diff -up ntp-4.2.6p5/html/keygen.html.pwcipher ntp-4.2.6p5/html/keygen.html
--- ntp-4.2.6p5/html/keygen.html.pwcipher	2012-11-23 13:57:26.178868018 +0100
+++ ntp-4.2.6p5/html/keygen.html	2012-11-23 14:44:50.952850361 +0100
@@ -44,8 +44,8 @@
 <h4 id="synop">Synopsis</h4>
 
 <p id="intro"><tt>ntp-keygen [ -deGHIMPT ] [ -b <i>modulus</i> ] [ -c [RSA-MD2 | RSA-MD5 | RSA-SHA
-		| RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ] ] [
-		-i <i>group</i> ]
+		| RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ] ]
+		[ -C <i>cipher</i> ] [ -i <i>group</i> ]
 		[ -m <i>modulus</i> ]  [ -p <i>passwd2</i> ] [ -q <i>passwd1</i> ] [ -S
 		[ RSA | DSA ] ] [ -s <i>host</i> ] [ -V <i>nkeys</i> ]</tt></p>
 
@@ -148,6 +148,9 @@
 	compatibility with FIPS 140-2 is required, either the <tt>DSA-SHA</tt> or <tt>DSA-SHA1</tt> scheme
 	must be used.</dd>
 
+<dt><tt>-C <i>cipher</i></tt>
+<dd>Select the cipher which is used to encrypt the files containing private keys.  The default is three-key triple DES in CBC mode, equivalent to "-C des-ede3-cbc".  The openssl tool lists ciphers available in "openssl -h" output.</dd>
+
 <dt><tt>-d</tt></dt>
 <dd>Enable debugging. This option displays the cryptographic data produced for eye-friendly billboards.</dd>
 
@@ -215,7 +218,7 @@
 
 <p>All files begin with two nonencrypted lines. The first line contains the file name in the format <tt>ntpkey_<i>key</i>_<i>host</i>.<i>fstamp</i></tt>. The second line contains the datestamp in conventional Unix <tt>date</tt> format. Lines beginning with <tt>#</tt> are ignored.</p>
 
-<p>The remainder of the file contains cryptographic data encoded first using ASN.1 rules, then encrypted using the DES-CBC algorithm and given password and finally written in PEM-encoded printable ASCII text preceded and followed by MIME content identifier lines.</p>
+<p>The remainder of the file contains cryptographic data encoded first using ASN.1 rules, then encrypted using the cipher selected with <tt>-C</tt> and given password and finally written in PEM-encoded printable ASCII text preceded and followed by MIME content identifier lines.</p>
 
 <p id="symkey">The format of the symmetric keys file is somewhat different than the other files in the interest of backward compatibility. Since DES-CBC is deprecated in NTPv4, the only key format of interest is MD5 alphanumeric strings. Following the header the keys are entered one per line in the format</p>
 
@@ -237,4 +240,4 @@
 
 </body>
 
-</html>
\ No newline at end of file
+</html>
diff -up ntp-4.2.6p5/util/ntp-keygen-opts.def.pwcipher ntp-4.2.6p5/util/ntp-keygen-opts.def
--- ntp-4.2.6p5/util/ntp-keygen-opts.def.pwcipher	2009-12-09 08:36:35.000000000 +0100
+++ ntp-4.2.6p5/util/ntp-keygen-opts.def	2012-11-23 13:57:26.211868051 +0100
@@ -34,6 +34,21 @@ flag = {
 	_EndOfDoc_;
 };
 
+flag = {
+    value     = C;
+    name      = cipher;
+    arg-type  = string;
+    arg-name  = cipher;
+    ifdef     = OPENSSL;
+    descrip   = "privatekey cipher";
+    doc = <<-  _EndOfDoc_
+	Select the cipher which is used to encrypt the files containing
+	private keys.  The default is three-key triple DES in CBC mode,
+	equivalent to "-C des-ede3-cbc".  The openssl tool lists ciphers
+	available in "openssl -h" output.
+	_EndOfDoc_;
+};
+
 #include       debug-opt.def
 
 flag = {
@@ -134,7 +149,7 @@ flag = {
     descrip   = "output private password";
     doc = <<-  _EndOfDoc_
 	Encrypt generated files containing private data with the specified
-	password and the DES-CBC algorithm.
+	password and the cipher selected with -C/--cipher.
 	_EndOfDoc_;
 };
 
diff -up ntp-4.2.6p5/util/ntp-keygen.c.pwcipher ntp-4.2.6p5/util/ntp-keygen.c
--- ntp-4.2.6p5/util/ntp-keygen.c.pwcipher	2012-11-23 13:57:26.202868041 +0100
+++ ntp-4.2.6p5/util/ntp-keygen.c	2012-11-23 13:57:26.212868052 +0100
@@ -169,6 +169,7 @@ char	*passwd1 = NULL;	/* input private k
 char	*passwd2 = NULL;	/* output private key password */
 #ifdef OPENSSL
 long	d0, d1, d2, d3;		/* callback counters */
+const EVP_CIPHER * cipher = NULL;
 #endif /* OPENSSL */
 
