Configuring Area Authentication

Procedure

1. Run system-view

   The system view is displayed.

2. Run ospf [ process-id ]

   The OSPF process view is displayed.

3. Run area area-id

   The OSPF area view is displayed.

4. Run any of the following commands to configure the authentication mode for the OSPF area as required:

   • Run authentication-mode simple [ plain plain-text | [ cipher ] cipher-text ]

     Simple authentication is configured for the OSPF area.

     • plain indicates the plain-text password.
     • cipher indicates the cipher-text password. For MD5, HMAC-MD5 or HMAC-SHA256 authentication, ciphertext passwords are used by default.

     When configuring an authentication password, select the ciphertext mode because the password is saved in configuration files in simpletext if you select simpletext mode, which has a high risk. To ensure device security, change the password periodically.

   • Run authentication-mode { md5 | hmac-md5 | hmac-sha256 } [ key-id { plain plain-text | [ cipher ] cipher-text } ]

     Cipher-text authentication is configured for the OSPF area.

     • md5 indicates the MD5 cipher-text authentication mode.
     • hmac-md5 indicates the HMAC-MD5 cipher-text authentication mode.
     • hmac-sha256 indicates the HMAC-SHA256 cipher-text authentication mode.
     

     For the sake of security, using the HMAC-SHA256 algorithm rather than the MD5 and HMAC-MD5 algorithm is recommended.

   • Run authentication-mode keychain Keychain-Name

     The Keychain authentication is configured for the OSPF area.

     

     Before using the Keychain authentication, you must run the keychain command to create a keychain. Then, run the key-id, key-string, and algorithm commands to configure a key ID, a password, and an authentication algorithm for this keychain. Otherwise, the OSPF authentication will fail.

5. Run commit

   The configuration is committed.