NTP supports an authentication mechanism to provide some security and access control to servers and clients. The default behavior when any authentication keys are configured is to reject all NTP protocol PDUs that have a mismatch in either the authentication key ID, type, or key. The authentication-check command provides for the options to skip or maintain this rejection of NTP PDUs that do not match the authentication requirements.
When authentication-check is configured, NTP PDUs are authenticated on receipt. However, mismatches cause a counter to be increased, one counter for key ID, one for type, and one for key value mismatches. The following example enables authentication-check:
[ex:/configure system time ntp]
A:admin@node-2# info
admin-state enable
authentication-check trueconfig>system>time>ntp# info
----------------------------------------------
authentication-check
no shutdown
----------------------------------------------