Configuring a key-id as trusted

Trusted keys are used during the authentication process. You can configure the switch with up to eight sets of key-id/key-value pairs. Select one, specific set for authentication; this is done by configuring the set as trusted. The key-id itself must already be configured on the switch. To enable authentication, at least one key-id must be configured as trusted.

• Trusted keys are used in SNTP authentication.

• If the packet contains key-id value information that is not configured on the SNTP client switch, or if the received packet contains no authentication information, it is discarded. The SNTP client switch expects packets to be authenticated if SNTP authentication is enabled.

• When authentication succeeds, the time in the packet is used to update the time on the switch.

• In unicast mode: The trusted key is associated with a specific NTP/SNTP server, and configured on the switch so that the SNTP client communicates with the server to get the date and time. The key is used for authenticating the SNTP packet.

• In : The SNTP client switch checks the size of the received packet to determine if it is authenticated. If the broadcast packet is authenticated, the key-id value is checked to see if the same key-id value is configured on the SNTP client switch. If the switch is configured with the same key-id value, and the key-id value is configured as "trusted," the authentication succeeds. Only trusted key-id value information is used for SNTP authentication.