Showing results for 
Search instead for 
Did you mean: 

Cisco ISE NTP MD5 hash is 20-Bytes?


When attempting to configure an NTP authentication-key in the Cisco ISE CLI I noticed that it will not accept an md5 hash of 32 characters (16 bytes). Instead it is expecting a 40 character (20 bytes) hash. That is in line with a SHA-1 hash, not an MD5 hash even though there is no SHA-1 keyword, only an MD5 keyword.

What's the deal?

Cisco ISE Version: (Update 3)

ise/user(config)# ntp authentication-key 75 ?
  md5  MD5 authentication

ise/user(config)# ntp authentication-key 75 md5 hash ?
  <WORD>  Hashed key for authentication (Max Size - 40)

ise/user(config)# ntp authentication-key 75 md5 hash 12345678901234567890123456789012
% ERROR: Bad hashed key.

ise/user(config)# ntp authentication-key 75 md5 plain test
ise/user(config)# do show run | i md5
ntp authentication-key 75 md5 hash 97dc37c94236ec1b4c56871c2e482cbd6f56bd33

That's not an MD5 hash as it's 40 characters long (20 bytes).

1 Reply 1

Cisco Employee
Cisco Employee

Hmm, that is an interesting observation. I am guessing that it is a typo and should be "sha-1" because 40 characters is definitely not MD5 :)

I would suggest you open a case with Cisco TAC and report this. If you get a bug ID or a different answer please let us know. 


Thank you for rating helpful posts!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers