126 TACACS+ Commands
Text-based configuration supports TACACS server’s secrets in encrypted and
non-encrypted format. When you save the configuration, these secret keys are
stored in encrypted format only. If you want to enter the key in encrypted format,
enter the key along with the encrypted keyword. In the “show running-config” on
page 177 command’s display, these secret keys are displayed in encrypted
format. You cannot show these keys in plain text format.
no tacacs-server
key
Use the
no tacacs-server key command to disable the authentication and
encryption key for all TACACS+ communications between the switch and the
TACACS+ daemon. The
key-string parameter has a range of 0 - 128
characters This key must match the key used on the TACACS+ daemon.
tacacs-server
keystring
Use the
tacacs-server keystring command to set the global authentication
encryption key used for all TACACS+ communications between the TACACS+
server and the client.
The following shows an example of the CLI command.
(Switching)(Config)#tacacs-server keystring
Enter tacacs key:********
Re-enter tacacs key:********
tacacs-server
timeout
Use the tacacs-server timeout command to set the timeout value for
communication with the TACACS+ servers. The
timeout parameter has a range
of 1-30 and is the timeout value in seconds. If you do not specify a timeout value,
the command sets the global timeout to the default value. TACACS+ servers that
do not use the global timeout will retain their configured timeout values.
Format
tacacs-server key
[
key-string
| encrypted
key-string
]
Mode Global Config
Format
no tacacs-server key
key-string
Mode Global Config
Format
tacacs-server keystring
Mode Global Config
To Next Page
Loading...
