beautypg.com

Change the control message authentication key id, Add one or more key id's to the trusted list, Display the trusted key id list – Alcatel Carrier Internetworking Solutions Omni Switch/Router User Manual

Page 315

background image

NTP Access Control Menu

Page 12-37

Change the Control Message Authentication Key ID

There are two types of messages an

NTP

entity can send to another

NTP

entity: request and

control. Control messages attempt to change the configuration of the

NTP

entity in some fash-

ion. It is possible to change the authentication key identifier for control messages sent from
the switch to another

NTP

entity.

To change the authentication key

ID

, enter the

ntpctlk

command as shown:

ntpctlk

where

is the new key

ID

. Press

, and a brief message is displayed confirming

the operation.

Note

The authentication key

ID

must match in both the

switch sending the message, and the switch receiving
the message.

Add One or More Key ID's to the Trusted List

The trusted list in the key file is a list of all keys that are considered authentic and uncompro-
mised. Messages from an

NTP

entity using one of these keys are accepted and acted upon. It

is possible to add a key to the trusted list.

To add a key

ID

to the trust list in the key file, enter the

ntpckey

command as shown:

ntpckey

where

is the new key

ID

to be added to the trusted list. For example, to add key

ID

5

to the trusted list, enter the following:

ntpckey 5

A brief message is displayed confirming the operation.

Note

Adding a key

ID

using the

ntpckey

command adds the

key to the working version of the key file in the
switch’s

RAM

. If you reset the switch or re-initialize

NTP

, the added key is lost.

Display the Trusted Key ID List

The trusted list in the key file is a list of all keys that are considered authentic and uncompro-
mised. Messages from an

NTP

entity using one of these keys are accepted and acted upon.

To display a list of the trusted keys for this

NTP

client or server, enter the

ntpvkey

command at

the system prompt. A list of the key numbers accepted by this client or server is displayed.
For more information on authentication, see NTP and Authentication on page 12-4.

See also other documents in the category Alcatel Carrier Internetworking Solutions Hardware: