1: @node ntp-keygen Invocation
2: @section Invoking ntp-keygen
3: @pindex ntp-keygen
4: @cindex Create a NTP host key
5: @ignore
6: #
7: # EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.texi)
8: #
9: # It has been AutoGen-ed December 24, 2011 at 06:34:45 PM by AutoGen 5.12
10: # From the definitions ntp-keygen-opts.def
11: # and the template file aginfo.tpl
12: @end ignore
13: This program has no explanation.
14:
15: If there is no new host key, look for an existing one.
16: If one is not found, create it.
17:
18: This section was generated by @strong{AutoGen},
19: the aginfo template and the option descriptions for the @command{ntp-keygen} program. It documents the @command{ntp-keygen} usage text and option meanings.
20:
21: This software is released under a specialized copyright license.
22:
23: @menu
24: * ntp-keygen usage:: ntp-keygen usage help (-?)
25: * ntp-keygen certificate:: certificate option (-c)
26: * ntp-keygen debug-level:: debug-level option (-d)
27: * ntp-keygen get-pvt-passwd:: get-pvt-passwd option (-q)
28: * ntp-keygen gq-params:: gq-params option (-G)
29: * ntp-keygen host-key:: host-key option (-H)
30: * ntp-keygen id-key:: id-key option (-e)
31: * ntp-keygen iffkey:: iffkey option (-I)
32: * ntp-keygen issuer-name:: issuer-name option (-i)
33: * ntp-keygen md5key:: md5key option (-M)
34: * ntp-keygen modulus:: modulus option (-m)
35: * ntp-keygen mv-keys:: mv-keys option (-v)
36: * ntp-keygen mv-params:: mv-params option (-V)
37: * ntp-keygen pvt-cert:: pvt-cert option (-P)
38: * ntp-keygen pvt-passwd:: pvt-passwd option (-p)
39: * ntp-keygen set-debug-level:: set-debug-level option (-D)
40: * ntp-keygen sign-key:: sign-key option (-S)
41: * ntp-keygen subject-name:: subject-name option (-s)
42: * ntp-keygen trusted-cert:: trusted-cert option (-T)
43: @end menu
44:
45: @node ntp-keygen usage
46: @subsection ntp-keygen usage help (-?)
47: @cindex ntp-keygen usage
48:
49: This is the automatically generated usage text for ntp-keygen:
50:
51: @exampleindent 0
52: @example
53: ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.6p5
54: USAGE: ntp-keygen [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
55: Flg Arg Option-Name Description
56: -c Str certificate certificate scheme
57: -d no debug-level Increase output debug message level
58: - may appear multiple times
59: -D Str set-debug-level Set the output debug message level
60: - may appear multiple times
61: -e no id-key Write IFF or GQ identity keys
62: -G no gq-params Generate GQ parameters and keys
63: -H no host-key generate RSA host key
64: -I no iffkey generate IFF parameters
65: -i Str issuer-name set issuer name
66: -M no md5key generate MD5 keys
67: -m Num modulus modulus
68: - It must be in the range:
69: 256 to 2048
70: -P no pvt-cert generate PC private certificate
71: -p Str pvt-passwd output private password
72: -q Str get-pvt-passwd input private password
73: -S Str sign-key generate sign key (RSA or DSA)
74: -s Str subject-name set subject name
75: -T no trusted-cert trusted certificate (TC scheme)
76: -V Num mv-params generate <num> MV parameters
77: -v Num mv-keys update <num> MV keys
78: opt version Output version information and exit
79: -? no help Display extended usage information and exit
80: -! no more-help Extended usage information passed thru pager
81: -> opt save-opts Save the option state to a config file
82: -< Str load-opts Load options from a config file
83: - disabled as --no-load-opts
84: - may appear multiple times
85:
86: Options are specified by doubled hyphens and their name or by a single
87: hyphen and the flag character.
88:
89: The following option preset mechanisms are supported:
90: - reading file $HOME/.ntprc
91: - reading file ./.ntprc
92: - examining environment variables named NTP_KEYGEN_*
93:
94: If there is no new host key, look for an existing one. If one is not
95: found, create it.
