ip ospf authentication-type (for a port)

Configure the OSPF authentication type for the port. If you choose simple, you must configure the password with the ip ospf authentiation-key WORD<0-8> command. If you choose MD5, you must configure the MD5 key with the ip ospf message-digest-key <1-255> md5 WORD<0-16> command.

Syntax

ip ospf authentication-type message-digest
ip ospf authentication-type none
ip ospf authentication-type sha-1
ip ospf authentication-type sha-2
ip ospf authentication-type simple
ip ospf port {slot/port[/sub-port][-slot/port[/sub-port]][,...]} authentication-type message-digest
ip ospf port {slot/port[/sub-port][-slot/port[/sub-port]][,...]} authentication-type none
ip ospf port {slot/port[/sub-port][-slot/port[/sub-port]][,...]} authentication-type sha-1
ip ospf port {slot/port[/sub-port][-slot/port[/sub-port]][,...]} authentication-type sha-2
ip ospf port {slot/port[/sub-port][-slot/port[/sub-port]][,...]} authentication-type simple
no ip ospf authentication-type

Command Parameters

message-digest: Configures the authentication-type to message-digest.; If you choose MD5, you must configure the MD5 key with the ip ospf message-digest-key <1-255> md5 WORD<0-16> command. Message Digest 5 (MD5) provides standards-based authentication using 128-bit encryption.; If you use MD5, each OSPF packet has a message digest appended to it. The digest must match between sending and receiving routers, or the packet is discarded.
none: Configures the authentication-type to none.
port {slot/port[/sub-port] [-slot/port[/sub-port]] [,...]}: Identifies the slot and port in one of the following formats: a single slot and port (slot/port), a range of slots and ports (slot/port-slot/port), or a series of slots and ports (slot/port,slot/port,slot/port). If the platform supports channelization and the port is channelized, you must also specify the sub-port in the format slot/port/sub-port.
sha-1: Configures the authentication-type to secure hash algorithm 1 (SHA-1). SHA-1 provides standards-based authentication using 128-bit encryption.
sha-2: sha-2—Specifies SHA-2, which offers the hash function SHA-256.
Note

The parameter sha-2, an update of SHA-1, can offer six hash functions that include SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224,SHA 512/256, with hash values that are 224, 256, 384, or 512 bits. However, the current release supports only SHA-256.
simple: Configures the authentication-type to use a simple-text password. Only routers that contain the same authentication ID in their LSA can communicate with each other. Using a simple-text password is not a best practice for security. If you choose simple, you must configure the password with the ip ospf authentiation-key WORD<0-8> command.

Default

None

Command Mode

GigabitEthernet Interface Configuration