key (RADIUS scheme view)

Use key to set the shared key for secure RADIUS authentication or accounting communication.

Use undo key to delete the shared key for secure RADIUS authentication or accounting communication.

Syntax

key { accounting | authentication } { cipher | simple } string

undo key { accounting | authentication }

Default

No shared key is configured for secure RADIUS authentication or accounting communication.

Views

RADIUS scheme view

Predefined user roles

network-admin

mdc-admin

Parameters

accounting: Specifies the shared key for secure RADIUS accounting communication.

authentication: Specifies the shared key for secure RADIUS authentication communication.

cipher: Specifies the key in encrypted form.

simple: Specifies the key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key. This argument is case sensitive.

• In non-FIPS mode, the encrypted form of the key is a string of 1 to 117 characters. The plaintext form of the key is a string of 1 to 64 characters.

• In FIPS mode, the encrypted form of the key is a string of 15 to 117 characters. The plaintext form of the key is a string of 15 to 64 characters. The plaintext string must contain digits, uppercase letters, lowercase letters, and special characters.

Usage guidelines

The shared keys configured by using this command apply to all servers in the scheme. Make sure the settings match the shared keys configured on the RADIUS servers.

The shared keys specified for specific RADIUS servers take precedence over the shared key specified with this command.

Examples

# In RADIUS scheme radius1, set the shared key to ok in plaintext form for secure accounting communication.

<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] key accounting simple ok

Related commands

display radius scheme