Patrick Welche <prlw1@cam.ac.uk>

[netbsd-mini2440.git] / external / bsd / ntp / dist / util / ntp-keygen.1

.TH NTP-KEYGEN 1 2009-12-10 "(ntp 4.2.6)" "Programmer's Manual"
.\"  EDIT THIS FILE WITH CAUTION  (ntp-keygen.1)
.\"  
.\"  It has been AutoGen-ed  December 10, 2009 at 05:08:22 AM by AutoGen 5.10
.\"  From the definitions    ntp-keygen-opts.def
.\"  and the template file   agman1.tpl
.\"
.SH NAME
ntp-keygen \- Create a NTP host key
.SH SYNOPSIS
.B ntp-keygen
.\" Mixture of short (flag) options and long options
.RB [ \-\fIflag\fP " [\fIvalue\fP]]... [" \--\fIopt-name\fP " [[=| ]\fIvalue\fP]]..."
.PP
All arguments must be options.
.SH "DESCRIPTION"
This manual page briefly documents the \fBntp-keygen\fP command.
If there is no new host key, look for an existing one.
If one is not found, create it.
.SH OPTIONS
.TP
.BR \-c " \fIscheme\fP, " \--certificate "=" \fIscheme\fP
certificate scheme.
.sp
scheme is one of
RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160,
DSA-SHA, or DSA-SHA1.

Select the certificate message digest/signature encryption scheme.
Note that RSA schemes must be used with a RSA sign key and DSA
schemes must be used with a DSA sign key.  The default without
this option is RSA-MD5.
.TP
.BR \-d ", " \--debug-level
Increase output debug message level.
This option may appear an unlimited number of times.
.sp
Increase the debugging message output level.
.TP
.BR \-D " \fIstring\fP, " \--set-debug-level "=" \fIstring\fP
Set the output debug message level.
This option may appear an unlimited number of times.
.sp
Set the output debugging level.  Can be supplied multiple times,
but each overrides the previous value(s).
.TP
.BR \-e ", " \--id-key
Write IFF or GQ identity keys.
.sp
Write the IFF or GQ client keys to the standard output.  This is
intended for automatic key distribution by mail.
.TP
.BR \-G ", " \--gq-params
Generate GQ parameters and keys.
.sp
Generate parameters and keys for the GQ identification scheme,
obsoleting any that may exist.
.TP
.BR \-H ", " \--host-key
generate RSA host key.
.sp
Generate new host keys, obsoleting any that may exist.
.TP
.BR \-I ", " \--iffkey
generate IFF parameters.
.sp
Generate parameters for the IFF identification scheme, obsoleting
any that may exist.
.TP
.BR \-i " \fIissuer-name\fP, " \--issuer-name "=" \fIissuer-name\fP
set issuer name.
.sp
Set the suject name to name.  This is used as the subject field
in certificates and in the file name for host and sign keys.
.TP
.BR \-M ", " \--md5key
generate MD5 keys.
.sp
Generate MD5 keys, obsoleting any that may exist.
.TP
.BR \-m " \fImodulus\fP, " \--modulus "=" \fImodulus\fP
modulus.
This option takes an integer number as its argument.
The value of \fImodulus\fP is constrained to being:
.in +4
.nf
.na
in the range  256 through 2048
.fi
.in -4
.sp
The number of bits in the prime modulus.  The default is 512.
.TP
.BR \-P ", " \--pvt-cert
generate PC private certificate.
.sp
Generate a private certificate.  By default, the program generates
public certificates.
.TP
.BR \-p " \fIpasswd\fP, " \--pvt-passwd "=" \fIpasswd\fP
output private password.
.sp
Encrypt generated files containing private data with the specified
password and the DES-CBC algorithm.
.TP
.BR \-q " \fIpasswd\fP, " \--get-pvt-passwd "=" \fIpasswd\fP
input private password.
.sp
Set the password for reading files to the specified password.
.TP
.BR \-S " \fIsign\fP, " \--sign-key "=" \fIsign\fP
generate sign key (RSA or DSA).
.sp
Generate a new sign key of the designated type, obsoleting any
that may exist.  By default, the program uses the host key as the
sign key.
.TP
.BR \-s " \fIhost\fP, " \--subject-name "=" \fIhost\fP
set subject name.
.sp
Set the issuer name to name.  This is used for the issuer field
in certificates and in the file name for identity files.
.TP
.BR \-T ", " \--trusted-cert
trusted certificate (TC scheme).
.sp
Generate a trusted certificate.  By default, the program generates
a non-trusted certificate.
.TP
.BR \-V " \fInum\fP, " \--mv-params "=" \fInum\fP
generate <num> MV parameters.
This option takes an integer number as its argument.
.sp
Generate parameters and keys for the Mu-Varadharajan (MV)
identification scheme.
.TP
.BR \-v " \fInum\fP, " \--mv-keys "=" \fInum\fP
update <num> MV keys.
This option takes an integer number as its argument.
.sp
This option has not been fully documented.
.TP
.BR \-? , " \--help"
Display extended usage information and exit.
.TP
.BR \-! , " \--more-help"
Extended usage information passed thru pager.
.TP
.BR \-> " [\fIrcfile\fP]," " \--save-opts" "[=\fIrcfile\fP]"
Save the option state to \fIrcfile\fP.  The default is the \fIlast\fP
configuration file listed in the \fBOPTION PRESETS\fP section, below.
.TP
.BR \-< " \fIrcfile\fP," " \--load-opts" "=\fIrcfile\fP," " \--no-load-opts"
Load options from \fIrcfile\fP.
The \fIno-load-opts\fP form will disable the loading
of earlier RC/INI files.  \fI--no-load-opts\fP is handled early,
out of order.
.TP
.BR \- " [{\fIv|c|n\fP}]," " \--version" "[=\fI{v|c|n}\fP]"
Output version of program and exit.  The default mode is `v', a simple
version.  The `c' mode will print copyright information and `n' will
print the full copyright notice.
.SH OPTION PRESETS
Any option that is not marked as \fInot presettable\fP may be preset
by loading values from configuration ("RC" or ".INI") file(s) and values from
environment variables named:
.nf
  \fBNTP_KEYGEN_<option-name>\fP or \fBNTP_KEYGEN\fP
.fi
.ad
The environmental presets take precedence (are processed later than)
the configuration files.
The \fIhomerc\fP files are "\fI$HOME\fP", and "\fI.\fP".
If any of these are directories, then the file \fI.ntprc\fP
is searched for within those directories.
.SH AUTHOR
David L. Mills and/or others
.br
Please send bug reports to:  http://bugs.ntp.org, bugs@ntp.org

.PP
.nf
.na
see html/copyright.html
.fi
.ad
.PP
This manual page was \fIAutoGen\fP-erated from the \fBntp-keygen\fP
option definitions.