nxos_ntp_auth - Manages NTP authentication.

New in version 2.2.


  • Manages NTP authentication.


parameter required default choices comments
no text
  • text
  • encrypt
Whether the given md5string is in cleartext or has been encrypted. If in cleartext, the device will encrypt it before storing it.
  • on
  • off
Turns NTP authentication on or off.
Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.
Authentication key identifier (numeric).
MD5 String.
Specifies the password to use to authenticate the connection to the remote device. This is a common argument used for either cli or nxapi transports. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_PASSWORD will be used instead.
no 0 (use common port)
Specifies the port to use when building the connection to the remote device. This value applies to either cli or nxapi. The port value will default to the appropriate transport common port if none is provided in the task. (cli=22, http=80, https=443).
Convenience method that allows all nxos arguments to be passed as a dict object. All constraints (required, choices, etc) must be met either by individual arguments or values in this dict.
Specifies the SSH key to use to authenticate the connection to the remote device. This argument is only used for the cli transport. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_SSH_KEYFILE will be used instead.
no present
  • present
  • absent
Manage the state of the resource.
(added in 2.3)
no 10
Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error. NX-API can be slow to return on long-running commands (sh mac, sh bgp, etc).
yes cli
Configures the transport connection to use when connecting to the remote device. The transport argument supports connectivity to the device over cli (ssh) or nxapi.
  • true
  • false
Whether the given key is required to be supplied by a time source for the device to synchronize to the time source.
  • yes
  • no
Configures the transport to use SSL if set to true only when the transport=nxapi, otherwise this value is ignored.
Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate either the CLI login or the nxapi authentication depending on which transport is used. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_USERNAME will be used instead.
  • yes
  • no
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. If the transport argument is not nxapi, this value is ignored.


# Basic NTP authentication configuration
- nxos_ntp_auth:
    key_id: 32
    md5string: hello
    auth_type: text
    host: "{{ inventory_hostname }}"
    username: "{{ un }}"
    password: "{{ pwd }}"

Return Values

Common return values are documented here Return Values, the following are the fields unique to this module:

name description returned type sample
state state as sent in from the playbook always string present
updates command sent to the device always list ['ntp authentication-key 32 md5 helloWorld 0', 'ntp trusted-key 32']
proposed k/v pairs of parameters passed into module always dict {'auth_type': 'text', 'key_id': '32', 'authentication': 'off', 'trusted_key': 'true', 'md5string': 'helloWorld'}
end_state k/v pairs of ntp authentication after module execution always dict {'key_id': '32', 'authentication': 'off', 'trusted_key': 'true', 'md5string': 'kapqgWjwdg'}
changed check to see if a change was made on the device always boolean True
existing ['k/v pairs of existing ntp authentication'] always dict {'authentication': 'off', 'trusted_key': 'false'}



  • If state=absent, the module will attempt to remove the given key configuration. If a matching key configuration isn’t found on the device, the module will fail.
  • If state=absent and authentication=on, authentication will be turned off.
  • If state=absent and authentication=off, authentication will be turned on.


This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.


This module is community maintained without core committer oversight.

For more information on what this means please read Module Support

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.