F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Command Reference-6PW100
230
Examples
# Create an HWTACACS scheme named hwt1, and enter HWTACACS scheme view.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1]
key (HWTACACS scheme view)
Use key to set the shared key for secure HWTACACS authentication, authorization, or accounting
communication.
Use undo key to remove the configuration.
Syntax
key { accounting | authentication | authorization } [ cipher | simple ] key
undo key { accounting | authentication | authorization }
Default
No shared key is configured.
Views
HWTACACS scheme view
Default command level
2: System level
Parameters
accounting: Sets the shared key for secure HWTACACS accounting communication.
authentication: Sets the shared key for secure HWTACACS authentication communication.
authorization: Sets the shared key for secure HWTACACS authorization communication.
cipher: Sets a ciphertext shared key. This key will be displayed in cipher text.
simple: Sets a plaintext shared key. This key will be displayed in plain text.
key: Shared key, a case-sensitive string of 1 to 64 characters. In FIPS mode, you cannot set a plaintext key,
and the key must contain at least 8 characters comprising uppercase and lowercase letters, digits, and
special characters.
Usage guidelines
The shared keys configured on the device must match those configured on the HWTACACS servers.
For secrecy, all shared keys, including keys configured in plain text, are saved in cipher text.
In FIPS mode, you cannot set a plaintext key, and the key is encrypted and decrypted by using the 3DES
algorithm.
Examples
# Set the shared key for secure HWTACACS accounting communication to hello in plain text for
HWTACACS scheme hwt1.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] key accounting simple hello