7-5
Catalyst 2928 Switch Software Configuration Guide
OL-23389-01
Chapter 7 Administering the Switch
Managing the System Time and Date
To disable NTP authentication, use the
no ntp authenticate
global configuration command. To remove
an authentication key, use the
no ntp authentication-key
number
global configuration command. To
disable authentication of the identity of a device, use the
no ntp trusted-key
key-number
global
configuration command.
This example shows how to configure the switch to synchronize only to devices providing authentication
key 42 in the device’s NTP packets:
Switch(config)#
ntp authenticate
Switch(config)#
ntp authentication-key 42 md5 aNiceKey
Switch(config)#
ntp trusted-key 42
Configuring NTP Associations
An NTP association can be a peer association (this switch can either synchronize to the other device or
allow the other device to synchronize to it), or it can be a server association (meaning that only this
switch synchronizes to the other device, and not the other way around).
Step 3
ntp authentication-key
number
md5
value
Define the authentication keys. By default, none are defined.
•
For
number
, specify a key number. The range is 1 to
4294967295.
•
md5
specifies that message authentication support is provided
by using the message digest algorithm 5 (MD5).
•
For
value
, enter an arbitrary string of up to eight characters for
the key.
The switch does not synchronize to a device unless both have one
of these authentication keys, and the key number is specified by the
ntp trusted-key
key-number
command.
Step 4
ntp trusted-key
key-number
Specify one or more key numbers (defined in Step 3) that a peer
NTP device must provide in its NTP packets for this switch to
synchronize to it.
By default, no trusted keys are defined.
For
key-number
, specify the key defined in Step 3.
This command provides protection against accidentally
synchronizing the switch to a device that is not trusted.
Step 5
end
Return to privileged EXEC mode.
Step 6
show running-config
Verify your entries.
Step 7
copy running-config startup-config
(Optional) Save your entries in the configuration file.
Command
Purpose