Tacacs-Server Key - Cisco NCS 5000 Series Manual

Authentication, Authorization, and Accounting Commands

tacacs-server key

To set the authentication encryption key used for all TACACS+ communications between the router and the
TACACS+ daemon, use the tacacs-server key command in XR Config mode. To disable the key, use the
no form of this command.
tacacs-server key {0 clear-text-key| 7 encrypted-key| auth-key}
no tacacs-server key {0 clear-text-key| 7 encrypted-key| auth-key}
Syntax Description
0 clear-text-key
7 encrypted-key
auth-key
Command Default
None
Command Modes
XR Config mode
Command History
Release
Release 6.0
Usage Guidelines
The key name entered must match the key used on the TACACS+ daemon. The key name applies to all servers
that have no individual keys specified. All leading spaces are ignored; spaces within and after the key are not.
If you use spaces in your key, do not enclose the key in quotation marks unless the quotation marks themselves
are part of the key.
The key name is valid only when the following guidelines are followed:
• The clear-text-key argument must be followed by the 0 keyword.
• The encrypted-key argument must be followed by the 7 keyword.
The TACACS server key is used only if no key is configured for an individual TACACS server. Keys
configured for an individual TACACS server always override this global key configuration.
Task ID
Task ID
aaa
Specifies an unencrypted (cleartext) shared key.
Specifies an encrypted shared key.
Specifies the unencrypted key between the AAA server and the
TACACS+ server.
Operations
read, write
System Security Command Reference for Cisco NCS 5000 Series Routers
tacacs-server key
Modification
This command was introduced.
93