96:
97: please send bug reports to: http://bugs.ntp.org, bugs@@ntp.org
98: @end example
99: @exampleindent 4
100:
101: @node ntp-keygen certificate
102: @subsection certificate option (-c)
103: @cindex ntp-keygen-certificate
104:
105: This is the ``certificate scheme'' option.
106:
107: This option has some usage constraints. It:
108: @itemize @bullet
109: @item
110: must be compiled in by defining @code{OPENSSL} during the compilation.
111: @end itemize
112:
113: scheme is one of
114: RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160,
115: DSA-SHA, or DSA-SHA1.
116:
117: Select the certificate message digest/signature encryption scheme.
118: Note that RSA schemes must be used with a RSA sign key and DSA
119: schemes must be used with a DSA sign key. The default without
120: this option is RSA-MD5.
121:
122: @node ntp-keygen debug-level
123: @subsection debug-level option (-d)
124: @cindex ntp-keygen-debug-level
125:
126: This is the ``increase output debug message level'' option.
127:
128: This option has some usage constraints. It:
129: @itemize @bullet
130: @item
131: may appear an unlimited number of times.
132: @end itemize
133:
134: Increase the debugging message output level.
135:
136: @node ntp-keygen get-pvt-passwd
137: @subsection get-pvt-passwd option (-q)
138: @cindex ntp-keygen-get-pvt-passwd
139:
140: This is the ``input private password'' option.
141:
142: This option has some usage constraints. It:
143: @itemize @bullet
144: @item
145: must be compiled in by defining @code{OPENSSL} during the compilation.
146: @end itemize
147:
148: Set the password for reading files to the specified password.
149:
150: @node ntp-keygen gq-params
151: @subsection gq-params option (-G)
152: @cindex ntp-keygen-gq-params
153:
154: This is the ``generate gq parameters and keys'' option.
155:
156: This option has some usage constraints. It:
157: @itemize @bullet
158: @item
159: must be compiled in by defining @code{OPENSSL} during the compilation.
160: @end itemize
161:
162: Generate parameters and keys for the GQ identification scheme,
163: obsoleting any that may exist.
164:
165: @node ntp-keygen host-key
166: @subsection host-key option (-H)
167: @cindex ntp-keygen-host-key
168:
169: This is the ``generate rsa host key'' option.
170:
171: This option has some usage constraints. It:
172: @itemize @bullet
173: @item
174: must be compiled in by defining @code{OPENSSL} during the compilation.
175: @end itemize
176:
177: Generate new host keys, obsoleting any that may exist.
178:
179: @node ntp-keygen id-key
180: @subsection id-key option (-e)
181: @cindex ntp-keygen-id-key
182:
183: This is the ``write iff or gq identity keys'' option.
184:
185: This option has some usage constraints. It:
186: @itemize @bullet
187: @item
188: must be compiled in by defining @code{OPENSSL} during the compilation.
189: @end itemize
190:
191: Write the IFF or GQ client keys to the standard output. This is
192: intended for automatic key distribution by mail.
193:
194: @node ntp-keygen iffkey
195: @subsection iffkey option (-I)
196: @cindex ntp-keygen-iffkey
197:
198: This is the ``generate iff parameters'' option.
199:
200: This option has some usage constraints. It:
201: @itemize @bullet
202: @item
203: must be compiled in by defining @code{OPENSSL} during the compilation.
204: @end itemize
205:
206: Generate parameters for the IFF identification scheme, obsoleting
207: any that may exist.
208:
209: @node ntp-keygen issuer-name
210: @subsection issuer-name option (-i)
211: @cindex ntp-keygen-issuer-name
212:
213: This is the ``set issuer name'' option.
214:
215: This option has some usage constraints. It:
216: @itemize @bullet
217: @item
218: must be compiled in by defining @code{OPENSSL} during the compilation.
219: @end itemize
220:
221: Set the suject name to name. This is used as the subject field
222: in certificates and in the file name for host and sign keys.
223:
224: @node ntp-keygen md5key
225: @subsection md5key option (-M)
226: @cindex ntp-keygen-md5key
227:
228: This is the ``generate md5 keys'' option.
229: Generate MD5 keys, obsoleting any that may exist.
