Hey all,

I released a 3-part mini-series on OSPF Authentication:

Simple Password Authentication

Hash Based Authentication

Keychains / Key Rotation / hmac-sha keys

These are lessons 19, 20, and 21 from my Practical OSPF series:

Below is a list of what is covered within each video, as well as the timestamps so you can jump directly to each section.

Simple Password Authentication

• 00:00 - Intro / Background
• 00:39 - Three options for OSPF Authentication
• 01:25 - Simple Password Authentication Illustration
• 02:20 - Configuring OSPF Authentication with Simple Passwords
• 03:16 - GNS3 Topology Intro
• 03:51 - Wireshark to Capture OSPF packets
• 04:46 - ip ospf authentication-key {password}
• 05:43 - area # authentication
• 06:50 - show commands to verify OSPF authentication
• 08:17 - Configuring Simple Password Authentication on R2
• 08:41 - ip ospf authentication
• 09:11 - Verifying OSPF authentication
• 10:12 - OSPF Password appears on ALL packets
• 10:53 - Key Takeaways

Hash Based Authentication

• 00:00 - Intro
• 00:50 - What is a Hash? What are Hashing Algorithms?
• 02:30 - OSPF Hash Based Authentication Explained
• 05:43 - Configuring OSPF Hash Based Authentication
• 07:05 - OSPF Authentication Demo - Topology Intro
• 08:09 - Packet Capturing using GNS3 and Wireshark
• 08:46 - ip ospf message-digest-key {KeyID} md5 {password}
• 09:42 - ip ospf authentication message-digest
• 10:25 - Wireshark capture of a Cryptographically Hashed OSPF Packet
• 11:36 - Verifying Hash Based authentication with Show Commands
• 12:48 - Key ID 0 - OSPF-4-NOVALIDKEY: No valid authentication send key
• 15:54 - Does Key ID have to Match with OSPF Authentication?
• 18:30 - Couple more thoughts on the ip ospf message-digest-key command
• 18:57 - What is the purpose of the Key ID? -- Key Rotation
• 19:54 - OSPF Authentication MD5 vs SHA / HMAC -- Key Chains
• 20:46 - Key Takeaways
  

Keychains / Key Rotation / hmac-sha keys

• 00:00 - Intro
• 01:33 - Key Rotation using Key IDs
• 02:42 - GNS3 Topology Introduction
• 03:37 - Key Rotation Demo -- Key Rollover in progress
• 10:06 - What happens on the wire during Key Rollover?
• 13:14 - MD5 sucks - What is SHA? What is HMAC?
• 14:44 - What are Key Chains?
• 16:02 - Keychain Demo - backwards compatible using MD5
• 20:02 - Keychain Demo - hmac-sha
• 24:06 - Date Based Key Rollover with Keychains
• 25:12 - Keychain Key Rollover Configuration Example
• 26:38 - Keychain Key Rotation Demo
• 29:59 - Keychain Rollover final thoughts
• 31:17 - Main Takeaways