key (HWTACACS scheme view)

Syntax

key { accounting | authentication | authorization } [ cipher | simple ] key

undo key { accounting | authentication | authorization }

View

HWTACACS scheme view

Default level

2: System level

Parameters

accounting: Sets the shared key for secure HWTACACS accounting communication.

authentication: Sets the shared key for secure HWTACACS authentication communication.

authorization: Sets the shared key for secure HWTACACS authorization communication.

cipher: Sets a ciphertext shared key.

simple: Sets a plaintext shared key.

key: Specifies the shared key string. This argument is case sensitive. In non-FIPS mode, a ciphertext shared key must be a string of 1 to 373 characters and a plaintext shared key must be a string of 1 to 255 characters. In FIPS mode, a ciphertext shared key must be a string of 8 to 373 characters, and a plaintext shared key must be a string of 8 to 255 characters that must include numbers, uppercase letters, lowercase letters, and special characters. If neither cipher nor simple is specified, you set a plaintext shared key string.

Description

Use key to set the shared key for secure HWTACACS authentication, authorization, or accounting communication.

Use undo key to remove the configuration.

By default, no shared key is configured.

The shared keys configured on the switch must match those configured on the HWTACACS servers.

For secrecy, all shared keys, including shared keys configured in plain text, are saved in cipher text.

Related commands: display hwtacacs.

Examples

# Set the shared key for secure HWTACACS accounting communication to hello in plain text.

<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] key accounting simple hello

# Set the shared key for secure HWTACACS accounting communication to hello in plain text.

<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] key accounting hello