[ntp:questions] ntp-keygen -M generates keys of 20 characters, yet docs for ntp-keygen state up 16 characters

Dave Hart davehart at gmail.com
Tue Sep 27 01:30:26 UTC 2011

On Mon, Sep 26, 2011 at 23:58,  <jnixon at brocade.com> wrote:
> The documention states that MD5keys will be lss then or equal to 16
> characters in length, and consist of a printable ASCII characters and
> be terminated by whitespace or #. Yet the output of 'ntp-keygen -M',
> and the examples shown in the documentation are all 20 characters in
> length. Can anyone explain the difference, and what is the correct
> length for the md5 keys?

I hope Dr. Mills will respond directly, but I can tell you what the
code actually does in 4.2.6/4.2.7.  For quite some time, MD5 was the
only digest algorithm implemented by ntpd, ntpdc, and ntpq for
symmetric authentication.  MD5 digests (hashes) are 16 bytes in
length.  Late in the 4.2.5 (ntp-dev) period, the reference
implementation added support for using any digest algorithm your
OpenSSL library provides, when built to use OpenSSL (as is default).
Without OpenSSL, ntpd still provides MD5-only symmetric
authentication.  Most of these newly-available-to-ntpd digest
algorithms, such as SHA1, generate 20 byte digests.

The digest size is not the same as the key length, but the two are
related.  If there are 20 bytes of digest signing my
SHA1-authenticated NTP traffic, I want at least 20 bytes of key
material to make cracking my key as difficult as possible.  The same
goes for MD5, you should want at least 16 bytes of key material,
though more is better.

At the time ntpd and friends began supporting 20-byte digests,
ntp-keygen was changed to generate 20-byte keys, rather than 16.

ntp.keys and ntp-keygen reflect two ways of encoding key material,
directly as ASCII and encoded as hex.  The hex encoding can represent
all 8 bits per byte, while the printable/keyable ASCII form
necessarily carries less than 8 bits of information.  Note that
ntp.keys is used by ntpd, but not by ntpq nor ntpdc, which require
symmetric authentication of some operations.  When configuring
symmetric authentication between ntpd instances, use the more secure
hex output of ntp-keygen.  When configuring keys for use by ntpq or
ntpdc, the printable ASCII form should be used, as the same key (in
this context, password) must be typed or pasted to ntpq/ntpdc or
provided on their command line.

When ntpd reads ntp.keys, the length of the provided key material
determines its treatment.  If it is 20 characters or less, it is
treated as ASCII and used directly as the binary key material.  If it
is 21 characters or more, up to 40 characters are decoded from hex
resulting in up to 20 bytes of binary key material.  No matter the
encoding, no more than 20 bytes of key material are used.

Dave Hart

More information about the questions mailing list