Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N4000 Series
961962963964965966967968969970
Security Commands 962
key-string
Specifies
the key string in encrypted or unencrypted form. It
may be up to 256 characters in length in unencrypted format and 32
characters in length in encrypted format. (Range 1-256 characters)
Default Configuration
The default is an empty string.
Command Mode
Global Configuration mode
User Guidelines
The tacacs-server key command accepts any printable characters for the key
except a question mark. Enclose the string in double quotes to include spaces
within the key. The surrounding quotes are not used as part of the name. The
CLI does not filter illegal characters and may accept entries up to the first
illegal character or reject the entry entirely.
If no encryption parameter is present, the key string is interpreted as an un-
encrypted shared secret.
Keys are always displayed in their encrypted form in the running
configuration.
In an Access-Request, encrypted passwords are sent using the RSA Message
Digest algorithm (MD5). MD5 always transmits the encrypted password in 32
characters.
The encryption algorithm is the same across switches. Encrypted passwords
may be copied from one switch and pasted into another switch and will send
the same MD5 encrypted password over the wire.
Command History
Updated in version 6.3.0.1 firmware.
Example
The following example sets the authentication encryption key.
console(config)#tacacs-server key “This is a key string”
console(config)#tacacs-server key 0 “This is a key string”
2CSNXXX_SWUM204.book Page 962 Monday, January 25, 2016 1:25 PM