 #ifdef SYS_WINNT
@@ -236,6 +237,7 @@ main(
 	const EVP_MD *ectx;	/* EVP digest */
 	char	pathbuf[MAXFILENAME + 1];
 	const char *scheme = NULL; /* digest/signature scheme */
+	const char *ciphername = NULL; /* to encrypt priv. key */
 	char	*exten = NULL;	/* private extension */
 	char	*grpkey = NULL;	/* identity extension */
 	int	nid;		/* X509 digest/signature scheme */
@@ -322,6 +324,9 @@ main(
 	if (HAVE_OPT( CERTIFICATE ))
 		scheme = OPT_ARG( CERTIFICATE );
 
+	if (HAVE_OPT( CIPHER ))
+		ciphername = OPT_ARG( CIPHER );
+
 	if (HAVE_OPT( SUBJECT_NAME ))
 		hostname = strdup(OPT_ARG( SUBJECT_NAME ));
 
@@ -418,6 +423,13 @@ main(
 	}
 	if (scheme == NULL)
 		scheme = "RSA-MD5";
+	if (ciphername == NULL)
+		ciphername = "des-ede3-cbc";
+	cipher = EVP_get_cipherbyname(ciphername);
+	if (cipher == NULL) {
+		fprintf(stderr, "Unknown cipher %s\n", ciphername);
+		exit(-1);
+	}
 	if (groupname == NULL)
 		groupname = hostname;
 	fprintf(stderr, "Using host %s group %s\n", hostname,
@@ -520,9 +532,9 @@ main(
 		BN_copy(rsa->q, BN_value_one());
 		pkey = EVP_PKEY_new();
 		EVP_PKEY_assign_RSA(pkey, rsa);
-		PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL,
-		    NULL);
-		fclose(stdout);
+		PEM_write_PKCS8PrivateKey(stdout, pkey, NULL, NULL, 0,
+		    NULL, NULL);
+		fflush(stdout);
 		if (debug)
 			RSA_print_fp(stderr, rsa, 0);
 	}
@@ -542,9 +554,9 @@ main(
 		rsa = pkey_gqkey->pkey.rsa;
 		pkey = EVP_PKEY_new();
 		EVP_PKEY_assign_RSA(pkey, rsa);
-		PEM_write_PrivateKey(stdout, pkey,
-		    EVP_des_cbc(), NULL, 0, NULL, passwd2);
-		fclose(stdout);
+		PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,
+		    NULL, passwd2);
+		fflush(stdout);
 		if (debug)
 			RSA_print_fp(stderr, rsa, 0);
 	}
@@ -584,9 +596,9 @@ main(
 		BN_copy(dsa->priv_key, BN_value_one());
 		pkey = EVP_PKEY_new();
 		EVP_PKEY_assign_DSA(pkey, dsa);
-		PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL,
-		    NULL);
-		fclose(stdout);
+		PEM_write_PKCS8PrivateKey(stdout, pkey, NULL, NULL, 0,
+		    NULL, NULL);
+		fflush(stdout);
 		if (debug)
 			DSA_print_fp(stderr, dsa, 0);
 	}
@@ -607,9 +619,9 @@ main(
 		dsa = pkey_iffkey->pkey.dsa;
 		pkey = EVP_PKEY_new();
 		EVP_PKEY_assign_DSA(pkey, dsa);
-		PEM_write_PrivateKey(stdout, pkey, EVP_des_cbc(), NULL,
-		    0, NULL, passwd2);
-		fclose(stdout);
+		PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,
+		    NULL, passwd2);
+		fflush(stdout);
 		if (debug)
 			DSA_print_fp(stderr, dsa, 0);
 	}
@@ -645,9 +657,9 @@ main(
 		fprintf(stdout, "# %s\n# %s\n", filename,
 		    ctime(&epoch));
 		pkey = pkey_mvpar[2];
-		PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL,
-		    NULL);
