< Home

tsm-server shared-key

Function

The tsm-server shared-key command sets a shared key for a Agile Controller server.

The undo tsm-server shared-key command deletes a shared key for a Agile Controller server.

Format

tsm-server [ encryption-mode { 3des | aes128 [ enhanced ] } ] shared-key shared-key

undo tsm-server shared-key

Parameters

Parameter Description Value
encryption-mode 3des Specifies the encryption algorithm to 3DES. -
encryption-mode aes128 Specifies the encryption algorithm to AES128. AES128 is securer than 3DES. -
encryption-mode aes128 enhanced Uses AES128 enhanced encryption. -
shared-key Specifies the shared key of a Agile Controller server.
  • If the encryption algorithm is specified to 3DES, the value is a string that contains 1 to 31 characters and is saved in cipher text. If the string has 1 to 16 characters, the cipher text is 32-byte long; if the string has 17 to 31 characters, the cipher text is 56-byte long.
  • If the encryption algorithm is specified to AES128, the value is a string that contains 1 to 15 characters and is saved in 32-byte cipher text.
  • To enhance security, a shared key is recommended to meet the minimum strength requirement, that is, it needs to contain at least three types of the following characters: upper-case letters (A to Z), lower-case letters (a to z), digits (0 to 9), and special characters such as exclamation points (!), at signs (@), number signs (#), dollar signs ($), and percent (%).

Views

Agile Controller server template view

Default Level

2: Configuration level

Usage Guidelines

By default, the algorithm for encrypting the pre-shared key is AES128.

The packets transmitted between the FW and the Agile Controller server are encrypted through 3DES or AES128. 3DES and AES128 are symmetric encryption algorithms, and therefore the encryption modes and shared keys specified on the two ends must be the same.

When AES128 is used as the encryption algorithm, you can specify the enhanced keyword to use AES128 enhanced encryption which is more secure.

Each Agile Controller version may support different encryption modes. Before configuration, confirm whether the Agile Controller version supports the encryption mode and ensure that the encryption modes on both ends are the same.

Example

# Configure shared key Admin@123 for a Agile Controller server and set the encryption algorithm to AES128.

<sysname> system-view
[sysname] tsm-server template test
[sysname-tsm-test] tsm-server encryption-mode aes128 shared-key Admin@123
Parent Topic: Agile Controller Server Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >