key (HWTACACS scheme view)

Use key to set the shared key for secure HWTACACS authentication, authorization, or accounting communication.

Use undo key to delete the shared key for secure HWTACACS authentication, authorization, or accounting communication.

Syntax

key { accounting | authentication | authorization } { cipher | simple } string

undo key { accounting | authentication | authorization }

Default

No shared key is configured for secure HWTACACS authentication, authorization, or accounting communication.

Views

HWTACACS scheme view

Predefined user roles

network-admin

mdc-admin

Parameters

accounting: Specifies the shared key for secure HWTACACS accounting communication.

authentication: Specifies the shared key for secure HWTACACS authentication communication.

authorization: Specifies the shared key for secure HWTACACS authorization communication.

cipher: Specifies the key in encrypted form.

simple: Specifies the key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key. This argument is case sensitive.

• In non-FIPS mode, the encrypted form of the key is a string of 1 to 373 characters. The plaintext form of the key is a string of 1 to 255 characters.

• In FIPS mode, the encrypted form of the key is a string of 15 to 373 characters. The plaintext form of the key is a string of 15 to 255 characters. The plaintext string must contain digits, uppercase letters, lowercase letters, and special characters.

Usage guidelines

The shared keys configured on the device must match those configured on the HWTACACS servers.

Examples

# In HWTACACS scheme hwt1, set the shared key to 123456TESTauth&! in plaintext form for secure HWTACACS authentication communication.

<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] key authentication simple 123456TESTauth&!

# Set the shared key to 123456TESTautr&! in plaintext form for secure HWTACACS authorization communication.

[Sysname-hwtacacs-hwt1] key authorization simple 123456TESTautr&!

# Set the shared key to 123456TESTacct&! in plaintext form for secure HWTACACS accounting communication.

[Sysname-hwtacacs-hwt1] key accounting simple 123456TESTacct&!

Related commands

display hwtacacs scheme