The hwtacacs-server shared-key command configures the shared key for HWTACACS server.
The undo hwtacacs-server shared-key command removes the configured shared key of the HWTACACS server. Configuring a private key improves the security of intercommunication between the device and HWTACACS server.
By default, the shared key is not configured.
| Parameter | Description | Value |
|---|---|---|
| key-string |
Specifies the shared key in encrypted or simple text. The shared key configured in simple text is displayed in ciphertext. |
The value is a string of case-sensitive characters that can be letters or digits. The password can be a string of 1 to 255 characters in simple text or a string of 20 to 432 characters in encrypted text. The value cannot contain question marks (?) or spaces. However, when double quotation marks are used around a password, spaces are allowed in the password. |
| cipher cipher-string |
Specifies the shared-key in ciphertext. |
The value is a string of case-sensitive characters that can be letters or digits. The password can be a string of 1 to 255 characters in simple text or a string of 20 to 432 characters in encrypted text. The value cannot contain question marks (?) or spaces. However, when double quotation marks are used around a password, spaces are allowed in the password. |
The shared key encrypts the HWTACACS packets. While sending the authentication packets to the clients, the HWTACACS server encrypts the important information. The shared key on the device must be identical for successful authentication.
The shared key set on the Router and the HWTACACS server must be the same.
You can change the shared key and the new shared key can be used for new requests.