< Home

Configuring NTP Authentication

Context

In networks demanding higher security, the authentication function can be enabled when using the NTP protocol. Password authentication of both clients and servers ensures that a client only synchronizes with an authenticated device, improving the network security.

NTP authentication follows these rules:

  • NTP authentication must be enabled first; otherwise, authentication cannot be implemented.

  • NTP authentication needs to be configured on both the client and the server. Otherwise, NTP authentication does not take effect.

  • When NTP authentication is enabled, a trusted key is configured on the client.

  • Keys configured on the server and the client must be identical.

  • Devices attempting to synchronize their clocks must declare their keys as reliable or NTP authentication will fail.

In NTP symmetric peer mode, the symmetric active peer functions as a client and the symmetric passive peer functions as a server.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ntp-service authentication enable

    The NTP authentication function is enabled.

  3. Run ntp-service authentication-keyid key-id authentication-mode { md5 | hmac-sha256 } [ cipher ] password

    The NTP authentication key is configured.

  4. Run ntp-service reliable authentication-keyid key-id

    The reliable key is specified.

Follow-up Procedure

After NTP authentication configuration is complete, apply the NTP authentication key in Configuring NTP Operating Modes by specifying the authentication-keyid parameter.

Parent Topic: Configuring NTP Access Control
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >