ntp-service authentication auto-key
Function
The ntp-service authentication auto-key command enables autokey authentication on the device.
The undo ntp-service authentication auto-key command cancels the autokey authentication.
By default, autokey authentication is not enabled.
Format
ntp-service authentication auto-key password cert-password
ntp-service authentication auto-key [ hostname cert-hostname | groupname cert-groupname | work-dir cert-dir-name ] *
undo ntp-service authentication auto-key [ password ]
Parameters
| Parameter | Description | Value |
|---|---|---|
hostname cert-hostname |
Specifies the name of the host certificate file. |
It is a string of 1 to 32 characters. |
password cert-password |
Specifies the password for host certificate file. The password is required to open the autokey files. |
It is a string and ranges as follows:
|
groupname cert-groupname |
Specifies the name of the group certificate file. |
It is a string of 1 to 32 characters. |
work-dir cert-dir-name |
Specifies the path of the directory where certificates are kept for autokey. |
- |
Usage Guidelines
To enable autokey protocol between peers, we must enable the autokey first by giving this command. After executing this command, system reads the appropriate keys and certificate files from the file system and keeps the system ready for autokey procedure. Autokey needs to be enabled for each peer separately. hostname, password and groupname can be configured. If host name is not specified the system host name is considered.
If a standby board is present, ensure that all the keys and certificate files present in the master board are also present on the standby board in the same path (default is hda1: ). Otherwise, it may result in autokey configuration loss.
If the hostname is not specified, the system name is used as the hostname.
Example
# Enable autokey and load the certificates.
<sysname> system-view
[sysname] ntp-service authentication auto-key hostname RTA groupname RTA work-dir flash:\
# Enable autokey and load the certificate password.
<sysname> system-view
[sysname] ntp-service authentication auto-key password Huawei-123