configure tacacs shared-secret

configure tacacs [primary | secondary] shared-secret {encrypted encrypted_secret | secret }


Configures the shared secret string used to communicate with the TACACS+ authentication server.

Syntax Description

primary Configures the authentication string for the primary TACACS+ server.
secondary Configures the authentication string for the secondary TACACS+ server.
encrypted Indicates that the string is already encrypted.
string The string to be used for authentication.



Usage Guidelines

The secret must be the same between the client switch and the TACACS+ server.

The encrypted keyword is primarily for the output of the show configuration command, so the shared secret is not revealed in the command output. Do not use it to set the shared secret.


The following command configures the shared secret as “purplegreen” on the primary TACACS+ server:

configure tacacs-accounting primary shared-secret purplegreen


This command was first available in ExtremeXOS 10.1.

The encrypted keyword was added in ExtremeXOS 11.0.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X695, X870, 5320, 5420, and 5520 series switches.