Command Manual (For Soliton) – AAA
H3C S3100 Series Ethernet Switches
Chapter 1 AAA Configuration Commands
1-42
Parameters
accounting
: Sets a shared key for RADIUS accounting messages.
authentication
: Sets a shared key for RADIUS authentication/authorization
messages.
string
: Shared key to be set, a string of up to 16 characters.
Description
Use the
key
command to set a shared key for RADIUS authentication/authorization
messages or accounting messages.
Use the
undo key
command to restore the corresponding default shared key setting.
By default, no shared key exists.
Note that:
z
Both RADIUS client and server adopt MD5 algorithm to encrypt RADIUS
messages before exchanging the messages with each other.
z
The two parties verify the validity of the RADIUS messages received from each
other by using the shared keys that have been set on them, and can accept and
respond to the messages only when both parties have same shared key.
z
The authentication/authorization shared key and the accounting shared key you
set on the switch must be respectively consistent with the shared key on the
authentication/authorization server and the shared key on the accounting server.
Related commands:
primary accounting
,
primary authentication
,
radius scheme
.
Examples
# Set "hello" as the shared key for RADIUS authentication/authorization messages in
RADIUS scheme radius1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] radius scheme radius1
New Radius scheme
[Sysname-radius-radius1] key authentication hello
# Set "ok" as the shared key for RADIUS accounting messages in RADIUS scheme
radius1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] radius scheme radius1
New Radius scheme
[Sysname-radius-radius1] key accounting ok