Configuring Unix(FreeSBD) to authenticate to TACACS
Can someone please posts the steps needed to configure a UNIX server to authenticate with a TACACS+ server or point me in the right direction been googling for 2 days now. Thanks
I want to configure and run sshd server on my unix box. I already have that installed.
# yum -y install openssh-server openssh-clients
Loaded plugins: fastestmirror, presto, refresh-packagekit
Loading mirror speeds from cached hostfile
* base: centos.mirror.constant.com
* epel:... (1 Reply)
I have customer who controls access to the internet via TACACS server, basically a PIX firewall uses authentication from the TACACS to say if traffic is allowed to pass out of the gateway. I can't find anything on how to configure a linux client of TACACS authentication only how to set up a linux... (1 Reply)
Can someone please posts the steps needed to configure a UNIX server to authenticate with a TACACS+ server or point me in the right direction been googling for 2 days now. Thanks (1 Reply)
Can someone please posts the steps needed to configure a UNIX server to authenticate with a TACACS+ server or point me in the right direction been googling for 2 days now. Thanks (0 Replies)
Seek help configuring Sendmail 8.14.4 Unix server.
Not sure if this is the correct place to post or the Unix/Linux Forums job board. Seeking help configuring sendmail 8.14.4 on my Unix server. It appears I have an open relay. I was advised I need to modify a etc/mail/dir , a command line entry... (0 Replies)
At times I find the need to test that the tacacs port 49 is open.
The code below works but is painfully slow because I have to wait on the timeouts.
Examples of possible responds
router1#telnet 10.11.20.14 49
Trying 206.112.204.140, 49 ... Open
route1#telnet 10.11.19.14 49
Trying... (1 Reply)
Hi
I want to create a script that will authenticate user from a file and if both of them match then only the script is allowed to be executed...
Suppose I have a script say test.sh and a file config.txt
for users whose user ids exist in the text file should only be given permission to... (1 Reply)
Dear all
I want to redirect the logs of the syslog of a tru64 unix machine in a log and event monitoring tool installed in another server. In the syslog.conf i have appended *.*@<server_name> at the end, where <server_name> is the name of the machine on which the reporting tool is running. I... (0 Replies)
Hi all,
I have installed a software on a local machine running UNIX .
Using NetBatch utility, In the COMMUNICATION file on this Local UNIX machine I have added:
remote_machine_name:OS: Description:Type
so that I can use this remote machine running UNIX to complete jobs which are... (0 Replies)
TacacsPlus(3pm) User Contributed Perl Documentation TacacsPlus(3pm)NAME
Authen::TacacsPlus - Perl extension for authentication using tacacs+ server
SYNOPSIS
use Authen::TacacsPlus;
$tac = new Authen::TacacsPlus(Host=>$server,
Key=>$key,
[Port=>'tacacs'],
[Timeout=>15]);
or
$tac = new Authen::TacacsPlus(
[ Host=>$server1, Key=>$key1, [Port=>'tacacs'], [Timeout=>15] ],
[ Host=>$server2, Key=>$key2, [Port=>'tacacs'], [Timeout=>15] ],
[ Host=>$server3, Key=>$key3, [Port=>'tacacs'], [Timeout=>15] ],
... );
$tac->authen($username,$passwords);
Authen::TacacsPlus::errmsg();
$tac->close();
DESCRIPTION
Authen::TacacsPlus allows you to authenticate using tacacs+ server.
$tac = new Authen::TacacsPlus(Host=>$server,
Key=>$key,
[Port=>'tacacs'],
[Timeout=>15]);
Opens new session with tacacs+ server on host $server, encrypted with key $key. Undefined object is returned if something wrong (check
errmsg()).
With a list of servers the order is relevant. It checks the availability of the Tacacs+ service using the order you defined.
Authen::TacacsPlus::errmsg();
Returns last error message.
$tac->authen($username,$password,$authen_type);
Tries an authentication with $username and $password. 1 is returned if authenticaton succeded and 0 if failed (check errmsg() for reason).
$authen_type is an optional argument that specifies what type of authentication to perform. Allowable options are:
Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_ASCII (default) Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_PAP
Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_CHAP
ASCII uses Tacacs+ version 0, and will authenticate against the "login" or "global" password on the Tacacs+ server. If no authen_type is
specified, it defaults to this type of authentication.
PAP uses Tacacs+ version 1, and will authenticate against the "pap" or "global" password on the Tacacs+ server.
CHAP uses Tacacs+ version 1, and will authenticate against the "chap" or "global" password on the Tacacs+ server. With CHAP, the password
if formed by the concatenation of
chap id + chap challenge + chap response
There is example code in test.pl
If you use a list of servers you can continue using $tac->authen if one of them goes down or become unreachable.
$tac->close();
Closes session with tacacs+ server.
EXAMPLE
use Authen::TacacsPlus;
$tac = new Authen::TacacsPlus(Host=>'foo.bar.ru',Key=>'9999');
unless ($tac){
print "Error: ",Authen::TacacsPlus::errmsg(),"
";
exit(1);
}
if ($tac->authen('john','johnpass')){
print "Granted
";
} else {
print "Denied: ",Authen::TacacsPlus::errmsg(),"
";
}
$tac->close();
AUTHOR
Mike Shoyher, msh@corbina.net, msh@apache.lexa.ru
Mike McCauley, mikem@open.com.au
BUGS
only authentication is supported
only one session may be active (you have to close one session before opening another one)
SEE ALSO perl(1).
perl v5.14.2 2012-01-17 TacacsPlus(3pm)