[rancid] Re: rancid and radius auth with restricted perms

Riley Tompkins thecomputerking at gmail.com
Tue Aug 5 20:42:43 UTC 2008

I have used privilege levels in RADIUS with success, see link.


On Tue, Aug 5, 2008 at 2:25 PM, Christopher McCrory
<chrismcc at pricegrabber.com> wrote:
> Hello...
>  I have been using rancid for a while on our core network equipment.
> I'd like to add a bunch of access layer switches ( 2960s/3560s) to my
> rancid setup.  Very few people have access to my core equipment so I
> have not had the need to set up tacacs/radius/kerberos auth.  Does
> anyone have a cookie cutter radius ( freeradius) config to restrict a
> rancid user to the minimum required commands to function?  (I can setup
> the radius part, it is the command restriction that is stumping me)
> I googled around and looked through my list archives, but could not find
> much info.  The closest I could find was
> http://wiki.freeradius.org/Cisco#Command_Authorization where the
> restrict 'show' was broken by cisco.
> Thanks for any help.
> --
> Christopher McCrory
>  "The guy that keeps the servers running"
> To the optimist, the glass is half full.
> To the pessimist, the glass is half empty.
> To the engineer, the glass is twice as big as it needs to be.
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

More information about the Rancid-discuss mailing list