HP 6120G/XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 159
Configuring an Encryption Key.,
View all HP 6120G/XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 159 highlights
TACACS+ Authentication Configuring TACACS+ on the Switch The "10" server is now the "first-choice" TACACS+ authentication device. Figure 4-7. Example of the Switch After Assigning a Different "First-Choice" Server To remove the 10.28.227.15 device as a TACACS+ server, you would use this command: ProCurve(config)# no tacacs-server host 10.28.227.15 Configuring an Encryption Key. Use an encryption key in the switch if the switch will be requesting authentication from a TACACS+ server that also uses an encryption key. (If the server expects a key, but the switch either does not provide one, or provides an incorrect key, then the authentication attempt will fail.) Use a global encryption key if the same key applies to all TACACS+ servers the switch may use for authentication attempts. Use a per-server encryption key if different servers the switch may use will have different keys. (For more details on encryption keys, see "Using the Encryption Key" on page 4-27.) To configure north01 as a global encryption key: ProCurve(config) tacacs-server key north01 To configure north01 as a per-server encryption key: ProCurve(config)# tacacs-server host 10.28.227.63 key north01 An encryption key can contain up to 100 characters, without spaces, and is likely to be case-sensitive in most TACACS+ server applications. To delete a global encryption key from the switch, use this command: ProCurve(config)# no tacacs-server key 4-22