The hwtacacs-server shared-key command sets a shared key for an HWTACACS server.
The undo hwtacacs-server shared-key command cancels the configuration.
By default, the HWTACACS server is not configured with any shared key.
| Parameter | Description | Value |
|---|---|---|
cipher |
Indicates the shared key in cipher text. |
- |
key-string |
Specifies a shared key. |
The value is a case-sensitive string without question marks (?) or spaces. The key is processed as cipher text no matter whether the cipher keyword is specified. The key-string may be a plain text consisting of 1 to 255 characters or a cipher text consisting of 20 to 392 characters. |
Usage Scenario
The shared key is used to encrypt the password and generate the response authenticator.
When exchanging authentication packets with an HWTACACS server, the device uses MD5 to encrypt important data such as the password to ensure security of data transmission over the network. The device and HWTACACS server must use the same key to ensure their validity in the authentication.
Precautions
For security purposes, it is recommended that the password contains at least two types of lower-case letters, upper-case letters, numerals, and special characters, and contains at least 6 characters.
You can modify this configuration only when the HWTACACS server template is not in use.