Command Line Reference Guide
Security | 1233
tacacs-server key
c e s
Configure a key for communication between a TACACS+ server and client.
Syntax
tacacs-server key [encryption-type] key
To delete a key, use the no tacacs-server key key
Parameters
Defaults
Not configured.
Command Modes
CONFIGURATION
Command
History
Usage
Information
The key configured with this command must match the key configured on the TACACS+ daemon.
Port Authentication (802.1X) Commands
The 802.1X Port Authentication commands are:
• dot1x authentication (Configuration)
• dot1x authentication (Interface)
• dot1x auth-fail-vlan
• dot1x auth-server
• dot1x guest-vlan
• dot1x max-eap-req
• dot1x port-control
• dot1x quiet-period
• dot1x reauthentication
• dot1x reauth-max
• dot1x server-timeout
• dot1x supplicant-timeout
• dot1x tx-period
• show dot1x interface
An authentication server must authenticate a client connected to an 802.1X switch port. Until the
authentication, only EAPOL (Extensible Authentication Protocol over LAN) traffic is allowed through
the port to which a client is connected. Once authentication is successful, normal traffic passes through
the port.
FTOS supports RADIUS and Active Directory environments using 802.1X Port Authentication.
encryption-type
(OPTIONAL) Enter either zero (0) or 7 as the encryption type for the key entered.
The options are:
• 0 is the default and means the key is not encrypted and stored as clear text.
• 7 means that the key is encrypted and hidden.
key
Enter a text string, up to 42 characters long, as the clear text password.
Leading spaces are ignored.
Version 7.7.1.0 Authentication key length increased to 42 characters
Version 7.6.1.0 Introduced for S-Series
Version 7.5.1.0 Introduced for C-Series
pre-Version 6.2.1.1 Introduced on E-Series