rip authentication-mode
Function
The rip authentication-mode command sets the RIP-2 authentication mode and parameters. Only one authentication password is used for each authentication. If multiple authentication passwords are configured, only the latest one takes effect.
The undo rip authentication-mode command cancels authentication.
By default, no authentication password is configured.
Format
rip authentication-mode simple { plain plain-text | [ cipher ] password-key }
rip authentication-mode keychain keychain-name
rip authentication-mode md5 usual { plain plain-text | [ cipher ] password-key }
rip authentication-mode md5 nonstandard { keychain keychain-name | { plain plain-text | [ cipher ] password-key } key-id }
rip authentication-mode hmac-sha256 { plain plain-text | [ cipher ] password-key } key-id
undo rip authentication-mode
Parameters
| Parameter | Description | Value |
|---|---|---|
| simple | Specifies the simple authentication mode. | - |
| md5 | Set the authentication mode to MD5 cipher text. | - |
| usual | Configures MD5 cipher text authentication packets use the universal format (private standard). | - |
| nonstandard | Configures MD5 cipher text authentication packets use non-standard packet format (IETF standard). | - |
| plain | You can only type in the plain text, and it displays as plain text when the configuration file is viewed. NOTICE:
If plain is selected, the password is saved in the configuration file in plain text. This brings security risks. It is recommended that you select cipher to save the password in cipher text. |
- |
| plain-text | Specifies the authentication password that is displayed in plain text. | The value is a character string consisting of case-sensitive letters and numerals without spaces. When authentication mode is simple or md5 usual, the password consists of 1-16 characters. When authentication mode is md5 nonstandard or hmac-sha256, the password consists of 1-255 characters. |
| cipher | You can type in the plain text or the cipher text, and it is displayed as the cipher text when the configuration file is viewed. | - |
| password-key | Specifies the authentication password that is displayed in cipher text. | The value is a character string consisting of case-sensitive letters and numerals without spaces. When authentication mode is simple or md5 usual, the password is in plain text (1-16 characters) or in cipher text (24 or 32 characters). When authentication mode is md5 nonstandard or hmac-sha256, the password is in plain text (1-255 characters) or in cipher text (20-392 characters). |
| keychain keychain-name | Specifies the keychain authentication mode. | The value is a string of 1 to 47 case-insensitive characters without spaces. |
| key-id | Specifies the key in MD5 or cipher text authentication mode. | The value is an integer that ranges from 1 to 255. |
| hmac-sha256 | Indicates Keyed-Hash Message Authentication Code (HMAC) for Secure Hash Algorithm 256 (SHA256) | - |
Usage Guidelines
The authentication password does not contain spaces.
The keychain authentication improves security for UDP connections. You must configure keychain authentication on both ends of a link. Encryption algorithms and passwords configured on both ends must be the same; otherwise, the UDP connection cannot be set up and RIP messages cannot be transmitted.
