `yes`, `bad` and `none` +
`auth` +	`ok`, `yes`, `bad` and `none` -
`condition` -	selection status (see the `select` field of the peer status word) +
`condition` +	selection status (see the `select` field of the peer status word) -
`last_event` -	event report (see the `event` field of the peer status word) +
`last_event` +	event report (see the `event` field of the peer status word) -
`cnt` +
`cnt` event count (see the `count` field of the peer status word) -

Do not mix these styles within one configuration file.

Compound values and carefully constructed string values may also be @@ -1634,10 +1653,10 @@ specified using XML syntax:

         <option-name>
             <sub-opt>...&lt;...&gt;...</sub-opt>
          </option-name>
-

yielding an option-name.sub-opt string value of

         "...<...>..."
-

AutoOpts does not track suboptions. You simply note that it is a hierarchicly valued option. AutoOpts does provide a means for searching the associated name/value pair list (see: optionFindValue). @@ -1652,42 +1671,46 @@ detail to provide. The default is to print just the version. The licensing inf first letter of the argument is examined:

version: Only print the version. This is the default. -
copyright: Name the copyright usage licensing terms. -
verbose: Print the full copyright usage licensing terms. +
‘version’: Only print the version. This is the default. +
‘copyright’: Name the copyright usage licensing terms. +
‘verbose’: Print the full copyright usage licensing terms.

+ +

-Next: ntp-keygen Usage, +Next: ntp-keygen Usage, Previous: ntp-keygen config, Up: Cryptographic -
+

ntp-keygen exit status

One of the following exit values will be returned:

0 (EXIT_SUCCESS): Successful program execution. -
1 (EXIT_FAILURE): The operation failed or the command syntax was not valid. -
66 (EX_NOINPUT): A specified configuration file could not be loaded. -
70 (EX_SOFTWARE): libopts had an internal operational error. Please report +
‘0 (EXIT_SUCCESS)’: Successful program execution. +
‘1 (EXIT_FAILURE)’: The operation failed or the command syntax was not valid. +
‘66 (EX_NOINPUT)’: A specified configuration file could not be loaded. +
‘70 (EX_SOFTWARE)’: libopts had an internal operational error. Please report it to autogen-users@lists.sourceforge.net. Thank you.

+ +

-Next: ntp-keygen Notes, +Next: ntp-keygen Notes, Previous: ntp-keygen exit status, Up: Cryptographic -
+

ntp-keygen Usage

The --p -Ar -password option specifies the write password and --q -Ar -password option the read password for previously encrypted files. +-p -password option specifies the write password and +-q -password option the read password for previously encrypted files. The ntp-keygen program prompts for the password if it reads an encrypted file @@ -1696,11 +1719,13 @@ If an encrypted file is read successfully and no write password is specified, the read password is used as the write password by default.

+ +

-Next: ntp-keygen Bugs, +Next: ntp-keygen Bugs, Previous: ntp-keygen Usage, Up: Cryptographic -
+

ntp-keygen Notes

@@ -1708,10 +1733,12 @@ Up: Cryptographic

This document corresponds to version of NTP. Portions of this document came from FreeBSD.

+ +

-Previous: ntp-keygen Notes, +Previous: ntp-keygen Notes, Up: Cryptographic -
+

ntp-keygen Bugs

@@ -1724,11 +1751,12 @@ with older architectures such as SPARC IPC.

Please report bugs to http://bugs.ntp.org .

-Next: Cryptographic Data Files, +Next: Cryptographic Data Files, Previous: Running the Program, Up: Top -
+

@@ -1736,59 +1764,67 @@ Up: Top

All cryptographically sound key generation schemes must have means to randomize the entropy seed used to initialize the internal -pseudo-random number generator used by the OpenSSL library routines. If -a site supports ssh, it is very likely that means to do this are -already available. The entropy seed used by the OpenSSL library is -contained in a file, usually called .rnd, which must be available when -starting the ntp-keygen program or ntpd daemon. +pseudo-random number generator used by the OpenSSL library routines. +If a site supports ssh, it is very likely that means to do this are +already available. +The entropy seed used by the OpenSSL library is contained in a file, +usually called .rnd, which must be available when +starting the ntp-keygen program or ntpd daemon.

The OpenSSL library looks for the file using the path specified by the -RANDFILE environment variable in the user home directory, whether root -or some other user. If the RANDFILE environment variable is not -present, the library looks for the .rnd file in the user home -directory. Since both the ntp-keygen program and ntpd daemon must run -as root, the logical place to put this file is in /.rnd or /root/.rnd. +RANDFILE environment variable in the user home directory, whether root +or some other user. +If the RANDFILE environment variable is not +present, the library looks for the .rnd file in the user home +directory. +Since both the ntp-keygen program and ntpd daemon must run +as root, the logical place to put this file is in /.rnd or +/root/.rnd. If the file is not available or cannot be written, the program exits with a message to the system log.

-Previous: Random Seed File, +Previous: Random Seed File, Up: Top -
+

Cryptographic Data Files

File and link names are in the form ntpkey_key_name.fstamp, where key -is the key or parameter type, name is the host or group name and fstamp -is the filestamp (NTP seconds) when the file was created). By -convention, key names in generated file names include both upper and +

File and link names are in the form ntpkey_key_name.fstamp, +where key is the key or parameter type, +name is the host or group name and +fstamp is the filestamp (NTP seconds) when the file was created). +By convention, key names in generated file names include both upper and lower case characters, while key names in generated link names include only lower case characters. The filestamp is not used in generated link names. -

The key name is a string defining the cryptographic key type. Key types -include public/private keys host and sign, certificate cert and several -challenge/response key types. By convention, client files used for +

The key name is a string defining the cryptographic key type. +Key types include public/private keys host and sign, certificate cert +and several challenge/response key types. +By convention, client files used for challenges have a par subtype, as in the IFF challenge IFFpar, while server files for responses have a key subtype, as in the GQ response GQkey.

All files begin with two nonencrypted lines. The first line contains -the file name in the format ntpkey_key_host.fstamp. The second line -contains the datestamp in conventional Unix date format. Lines -beginning with # are ignored. +the file name in the format ntpkey_key_host.fstamp. +The second line contains the datestamp in conventional Unix date format. +Lines beginning with # are ignored.

The remainder of the file contains cryptographic data encoded first using ASN.1 rules, then encrypted using the DES-CBC algorithm with given password and finally written in PEM-encoded printable ASCII text preceded and followed by MIME content identifier lines. -

The format of the symmetric keys file, ordinarily named ntp.keys, is -somewhat different than the other files in the interest of backward -compatibility. Ordinarily, the file is generated by this program, but +

The format of the symmetric keys file, ordinarily named ntp.keys, +is somewhat different than the other files in the interest of backward +compatibility. +Ordinarily, the file is generated by this program, but it can be constructed and edited using an ordinary text editor.

         # ntpkey_MD5key_hms.local.3564038757
@@ -1814,37 +1850,47 @@ it can be constructed and edited using an ordinary text editor.
          18 SHA1 b5520c9fadd7ad3fd8bfa061c8821b65d029bb37  # SHA1 key
          19 SHA1 8c74fb440ec80f453ec6aaa62b9baed0ab723b92  # SHA1 key
          20 SHA1 6bc05f734306a189326000970c19b3910f403795  # SHA1 key
-

Figure 1. Typical Symmetric Key File

Figure 1 shows a typical symmetric keys file used by the reference -implementation. Each line of the file contains three fields, first an +implementation. +Each line of the file contains three fields, first an integer between 1 and 65534, inclusive, representing the key identifier -used in the server and peer configuration commands. Next is the key -type for the message digest algorithm, which in the absence of the +used in the server and peer configuration commands. +Next is the key type for the message digest algorithm, +which in the absence of the OpenSSL library must be MD5 to designate the MD5 message digest -algorithm. If the OpenSSL library is installed, the key type can be any -message digest algorithm supported by that library. However, if +algorithm. +If the OpenSSL library is installed, the key type can be any +message digest algorithm supported by that library. +However, if compatibility with FIPS 140-2 is required, the key type must be either -SHA or SHA1. The key type can be changed using an ASCII text editor. +SHA or SHA1. +The key type can be changed using an ASCII text editor.

An MD5 key consists of a printable ASCII string less than or equal to -16 characters and terminated by whitespace or a # character. An OpenSSL +16 characters and terminated by whitespace or a # character. +An OpenSSL key consists of a hex-encoded ASCII string of 40 characters, which is truncated as necessary. -

Note that the keys used by the ntpq and ntpdc programs are checked -against passwords requested by the programs and entered by hand, so it +

Note that the keys used by the ntpq and ntpdc programs are +checked against passwords requested by the programs and entered by hand, +so it is generally appropriate to specify these keys in human readable ASCII format.

The ntp-keygen program generates a MD5 symmetric keys file -ntpkey_MD5key_hostname.filestamp. Since the file contains private +ntpkey_MD5key_hostname.filestamp. +Since the file contains private shared keys, it should be visible only to root and distributed by -secure means to other subnet hosts. The NTP daemon loads the file -ntp.keys, so ntp-keygen installs a soft link from this name to the -generated file. Subsequently, similar soft links must be installed by -manual or automated means on the other subnet hosts. While this file is +secure means to other subnet hosts. +The NTP daemon loads the file ntp.keys, so ntp-keygen +installs a soft link from this name to the generated file. +Subsequently, similar soft links must be installed by +manual or automated means on the other subnet hosts. +While this file is not used with the Autokey Version 2 protocol, it is needed to authenticate some remote configuration commands used by the ntpq and ntpdc utilities.