TACACS+
LINK for windows
Step by step on Ubuntu 10.0.4.
a, get the daemon file.
http://www.debian-administration.org/articles/429
This document has been written using tacacs+-F4.0.4.10.
b, set up tcp wrappers.
You'll need to install the tcp wrappers and compilation tools if they're not yet installed.
# sudo apt-get install libwrap0-dev gcc make libc6-dev
c, install the tacacs+
Once you've got the tacacs+ archive, you have to uncompress it (in /usr/src for example).
Before installing tacacs+ I kindly advise you to read the INSTALL file in the tacacs+ uncompressed directory if you want more informations.
# cp tacacs+-F4.0.4.10.tar.gz /usr/src
# cd /usr/src
# tar xvfz tacacs+-F4.0.4.10.tar.gz
# cd tacacs+-F4.0.4.10
# ./configure
# make install
Installation directories are the following :
/usr/local/bin : for the binaries tac_plus and tac_pwd
/usr/local/man : for the manuals
man tac_plus and man tac_pwd are now available for more informations.
d, prepare the config file
Now we have to create the tacacs configuration file : /etc/tac_plus.conf
key=123456
accounting file = /var/log/tac_plus.acct
user = tac-user {
global = cleartext "tttttt"
member = group_auth
}
group = group_auth {
}
e, start the daemon
===========================
/usr/sbin/tac_plus -C /etc/tac-plus/tacacs.conf -d 16
===========================
f, debug
The following command shows debugging information of the tac-plus service
tail -f /var/tmp/tac-plus.log
to kill....
kill -USR1 `cat /etc/tac-plus.pid`
To restart...
/etc/init.d/tac-plus restart
Files
/var/log/tac-plus/account.log (must make this file writable)
/var/tmp/tac_plus.log (service logfile)
/etc/init.d/tac-plus (startup script)
/etc/tac-plus/tacacs.conf (users and global settings)
/usr/sbin/tac_plus (executable)
++++++++++++++++++++++
g, test with FOS.
IPv6_UP_Mar01_11 # d test authserver tacacs+ tacacs tac-user tttttt
authenticate user 'tac-user' on server 'tacacs' succeeded
Admin profile:
IPv6_UP_Mar01_11
Tuesday, July 12, 2011
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment