How do these NTP authentication commands differ from one another?

A typical Authenticated NTP configuration looks like this:

NTP Server

R1(config)# ntp master
R1(config)# ntp authentication-key 22 md5 SECRET-NTP-KEY

NTP Client:

R2(config)# ntp authenticate
R2(config)# ntp authentication-key 22 md5 SECRET-NTP-KEY
R2(config)# ntp trusted-key 22
R2(config)# ntp server 12.0.0.1 key 22

I'm confused about the individual purposes of each command in the Client configuration.

What does ntp authenticate do different from ntp trusted-key 22? In what cases would I have one command applied but not the other?

I understand ntp authenticate turns on NTP authentication, and ntp authentcation-key ## ... configures a specific authentication key. Then ntp server x.x.x.x key ## associates a particular key to a particular NTP Server. But why would it be necessary to then add an additional command to indicate you trust a particular authentication key (ntp trusted-key ...)?

Wouldn't simply having the key configured be sufficient to indicate that it is trusted?

Leave Your Comment

Leave a Reply

%d bloggers like this: