A little something about me...!

configuring tacacs plus on linux box for aaa needs! August 30th, 2005 configuring tacacs plus on linux box for AAA needs! tacacs plus rpm can be found here Download General Term: NAS — A Network Access Server i.e. a Cisco box, or anything else which makes tacacs+ authentication and authorization requests, or sends accounting packets. if you are still looking for rpm of tacacs plus they can be found here and here is the cat of my tacacs_plus.cfg cat /etc/tacacs/tac_plus.cfg key = mysickrat # Use /etc/shadow file to do authentication default authentication = file /etc/shadow # Where is the accounting records to go accounting file = /var/log/tac_acc.log # Profile for enable access, username is $enab15$. Used to be $enable$ user = $enab15$ { login = cleartext "spicegirls" } # Profiles for user accounts user = bill { default service = permit login = file /etc/shadow } user = idiot { login = cleartext ohno cmd = show { permit "interface*" permit "ip interface*" } cmd = ping { permit .* } cmd = traceroute { permit .* } } # Profile for script altering config on router user = script { login = cleartext passwd cmd = configure { permit "terminal" } cmd = interface { permit "Dialer 1" } cmd = description { permit .* } cmd = dialer { permit "string" permit "load-threshold" } cmd = ppp { permit "pap sent-username" permit "multilink" } cmd = no { permit "dialer string" permit "dialer load-threshold" permit "ppp pap sent-username" permit "ppp multilink" } cmd = write { permit . } } then just start the tacacs_plus server with /etc/init.d/tacacs_plus start and enjoy the authentication from NAS.