05-03-2022 01:11 PM
Hello,
I am trying to configure NTP authentication between 3 switches. 2 are Nexus 3000s and one is a 9300 switch. Authentication is working fine between the 2 Nexus, but can't get the 9300 to authenticate. When running a debug NTP, I get bad_auth, so I figured the password was wrong.
Upon further investigation, it appears the hash algorithm on the 2 brands are different, yet are both configured to use md5 in the "ntp authentication-key 1 md5 <password>" command. The 9300 seems to be hashing the password correctly, while the 2 Nexus show 8 characters for the hash, with 4 of the characters being part of the password itself.
For example, if the clear test password is P@ssW0rd, the hash would come back with something like U@sHW0ns. In this case, even putting the same clear text passwords on both models, authentication will not take place. Is there something I have to do on the Nexus switches to enable full md5 hashing? An example of the configuration I am using is below...
Nexus:
ntp authenticate
ntp authentication-key 1 md5 <password>
ntp trusted-key 1
9300 Switch:
ntp authenticate
ntp authentication-key 1 md5 <password>
ntp server x.x.x.x key 1
ntp trusted-key 1
05-03-2022 01:19 PM - edited 05-03-2022 01:19 PM
This probably doesn't belong here. Better to post in the one of the dedicated switching communities.
05-04-2022 05:20 AM
Sorry, I don't post in here often. At the top it says I am in Cisco Community->Technology and Support->Networking->Switching. It that not where I want to be?
05-03-2022 03:36 PM - edited 05-03-2022 03:38 PM
N3K
ntp authentication-key 1 md5 <password>0 <- clear text
Cat 9000
ntp authentication-key 1 md5 <password>0 <- clear text
05-04-2022 05:17 AM
Thanks for the reply. I ran that exact command with 0 for clear text at the end on both of them, but it still hashes them and they still show as mismatched passwords when debugging.
05-04-2022 05:49 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide