Commands for managing symmetric authentication on NTP servers
Beginning in ONTAP 9.5, Network Time Protocol (NTP) version 3 is supported. NTPv3 includes symmetric authentication using SHA-1 keys which increases network security.
| To do this... | Use this command... |
|---|---|
| Configure an NTP server without symmetric authentication | cluster time-service ntp server create -server server_name |
| Configure an NTP server with symmetric authentication | cluster time-service ntp server create -server server_ip_address -key-id key_id |
| Enable symmetric authentication for an existing NTP server An existing NTP server can be modified to enable authentication by adding the required key-id. | cluster time-service ntp server modify -server server_name -key-id key_id |
| Configure a shared NTP key | cluster time-service ntp key create -id shared_key_id -type shared_key_type -value shared_key_value Note Shared keys are referred to by an ID. The ID, its type, and value must be identical on both the node and the NTP server |
| Configure an NTP server with an unknown key ID | cluster time-service ntp server create -server server_name -key-id key_id |
| Configure a server with a key ID not configured on the NTP server. | cluster time-service ntp server create -server server_name -key-id key_id Note The key ID, type, and value must be identical to the key ID, type, and value configured on the NTP server. |
| Disable symmetric authentication | cluster time-service ntp server modify -server server_name -authentication disabled |
Give documentation feedback