2.3.1.2 Set 'ntp authentication-key'

Information

Define an authentication key for Network Time Protocol (NTP).

Rationale:

Using an authentication key provides a higher degree of security as only authenticated NTP servers will be able to update time for the Cisco device.

Impact:

Organizations should establish three Network Time Protocol (NTP) hosts to set consistent time across the enterprise. Enabling the 'ntp authentication-key' command enforces encrypted authentication between NTP hosts.

Solution

Configure at the NTP key ring and encryption key using the following command

hostname(config)#ntp authentication-key {ntp_key_id} md5 {ntp_key_hash}

Default Value:

No authentication key is defined for NTP.

See Also

https://workbench.cisecurity.org/files/3829

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-7, 800-53|AU-8, CSCv7|6.1

Plugin: Cisco

Control ID: da38077b70b111fb50160f06c0f1d3c6071b2f405f6735aac070cb8d55dd557f