Re: NTP Trusted Key

From: Gregory Gombas (ggombas@gmail.com)
Date: Wed Nov 14 2007 - 13:37:08 ART

• Next message: George Goglidze: "Re: ipexpert lab 30"
• Previous message: Jeffrey Biggs: "RE: NTP Trusted Key"
• Maybe in reply to: Gregory Gombas: "NTP Trusted Key"
• Next in thread: dara tomar: "Re: NTP Trusted Key"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks, I think I have a better understanding now...I guess if you
have keys lying around that are inactive you can remove them from
trusted status. But I'm wondering why there is no analogy to other
authentication methods:

ip rip authentication mode md5
ip rip authenticaion key-chain 1
ip rip trusted-key 1 <-no such thing

or
router bgp 200
neighbor 1.1.1.1 password CISCO
bgp trusted password CISCO <-no such thing

See my point?

On Nov 14, 2007 11:28 AM, Gary Duncanson <gary.duncanson@googlemail.com> wrote:
> 1.. Enable NTP authentication with the ntp authenticate command.
>
> 2.. Define an NTP authentication key with the ntp authentication-key
> command. A unique number identifies each NTP key. This number is the first
> argument to the ntp authentication-key command.
>
> 3.. Use the ntp trusted-key command to tell the router which keys are
> valid for authentication. The ntp trusted-key command's only argument is the
> number of the key defined in the previous step
> If your external NTP servers require authentication, you need to configure
> your router to use authentication when contacting those servers. To do this,
> perform the same steps listed previously to add an NTP authentication key;
> then use the ntp server command with the key argument to tell the router
> what key to use when authenticating with the NTP server:
>
>
>
> HTH
>
> Gary
>
>
>
> ----- Original Message -----
> From: "Gregory Gombas" <ggombas@gmail.com>
> To: "Cisco certification" <ccielab@groupstudy.com>
> Sent: Wednesday, November 14, 2007 3:33 PM
> Subject: NTP Trusted Key
>
>
> > Can someone please explain what the trusted key is for? It seems like
> > a redundant command:
> >
> > Server:
> > R1(config)#ntp master 1
> > R1(config)#ntp authentication-key 1 md5 CISCO
> >
> > Client:
> > R2(config)#ntp authenticate <-- enables authentication of the server
> > R2(config)#ntp authentication-key 1 md5 CISCO <-- Defines a key
> > R2(config)#ntp trusted-key 1 <-- What the hell does this do?
> > R2(config)#ntp server 12.0.0.1 key 1 <-- Binds the key to the server
> >
> > Thanks,
> > Greg
> >
>
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html

• Next message: George Goglidze: "Re: ipexpert lab 30"
• Previous message: Jeffrey Biggs: "RE: NTP Trusted Key"
• Maybe in reply to: Gregory Gombas: "NTP Trusted Key"
• Next in thread: dara tomar: "Re: NTP Trusted Key"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:29 ART