Using Authentication - Alcatel-Lucent OmniSwitch AOS Release 7 Manual

Switch management guide

Hide thumbs Also See for OmniSwitch AOS Release 7:

Manual (720 pages)

Manual (30 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

page of 204

/ 204
Contents
Table of Contents
Bookmarks

Table of Contents

Configuring NTP

Using Authentication

Authentication is used to encrypt the NTP messages sent between the client and server. The NTP server

and the NTP client must both have a text file containing the public and secret keys. (This file should be

obtained from the server administrator. For more information on the authentication file, see

tion" on page

10-8.)

Once both the client and server share a common MD5 encryption key, the MD5 key identification for the

NTP server must be specified on and labeled as trusted on the client side.

The Omniswitch will use MD5 authentication. Key files reside in /flash/network/ntp.keys.

In order to generate a key file, access to a Solaris/Unix environment is required. Also required is the ntp-

keygen utility in Unix to generate the key file.

Setting the Key ID for the NTP Server

Enabling authentication requires the following steps:

Make sure the key file is located in the /networking directory of the switch. This file must contain the

key for the server that provides the switch with its timestamp information.

Make sure the key file with the NTP server's MD5 key is loaded into the switch memory by issuing the

ntp key load

command, as shown:

-> ntp key load

Set the server authentication key identification number using the

keyword. This key identification number must be the one the server uses for MD5 encryption. For exam-

ple, to specify key identification number 2 for an NTP server with an IP address of 1.1.1.1, enter:

-> ntp server 1.1.1.1 key 2

Specify the key identification set above as trusted. A key that has been labeled as trusted is ready for

use in the authentication process. To set a key identification to be trusted, enter the

the key identification number and trusted keyword. For example, to set key ID 5 to trusted status, enter

the following:

-> ntp key 5 trusted

Untrusted keys, even if they are in the switch memory and match an NTP server, will not authenticate

NTP messages.

A key can be set to untrusted status by using the

example, to set key ID 5 to untrusted status, enter the following:

-> ntp key 5 untrusted

page 10-12

ntp key

command with the untrusted keyword. For

OmniSwitch AOS Release 7 Switch Management Guide

Configuring Network Time Protocol (NTP)

"Authentica-

ntp server

command with the key

ntp key

command with

March 2011

Table of Contents

This manual is also suitable for:

Omniswitch aos 7

Using Authentication - Alcatel-Lucent OmniSwitch AOS Release 7 Manual

Using Authentication

Related Manuals for Alcatel-Lucent OmniSwitch AOS Release 7

Related Content for Alcatel-Lucent OmniSwitch AOS Release 7

This manual is also suitable for:

Table of Contents