cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
25294
Views
48
Helpful
32
Replies

NTP Encryption

james.tribble
Level 1
Level 1

Is Cisco going to provide SHA1 encryption to the NTP authentication parameter?  This is now required in the DOD realm. 

32 Replies 32

dryden333
Level 1
Level 1

I also work for DoD. We had a network penetration team test our network. They were able to decipher our NTP keys stored hash. NTP keys are stored with a type 7 algorithm which is MD5. The stored keys needs to be a type 6, 8 or 9 hash which is SHA2 or AES. I have been unable to find solution to change to type 6, 8 or 9 hash. I have been able to update all other passwords and shared keys hashes in the configuration to type 6, 8 or 9. It just the NTP keys I do not have a solution.

JJM79
Level 1
Level 1

 Is there a repository or an area where we can go to see what options are available on different 17.x.x IOS's? I'm just looking for an easier way to see when the 512 hashing option will be available without having to actually install one or several other IOS's just to see if what's available under the NTP options. We are also hitting a "STIG" wall with this. Thanks in advance.

Try the Cisco Feature Navigator: https://cfnng.cisco.com/

 

Review Cisco Networking for a $25 gift card