= ntpkeygen - generate public and private keys =

[cols="10%,90%",frame="none",grid="none",style="verse"]
|==============================
|image:pic/alice23.gif[]|
{millshome}pictures.html[from 'Alice's Adventures in Wonderland', Lewis Carroll]

Alice holds the key.

|==============================

== Related Links ==

include::includes/manual.txt[]

== Table of Contents ==

* link:#synop[Synopsis]
* link:#descrip[Description]
* link:#conf[Initial configuration]
* link:#cmd[Command Line Options]
* link:#run[Running the program]
* link:#access[Key file access and location]
* link:#trust[Trusted Hosts and Groups]
* link:#ident[Identity schemes]
* link:#rand[Random Seed File]
* link:#fmt[Cryptographic Data Files]

'''''

include::includes/ntpkeygen-body.txt[]

// The end of "Cryptographic Data Files" runs into this following text.

image:pic/sx5.gif[]

Figure 1. Typical Symmetric Key File

Figure 1 shows a typical symmetric keys file used by the reference
implementation. Each line of the file contains three fields, first an
integer between 1 and 65534, inclusive, representing the key identifier
used in the `server` and `peer` configuration commands. Next is the key
type for the message digest algorithm, which in the absence of the
OpenSSL library must be `MD5` to designate the MD5 message digest
algorithm. If the OpenSSL library is installed, the key type can be any
message digest algorithm supported by that library. However, if
compatibility with FIPS 140-2 is required, the key type must be
`SHA1`. The key type can be changed using an ASCII text editor.

An MD5 key consists of a printable ASCII string less than or equal to 16
characters and terminated by whitespace or a # character. An OpenSSL key
consists of a hex-encoded ASCII string of 40 characters, which is
truncated as necessary.

'''''

include::includes/footer.txt[]
