Install tacacs+ server
:
sudo apt-get install tacacs+
Install tacacs+ client
:
sudo pip install tacacs_plus
For example, you want to create a tacacs configuraiton for this account
admin/123456
with the shared secret key is: test
.
1. Use tac_pwd
(which is installed by above tacacs+ package) to encrypt
clear text passwords to make it more secure:
$ tac_pwd Password to be encrypted: 123456 VFj4MGmISJNmE
- Configure the tac_plus.conf file with this minimum configuration:
$ sudo vi /etc/tacacs+/tac_plus.conf #tacacs key key = "test" #user details user = admin { login = des VFj4MGmISJNmE }
- Restart the
tacacs+ server
to apply.
sudo /etc/init.d/tacacs_plus restart
For example, you want to test above TACACS configuraiton under the same server
$ tacacs_client -v -u admin -H 127.0.0.1 -k test authenticate password for admin: <Enter 123456> status: PASS $ tacacs_client -v -u admin -H 127.0.0.1 -k test authenticate password for admin: <Enter blablalba> status: FAIL
That's it.