key (RADIUS scheme view)

Syntax

key { accounting | authentication } [ cipher | simple ] key

undo key { accounting | authentication }

View

RADIUS scheme view

Default level

2: System level

Parameters

accounting: Sets the shared key for secure RADIUS accounting communication.

authentication: Sets the shared key for secure RADIUS authentication/authorization communication.

cipher: Sets a ciphertext shared key.

simple: Sets a plaintext shared key.

key: Specifies the shared key string. This argument is case sensitive. In non-FIPS mode, a ciphertext shared key must be a string of 1 to 117 characters and a plaintext shared key must be a string of 1 to 64 characters. In FIPS mode, a ciphertext shared key must be a string of 8 to 117 characters, and a plaintext shared key must be a string of 8 to 64 characters that must include numbers, uppercase letters, lowercase letters, and special characters. If neither cipher nor simple is specified, you set a plaintext shared key string.

Description

Use key to set the shared key for secure RADIUS authentication/authorization or accounting communication.

Use undo key to restore the default.

By default, no shared key is configured.

For secrecy, all shared keys, including shared keys configured in plain text, are saved in cipher text.

The shared keys specified during the configuration of the RADIUS servers, if any, take precedence.

The shared keys configured on the switch must match those configured on the RADIUS servers.

Related commands: display radius scheme.

Examples

# For RADIUS scheme radius1, set the shared key for secure accounting communication to ok in plain text.

<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] key accounting simple ok

# For RADIUS scheme radius1, set the shared key for secure accounting communication to ok in plain text.

<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] key accounting ok