authentication-mode (OSPFv3 view)

Function

The authentication-mode command configures an authentication mode and a password for an OSPFv3 process.

The undo authentication-mode command deletes the authentication mode and password configured for an OSPFv3 process.

By default, authentication is not configured for an OSPFv3 process. Configuring authentication is recommended to ensure system security.

Format

authentication-mode { hmac-sha256 | hmac-sm3 } key-id KeyId { plain PlainText | [ cipher ] CipherText }

undo authentication-mode { hmac-sha256 | hmac-sm3 } key-id KeyId

Parameters

Parameter Description Value
hmac-sha256

Configures HMAC-SHA256 authentication.

-
hmac-sm3

Sets the HMAC-SM3 authentication mode.

-
key-id KeyId

Specifies a key ID for authentication, which must be the same as the one configured at the other end.

The value is an integer ranging from 1 to 65535.
plain PlainText

Specifies simple authentication. You can only type in simple passwords, and the passwords are displayed in simple mode in the configuration file.

  • The new password is at least eight characters long and contains at least two of the following types: upper-case letters, lower-case letters, digits, and special characters.
  • For security purposes, you are advised to configure a password in ciphertext mode. To further improve device security, periodically change the password.

The value is a string of 1 to 255 characters.

A password cannot contain a question mark (?), but can contain spaces if surrounded by double quotation marks (""). In this case, the double quotation marks are part of the password.
cipher CipherText

Specifies the cipher authentication. You can type in simpletext or ciphertext passwords, and the passwords are displayed in ciphertext in the configuration file.

The value can be a string of 1 to 255 characters for a simpletext and 20 to 432 characters for a ciphertext.

A password cannot contain a question mark (?), but can contain spaces if surrounded by double quotation marks (""). In this case, the double quotation marks are part of the password.

Views

OSPFv3 view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
ospf write

Usage Guidelines

Usage Scenario

Due to inherent defects and flawed implementation of the TCP/IP protocol suite, there are an increasing number of attacks, which poses greater threats on TCP/IP networks than ever before. The attacks on network devices may lead to network failures. To configure an authentication mode and a password for an OSPFv3 process or area to improve OSPFv3 network security, run the authentication-mode command.

Precautions

To configure OSPFv3 interface authentication, run the ospfv3 authentication-mode command.

Example

# Configure HMAC-SHA256 authentication for OSPFv3 process 100.
<HUAWEI> system-view
[~HUAWEI] ospfv3 100
[*HUAWEI-ospfv3-100] authentication-mode hmac-sha256 key-id 10 cipher Huawei-13579
Parent Topic: OSPFv3 Configuration Command
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >