key

Use this command in TACACS Configuration mode to specify the authentication and encryption key for all TACACS communications between the device and the TACACS server. This key must match the key used on the TACACS daemon. The key-string parameter specifies the key name. For an empty string use “ ”. (Range: 0 - 128 characters).

Text-based configuration supports TACACS server‘s secrets in encrypted and non-encrypted format. When you save the configuration, these secret keys are stored in encrypted format only. If you want to enter the key in encrypted format, enter the key along with the encrypted keyword. In the show running-config command‘s display, these secret keys are displayed in encrypted format. You cannot show these keys in plain text format.