Re: NTP authentication

From: Nick (seajay76@nate.com)
Date: Mon Jan 30 2006 - 03:09:42 GMT-3

• Next message: Jonathan Stevens: "Re: Passed on Thur 26th Jan"
• Previous message: Farrukh Haroon: "Re: Passed on Thur 26th Jan"
• Maybe in reply to: CCIEin2006: "NTP authentication"
• Next in thread: Nick: "Re: NTP authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi, there!

AFAIK, and AFAIT(tested)

1. What does ntp authenticate do? I'm guessing it enables authentication.
: Yes, it does.

2. What does ntp authentication-key do? I'm guessing it allows you to
specify a password.
: define(just define) keys.

3. What does ntp trusted key do? I have no clue what this does - isn't this
command redundant if you already have authentication-key?
: It designates which key the router will use to authenticate the "TIME INFORMATION" from the server.

4. When specifying an ntp server, what does specifying an ntp key do? If you
have the trusted key do you need to specify a key here?
For example:
ntp server 10.1.1.1 key 1 <--- Do you need to specify key here if you
already specified trusted key?
: This is used as the router authenticates the "NTP server" itself, not the "TIME INFO" from the server.

5. Are all of the above required for ntp authentication to work?

: Here is the working config.

Server : Servers don't authenticate clients.

    ntp master 3
    ntp authentication-key 1 md5 cisco

Client : Clients authenticate both the server and the time information from the server
    ntp authenticate
    ntp authentication-key 1 md5 cisco
    ntp trusted-key 1
    ntp server 1.1.1.1 key 1

6. What is the difference between ntp server and ntp peer?

: Quit not sure about this. Sorry..

HTH

P.S. I'll send you the test result personally.
     In fact, I already sent it via mailing list before.

Regards,
Nick

----- Original Message -----
From: "CCIEin2006" <ciscocciein2006@gmail.com>
To: "ccie lab" <ccielab@groupstudy.com>
Sent: Monday, January 30, 2006 11:17 AM
Subject: NTP authentication

> I'm asking too many questions, aren't I?
>
> I am trying to authenticate NTP to a router configured as NTP server. Could
> someone please answer the following questions?
>
> 1. What does ntp authenticate do? I'm guessing it enables authentication.
> 2. What does ntp authentication-key do? I'm guessing it allows you to
> specify a password.
> 3. What does ntp trusted key do? I have no clue what this does - isn't this
> command redundant if you already have authentication-key?
> 4. When specifying an ntp server, what does specifying an ntp key do? If you
> have the trusted key do you need to specify a key here?
> For example:
> ntp server 10.1.1.1 key 1 <--- Do you need to specify key here if you
> already specified trusted key?
> 5. Are all of the above required for ntp authentication to work?
> 6. What is the difference between ntp server and ntp peer?
>
> Thanks all.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Jonathan Stevens: "Re: Passed on Thur 26th Jan"
• Previous message: Farrukh Haroon: "Re: Passed on Thur 26th Jan"
• Maybe in reply to: CCIEin2006: "NTP authentication"
• Next in thread: Nick: "Re: NTP authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Feb 01 2006 - 07:45:50 GMT-3