Configuration files and the include-credentials
command
You can use the include-credentials
command to store security information in the running-config file.
This allows you to upload the file to a TFTP server and then later
download the file to the switches on which you want to use the same
settings.
The authentication key values are shown in the
output of the show running-config
and show config
commands only if the include-credentials
command was executed.
When SNTP authentication is configured and include-credentials
has not been executed, the SNTP authentication
configuration is not saved.
The following example shows an enabled SNTP authentication with a key-id of 55.
Configuration file with SNTP authentication information
switch(config) # show config Startup configuration: timesync sntp sntp broadcast sntp 50 sntp authentication sntp server priority 1 10.10.10.2.3 key-id 55 sntp server priority 2 fe80::200:24ff:fec8:4ca8 4 key-id 55
In this example, the include-credentials
command has not been executed and is not present in the configuration
file. The configuration file is subsequently saved to a TFTP server
for later use. The SNTP authentication information is not saved and
is not present in the retrieved configuration files, as shown in the
following example.
Retrieved configuration file when include credentials is not configured
switch(config) # copy tftp startup-config 10.2.3.44 config1 Switch reboots ... Startup configuration timesync sntp sntp broadcast sntp 50 sntp server priority 1 10.10.10.2.3 sntp server priority 2 fe80::200:24ff:fec8:4ca8 4
The SNTP authentication line and the Key-ids are not displayed. Reconfigure SNTP authentication.
If include-credentials
is
configured, the SNTP authentication configuration is saved in the
configuration file. When the show config
command
is entered, all of the information that has been configured for SNTP
authentication displays, including the key-values.