1-11To do… Use the command… RemarksEnter system view system-view —Configure the NTP serviceaccess-control right to the localswitch for peer devicesntp-service access { peer |server | synchronization | query }acl-numberOptionalpeer by defaultThe access-control right mechanism provides only a minimum degree of security protection for the localswitch. A more secure method is identity authentication.Configuring NTP AuthenticationIn networks with higher security requirements, the NTP authentication function must be enabled to runNTP. Through password authentication on the client and the server, the clock of the client issynchronized only to that of the server that passes the authentication. This improves network security.Table 1-2 shows the roles of devices in the NTP authentication function.Table 1-2 Description on the roles of devices in NTP authentication functionRole of device Working modeClient in the server/client modeClient in the broadcast modeClient in the multicast modeClientSymmetric-active peer in the symmetric peer modeServer in the server/client modeServer in the broadcast modeServer in the multicast modeServerSymmetric-passive peer in the symmetric peer modeConfiguration PrerequisitesNTP authentication configuration involves:z Configuring NTP authentication on the clientz Configuring NTP authentication on the serverObserve the following principles when configuring NTP authentication:z If the NTP authentication function is not enabled on the client, the clock of the client can besynchronized to a server no matter whether the NTP authentication function is enabled on theserver (assuming that other related configurations are properly performed).z For the NTP authentication function to take effect, a trusted key needs to be configured on both theclient and server after the NTP authentication is enabled on them.