Configuring ntp authentication for a server – H3C Technologies H3C S5120 Series Switches User Manual

1-15

To do…

Use the command…

Remarks

Client/server mode:

ntp-service unicast-server
{ ip-address | server-name }
authentication-keyid keyid

Associate the specified key
with an NTP server

Symmetric peers mode:

ntp-service unicast-peer
{ ip-address | peer-name }
authentication-keyid keyid

Required

You can associate a
non-existing key with an NTP
server. To enable NTP
authentication, you must
configure the key and specify it
as a trusted key after
associating the key with the
NTP server.

After you enable the NTP authentication feature for the client, make sure that you configure for the client

an authentication key that is the same as on the server and specify that the authentication key is trusted;

otherwise, the client cannot be synchronized to the server.

Configuring NTP authentication for a server

Follow these steps to configure NTP authentication for a server:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enable NTP authentication

ntp-service authentication
enable

Required

Disabled by default

Configure an NTP
authentication key

ntp-service
authentication-keyid keyid
authentication-mode md5
value

Required

No NTP authentication key by
default

Configure the key as a trusted
key

ntp-service reliable
authentication-keyid keyid

Required

No authentication key is
configured to be trusted by
default.

Enter interface view

interface interface-type
interface-number

—

Broadcast server mode:

ntp-service broadcast-server
authentication-keyid keyid

Associate the specified key
with an NTP server

Multicast server mode:

ntp-service multicast-server
authentication-keyid keyid

Required

You can associate a
non-existing key with an NTP
server. To enable NTP
authentication, you must
configure the key and specify it
as a trusted key after
associating the key with the
NTP server.