Keychains, Key Rotation, and HMAC-SHA Keys for OSPF Authentication - Practical OSPF Lesson 21

Explore key rotation and keychains in OSPF authentication through this comprehensive video tutorial. Learn how routers can change authentication keys without disrupting neighbor adjacencies, and discover the implementation of more secure hashing algorithms like hmac-sha. Dive into practical demonstrations using GNS3, covering key rollover processes, wire-level changes during rollover, and the advantages of SHA and HMAC over MD5. Gain hands-on experience with keychain configurations, including backwards compatibility with MD5 and implementation of hmac-sha. Master date-based key rollover techniques and understand the key takeaways for effective OSPF authentication management.

- Intro
- Key Rotation using Key IDs
- GNS3 Topology Introduction
- Key Rotation Demo -- Key Rollover in progress
- What happens on the wire during Key Rollover?
- MD5 sucks - What is SHA? What is HMAC?
- What are Key Chains?
- Keychain Demo - backwards compatible using MD5
- Keychain Demo - hmac-sha
- Date Based Key Rollover with Keychains
- Keychain Key Rollover Configuration Example
- Keychain Key Rotation Demo
- Keychain Rollover final thoughts
- Main Takeaways