System Management
356
Basic System Configuration Guide
3HE 11010 AAAC TQZZA Edition: 01
Parameters key-id — configures the authentication key-id that will be used by the node when
transmitting or receiving Network Time Protocol packets
Entering the authentication-key command with a key-id value that matches an
existing configuration key will result in overriding the existing entry.
Recipients of the NTP packets must have the same authentication key-id, type, and
key value in order to use the data transmitted by this node. This is an optional
parameter.
Values 1 to 255
Default n/a
key — the authentication key associated with the configured key-id. The value configured
in this parameter is the actual value used by other network elements to authenticate
the NTP packet.
The key can be any combination of ASCII characters up to 8 characters in length
(unencrypted). If spaces are used in the string, enclose the entire string in quotation
marks (“.”).
hash — specifies that the key is entered in an encrypted form. If the hash or hash2
parameter is not used, the key is assumed to be in a non-encrypted, clear text form.
For security, all keys are stored in encrypted form in the configuration file with the
hash or hash2 parameter specified.
hash2 — specifies that the key is entered in a more complex encrypted form that
involves more variables then the key value alone. This means that hash2 encrypted
variable cannot be copied and pasted. If the hash or hash2 parameter is not used,
the key is assumed to be in a non-encrypted, clear text form. For security, all keys
are stored in encrypted form in the configuration file with the hash or hash2
parameter specified.
type — determines if DES or message-digest authentication is used
This is a required parameter; either DES or message-digest must be configured.
Values des — specifies that DES authentication is used for this key
message-digest — specifies that MD5 authentication in
accordance with RFC 2104 is used for this key
broadcastclient
Syntax [no] broadcastclient [router router-name] {interface ip-int-name} [authenticate]
Context config>system>time>ntp
Description When configuring NTP, the node can be configured to receive broadcast packets on a given
subnet. Broadcast and multicast messages can easily be spoofed; thus, authentication is
strongly recommended. If broadcast is not configured, then received NTP broadcast traffic
will be ignored. Use the show command to view the state of the configuration.
The no form of this command removes the address from the configuration.
To Next Page
Loading...
