|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
i suppose you're talking of the tacacs+ client package published by some Polish guy (don't remember the name
right now). The pam_tacacs module works quite fine. Soem quirks when using tacacs 'accounting' (not to be confused
with PAM accounting, which is the equivalent to tacacs 'authorize'). There is a drawback in that the module supports only
one tacacs server. The workaround i took, was to stack the module twice, each one with a different tacacs server.
Don't forget to switch on encryption. My configuration was:
auth sufficient pam_tacplus.so encrypt secret=FarAway server=10.13.0.22
auth sufficient pam_tacplus.so encrypt secret=FarAway server=10.14.1.69
BTW the above package includes 'tacc', a small line-mode tacacs client. A fine tool when debugging the tacacs environment.
-- Dr.-Ing. Andreas Schindler Alpha Zero One Computersysteme GmbH Frankfurter Str. 141 63303 Dreieich Telefon 06103-57187-21 Telefax 06103-373245 schindler@xxxxxx www.az1.de
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list