R0106-HP MSR Router Series Security Command Reference(V7)
53
key (RADIUS scheme view)
Use key to set the shared key for secure RADIUS communication.
Use undo key to restore the default.
Syntax
key { accounting | authentication } { cipher | simple } string
undo key { accounting | authentication }
Default
No shared key is configured.
Views
RADIUS scheme view
Predefined user roles
network-admin
Parameters
accounting: Sets the shared key for secure RADIUS accounting communication.
authentication: Sets the shared key for secure RADIUS authentication communication.
cipher: Sets a ciphertext shared key.
simple: Sets a plaintext shared key.
string: Specifies the shared key string. This argument is case sensitive.
• In non-FIPS mode:
{ A ciphertext shared key is a string of 1 to 117 characters.
{ A plaintext shared key is a string of 1 to 64 characters.
• In FIPS mode:
{ A ciphertext shared key is a string of 15 to 117 c h aracte r s .
{ A plaintext shared key is a string of 15 to 64 characters. The string must contain digits,
uppercase letters, lowercase letters, and special characters.
Usage guidelines
The shared keys configured by using this command apply to all servers in the scheme. Make sure the
settings match the shared keys configured on the RADIUS servers.
The shared keys specified for specific RADIUS servers take precedence over the shared key specified with
this command.
For security purposes, all shared keys, including shared keys configured in plain text, are saved in
ciphertext.
Examples
# For RADIUS scheme radius1, set the shared key for secure accounting communication to ok in plain
text.
<Sysname> system-view
[Sysname] radius scheme radius1
[Sysname-radius-radius1] key accounting simple ok