No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


CLI-based Configuration Guide - IP Unicast Routing

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R009

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the Area Authentication Mode

Configuring the Area Authentication Mode


In area authentication, all the routers in an area must use the same area authentication mode and password. For example, the authentication mode of all devices in Area 0 is simple authentication and the password is abc.

If plain is selected during the configuration of the area authentication mode, the password is saved in the configuration file in plain text. This saving mode brings security risks. It is recommended that you select cipher to save the password in cipher text.

Simple, MD5 authentication, and HMAC-MD5 cipher text authentication have potential security risks. HMAC-SHA256 cipher text authentication is recommended.


  1. Run system-view

    The system view is displayed.

  2. Run ospf [ process-id ]

    The OSPF process view is displayed.

  3. Run area area-id

    The OSPF area view is displayed.

  4. Run any of the following commands to configure the authentication mode of the OSPF area as required:

    • Run authentication-mode simple [ plain plain-text | [ cipher ] cipher-text ]

      Simple authentication is configured for the OSPF area.

      • plain indicates the plain text password.
      • cipher indicates the cipher text password. For Message Digest 5 (MD5) or Hashed Message Authentication Code-MD5 (HMAC-MD5) authentication, the authentication mode is in cipher text by default.
    • Run authentication-mode { md5 | hmac-md5 | hmac-sha256 } [ key-id { plain plain-text | [ cipher ] cipher-text } ]

      The specified authentication mode is configured for the OSPF area.

      • md5 indicates the MD5 cipher text authentication mode.

      • hmac-md5 indicates the HMAC-MD5 cipher text authentication mode.
      • hmac-sha256 indicates the HMAC-SHA256 cipher text authentication mode.
      • key-id specifies the authentication key ID of the cipher authentication.
    • Run authentication-mode keychain keychain-name

      Keychain authentication is configured for the OSPF area.

      Before using Keychain authentication, you need to configure Keychain information in the system view. To establish the OSPF neighbor relationship, you need to ensure that the key-id, algorithm, and key-string of the local ActiveSendKey are the same as those of the remote ActiveRecvKey.

Updated: 2019-12-27

Document ID: EDOC1000174069

Views: 190659

Downloads: 318

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Previous Next