17
Configuring NTP authentication in client/server mode
To ensure a successful NTP authentication, configure the same authentication key ID, algorithm, and
key on the server and client. Make sure the peer device is allowed to use the key ID for
authentication on the local device.
To configure NTP authentication for a client:
1. Enter system view.
system-view
N/A
2.
authentication.
ntp-service authentication enable
By default, NTP authentication is
disabled.
3.
authentication key.
• Release 1111:
ntp-service
authentication-keyid keyid
authentication-mode md5
{ cipher | simple } value
• Release 1121 and later:
ntp-service
authentication-keyid keyid
authentication-mode
{ hmac-sha-1 | hmac-sha-256 |
hmac-sha-384 | hmac-sha-512 |
md5 } { cipher | simple } string
[ acl ipv4-acl-number | ipv6 acl
ipv6-acl-number ] *
By default, no NTP authentication
key is configured.
4. Configure the key as a
trusted key.
ntp-
authentication-keyid
keyid
By default, no authentication key
is configured as a trusted key.
5. Associate the specified
key with an NTP server.
• Associate the specified key with
an NTP server:
ntp-service unicast-server
{ server-name | ip-address }
[ vpn-instance
vpn-instance-name ]
authentication-keyid keyid
• Associate the specified key with
an IPv6 NTP server:
ntp-service ipv6 unicast-server
{ server-name | ipv6-address }
[ vpn-instance
vpn-instance-name ]
keyid
N/A
To configure NTP authentication for a server:
1. Enter system view.
N/A
2. Enable NTP
authentication.
ntp-service
authentication
enable
By default
authentication is disabled.
3.
authentication key.
• Release 1111:
ntp-service authentication-keyid
keyid authentication-mode md5
{ cipher | simple } value
• Release 1121 and later:
ntp-service authentication-keyid
keyid authentication-mode
{ hmac-sha-1 | hmac-sha-256 |
By default, n
authentication key is
configured.
To Next Page
Loading...
Need help?
General