From: keith tokash (ktokash@hotmail.com)
Date: Sat May 17 2008 - 17:43:57 ART
Hi all, quick question. I keep seeing the "ntp trusted-key 1" command as a
requirement on the client for NTP authentication to work. However I didn't
apply it and my authentication is working just fine.
SERVER
R6(config)#do sh run | i ntp
ntp authentication-key 666 md5 1531223F2705 7
ntp master 5
CLIENT
R3(config)#do sh run | i ntp
ntp authentication-key 666 md5 0802657D2A36 7
ntp server 6.6.6.6 key 666
R3#sh ntp st
Clock is synchronized, stratum 6, reference is 6.6.6.6
R3#sh ntp a d
6.6.6.6 configured, authenticated, our_master, sane, valid, stratum 5
As you can see, R3 is showing R6 as an *authenticated* time source. What am I
missing here? Did the IOS behavior change or is there some nuance that I'm
glossing over? I searched the archives, checked two vendors' answers, checked
the DocCD, and found the config in Doyle. They all list that command as
required, but ... I'm confused.
With a few exceptions, secrecy is deeply incompatible with democracy and with
science.
--Carl Sagan
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:17 ART