230:
231: @node ntp-keygen modulus
232: @subsection modulus option (-m)
233: @cindex ntp-keygen-modulus
234:
235: This is the ``modulus'' option.
236:
237: This option has some usage constraints. It:
238: @itemize @bullet
239: @item
240: must be compiled in by defining @code{OPENSSL} during the compilation.
241: @end itemize
242:
243: The number of bits in the prime modulus. The default is 512.
244:
245: @node ntp-keygen mv-keys
246: @subsection mv-keys option (-v)
247: @cindex ntp-keygen-mv-keys
248:
249: This is the ``update <num> mv keys'' option.
250:
251: This option has some usage constraints. It:
252: @itemize @bullet
253: @item
254: must be compiled in by defining @code{OPENSSL} during the compilation.
255: @end itemize
256:
257: This option has no @samp{doc} documentation.
258:
259: @node ntp-keygen mv-params
260: @subsection mv-params option (-V)
261: @cindex ntp-keygen-mv-params
262:
263: This is the ``generate <num> mv parameters'' option.
264:
265: This option has some usage constraints. It:
266: @itemize @bullet
267: @item
268: must be compiled in by defining @code{OPENSSL} during the compilation.
269: @end itemize
270:
271: Generate parameters and keys for the Mu-Varadharajan (MV)
272: identification scheme.
273:
274: @node ntp-keygen pvt-cert
275: @subsection pvt-cert option (-P)
276: @cindex ntp-keygen-pvt-cert
277:
278: This is the ``generate pc private certificate'' option.
279:
280: This option has some usage constraints. It:
281: @itemize @bullet
282: @item
283: must be compiled in by defining @code{OPENSSL} during the compilation.
284: @end itemize
285:
286: Generate a private certificate. By default, the program generates
287: public certificates.
288:
289: @node ntp-keygen pvt-passwd
290: @subsection pvt-passwd option (-p)
291: @cindex ntp-keygen-pvt-passwd
292:
293: This is the ``output private password'' option.
294:
295: This option has some usage constraints. It:
296: @itemize @bullet
297: @item
298: must be compiled in by defining @code{OPENSSL} during the compilation.
299: @end itemize
300:
301: Encrypt generated files containing private data with the specified
302: password and the DES-CBC algorithm.
303:
304: @node ntp-keygen set-debug-level
305: @subsection set-debug-level option (-D)
306: @cindex ntp-keygen-set-debug-level
307:
308: This is the ``set the output debug message level'' option.
309:
310: This option has some usage constraints. It:
311: @itemize @bullet
312: @item
313: may appear an unlimited number of times.
314: @end itemize
315:
316: Set the output debugging level. Can be supplied multiple times,
317: but each overrides the previous value(s).
318:
319: @node ntp-keygen sign-key
320: @subsection sign-key option (-S)
321: @cindex ntp-keygen-sign-key
322:
323: This is the ``generate sign key (rsa or dsa)'' option.
324:
325: This option has some usage constraints. It:
326: @itemize @bullet
327: @item
328: must be compiled in by defining @code{OPENSSL} during the compilation.
329: @end itemize
330:
331: Generate a new sign key of the designated type, obsoleting any
332: that may exist. By default, the program uses the host key as the
333: sign key.
334:
335: @node ntp-keygen subject-name
336: @subsection subject-name option (-s)
337: @cindex ntp-keygen-subject-name
338:
339: This is the ``set subject name'' option.
340:
341: This option has some usage constraints. It:
342: @itemize @bullet
343: @item
344: must be compiled in by defining @code{OPENSSL} during the compilation.
345: @end itemize
346:
347: Set the issuer name to name. This is used for the issuer field
348: in certificates and in the file name for identity files.
349:
350: @node ntp-keygen trusted-cert
351: @subsection trusted-cert option (-T)
352: @cindex ntp-keygen-trusted-cert
353:
354: This is the ``trusted certificate (tc scheme)'' option.
355:
356: This option has some usage constraints. It:
357: @itemize @bullet
358: @item
359: must be compiled in by defining @code{OPENSSL} during the compilation.
360: @end itemize
361:
362: Generate a trusted certificate. By default, the program generates
363: a non-trusted certificate.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>