Managing NTP Authentication
To prevent false time information from unauthorized servers, enable NTP
authentication to allow an authenticated server and client to exchange time information. The
currently supported authentication method is the RSA Data Security, Inc. MD5 Message-Digest
Algorithm. First, enable NTP authentication globally on the switch. Then create an NTP
authentication key configured as trusted, to check the encryption key against the key on the
receiving device before an NTP packet is sent. After configuration is complete, an NTP
server, peer, and broadcast server can use NTP authenticated service.
-
To enable or disable NTP authentication globally on the
switch, use the following command:
enable ntp authentication
disable ntp authentication
-
To create or delete an RSA Data Security, Inc. MD5
Message-Digest Algorithm key for NTP authentication, use the following command:
create ntp key keyid md5 key_string
delete ntp key [keyid | all]
-
To configure an RSA Data Security, Inc. MD5 Message-Digest
Algorithm key as trusted or not trusted, use the following command:
configure ntp key keyid [trusted | not-trusted]
-
To display RSA Data Security, Inc. MD5 Message-Digest
Algorithm authentication, use the following command:
show ntp key