-		fclose(stdout);
+		PEM_write_PKCS8PrivateKey(stdout, pkey, NULL, NULL, 0,
+		    NULL, NULL);
+		fflush(stdout);
 		if (debug)
 			DSA_print_fp(stderr, pkey->pkey.dsa, 0);
 	}
@@ -664,9 +676,9 @@ main(
 		fprintf(stdout, "# %s\n# %s\n", filename,
 		    ctime(&epoch));
 		pkey = pkey_mvpar[1];
-		PEM_write_PrivateKey(stdout, pkey, EVP_des_cbc(), NULL,
-		    0, NULL, passwd2);
-		fclose(stdout);
+		PEM_write_PKCS8PrivateKey(stdout, pkey, cipher, NULL, 0,
+		    NULL, passwd2);
+		fflush(stdout);
 		if (debug)
 			DSA_print_fp(stderr, pkey->pkey.dsa, 0);
 	}
@@ -886,7 +898,7 @@ gen_rsa(
 		str = fheader("RSAhost", id, hostname);
 	pkey = EVP_PKEY_new();
 	EVP_PKEY_assign_RSA(pkey, rsa);
-	PEM_write_PrivateKey(str, pkey, EVP_des_cbc(), NULL, 0, NULL,
+	PEM_write_PKCS8PrivateKey(str, pkey, cipher, NULL, 0, NULL,
 	    passwd1);
 	fclose(str);
 	if (debug)
@@ -941,7 +953,7 @@ gen_dsa(
 	str = fheader("DSAsign", id, hostname);
 	pkey = EVP_PKEY_new();
 	EVP_PKEY_assign_DSA(pkey, dsa);
-	PEM_write_PrivateKey(str, pkey, EVP_des_cbc(), NULL, 0, NULL,
+	PEM_write_PKCS8PrivateKey(str, pkey, cipher, NULL, 0, NULL,
 	    passwd1);
 	fclose(str);
 	if (debug)
@@ -1108,7 +1120,7 @@ gen_iffkey(
 	str = fheader("IFFkey", id, groupname);
 	pkey = EVP_PKEY_new();
 	EVP_PKEY_assign_DSA(pkey, dsa);
-	PEM_write_PrivateKey(str, pkey, EVP_des_cbc(), NULL, 0, NULL,
+	PEM_write_PKCS8PrivateKey(str, pkey, cipher, NULL, 0, NULL,
 	    passwd1);
 	fclose(str);
 	if (debug)
@@ -1305,7 +1317,7 @@ gen_gqkey(
 	str = fheader("GQkey", id, groupname);
 	pkey = EVP_PKEY_new();
 	EVP_PKEY_assign_RSA(pkey, rsa);
-	PEM_write_PrivateKey(str, pkey, EVP_des_cbc(), NULL, 0, NULL,
+	PEM_write_PKCS8PrivateKey(str, pkey, cipher, NULL, 0, NULL,
 	    passwd1);
 	fclose(str);
 	if (debug)
@@ -1710,7 +1722,7 @@ gen_mvkey(
 	BN_copy(dsa->pub_key, b);
 	pkey = EVP_PKEY_new();
 	EVP_PKEY_assign_DSA(pkey, dsa);
-	PEM_write_PrivateKey(str, pkey, EVP_des_cbc(), NULL, 0, NULL,
+	PEM_write_PKCS8PrivateKey(str, pkey, cipher, NULL, 0, NULL,
 	    passwd1);
 	evpars[i++] = pkey;
 	if (debug)
@@ -1736,7 +1748,7 @@ gen_mvkey(
 	dsa2->pub_key = BN_dup(ghat);
 	pkey1 = EVP_PKEY_new();
 	EVP_PKEY_assign_DSA(pkey1, dsa2);
-	PEM_write_PrivateKey(str, pkey1, EVP_des_cbc(), NULL, 0, NULL,
+	PEM_write_PKCS8PrivateKey(str, pkey1, cipher, NULL, 0, NULL,
 	    passwd1);
 	evpars[i++] = pkey1;
 	if (debug)
@@ -1762,7 +1774,7 @@ gen_mvkey(
 		sdsa->pub_key = BN_dup(xhat[j]);
 		pkey1 = EVP_PKEY_new();
 		EVP_PKEY_set1_DSA(pkey1, sdsa);
-		PEM_write_PrivateKey(str, pkey1, EVP_des_cbc(), NULL, 0,
+		PEM_write_PKCS8PrivateKey(str, pkey1, cipher, NULL, 0,
 		    NULL, passwd1);
 		evpars[i++] = pkey1;
 		if (debug)