NTP Access Control Menu
Page 12-37

Change the Control Message Authentication Key ID

There are two types of messages an NTP entity can send to another NTP entity: request and
control. Control messages attempt to change the configuration of the NTP entity in some fash-
ion. It is possible to change the authentication key identifier for control messages sent from
the switch to another NTP entity.
To change the authentication key ID, enter the ntpctlk command as shown:
ntpctlk <value>
where <value> is the new key ID. Press <return>, and a brief message is displayed confirming
the operation.
Note
The authentication key ID must match in both the
switch sending the message, and the switch receiving
the message.

Add One or More Key ID's to the Trusted List

The trusted list in the key file is a list of all keys that are considered authentic and uncompro-
mised. Messages from an NTP entity using one of these keys are accepted and acted upon. It
is possible to add a key to the trusted list.
To add a key ID to the trust list in the key file, enter the ntpckey command as shown:
ntpckey <value>
where <value> is the new key ID to be added to the trusted list. For example, to add key ID 5
to the trusted list, enter the following:
ntpckey 5
A brief message is displayed confirming the operation.
Note
Adding a key ID using the ntpckey command adds the
key to the working version of the key file in the
switch’s RAM. If you reset the switch or re-initialize
NTP, the added key is lost.

Display the Trusted Key ID List

The trusted list in the key file is a list of all keys that are considered authentic and uncompro-
mised. Messages from an NTP entity using one of these keys are accepted and acted upon.
To display a list of the trusted keys for this NTP client or server, enter the ntpvkey command at
the system prompt. A list of the key numbers accepted by this client or server is displayed.
For more information on authentication, see NTP and Authentication on page 12-4.