124
Examples
# Create an HWTACACS scheme named
hwt1
and enter HWTACACS scheme view.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1]
Related commands
display hwtacacs scheme
key (HWTACACS scheme view)
Use
key
to set the shared key for secure HWTACACS authentication, authorization, or accounting
communication.
Use
undo key
to delete the shared key for secure HWTACACS authentication, authorization, or
accounting communication.
Syntax
key
{
accounting
|
authentication
|
authorization
} {
cipher
|
simple
}
string
undo key
{
accounting
|
authentication
|
authorization
}
Default
No shared key is configured for secure HWTACACS authentication, authorization, or accounting
communication.
Views
HWTACACS scheme view
Predefined user roles
network-admin
mdc-admin
Parameters
accounting
: Specifies the shared key for secure HWTACACS accounting communication.
authentication
: Specifies the shared key for secure HWTACACS authentication communication.
authorization
: Specifies the shared key for secure HWTACACS authorization communication.
cipher
: Specifies the key in encrypted form.
simple
: Specifies the key in plaintext form. For security purposes, the key specified in plaintext form
will be stored in encrypted form.
string
: Specifies the key. This argument is case sensitive.
•
In non-FIPS mode, the encrypted form of the key is a string of 1 to 373 characters. The plaintext
form of the key is a string of 1 to 255 characters.
•
In FIPS mode, the encrypted form of the key is a string of 15 to 373 characters. The plaintext
form of the key is a string of 15 to 255 characters. The plaintext string must contain digits,
uppercase letters, lowercase letters, and special characters.
Usage guidelines
The shared keys configured on the device must match those configured on the HWTACACS servers.
Examples
# In HWTACACS scheme
hwt1
, set the shared key to
123456TESTauth&!
in plaintext form for
secure HWTACACS authentication communication.