Configuring NTP authentication in client/server mode
Follow these instructions to configure NTP authentication in client/server mode:
A client can synchronize to the server only when you configure all the required tasks on both the client and server.
On the client, if NTP authentication is not enabled or no key is specified to associate with the NTP server, the client is not authenticated. No matter whether NTP authentication is enabled or not on the server, the clock synchronization between the server and client can be performed.
On the client, if NTP authentication is enabled and a key is specified to associate with the NTP server, but the key is not a trusted key, the client does not synchronize to the server no matter whether NTP authentication is enabled or not on the server.
Configuring NTP authentication for client
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable NTP authentication. | ntp-service authentication enable | By default, NTP authentication is disabled. |
3. Configure an NTP authentication key. | ntp-service authentication-keyid keyid authentication-mode md5 [ cipher | simple ] value | By default, no NTP authentication key is configured. Configure the same authentication key on the client and server. |
4. Configure the key as a trusted key. | ntp-service reliable authentication-keyid keyid | By default, the authentication key is not configured as a trusted key. |
5. Associate the specified key with an NTP server. | ntp-service unicast-server { ip-address | server-name } authentication-keyid keyid | You can associate a non-existing key with an NTP server. To make NTP authentication effective, you must configure the key as an authentication key and specify it as a trusted key after associating the key with the NTP server. |
Configuring NTP authentication for a server
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable NTP authentication. | ntp-service authentication enable | By default, NTP authentication is disabled. |
3. Configure an NTP authentication key. | ntp-service authentication-keyid keyid authentication-mode md5 [ cipher | simple ] value | By default, no NTP authentication key is configured. Configure the same authentication key on the client and server. |
4. Configure the key as a trusted key. | ntp-service reliable authentication-keyid keyid | By default, the authentication key is not configured as a trusted key. |