[rancid] Re: rancid and radius auth with restricted perms
thecomputerking at gmail.com
Tue Aug 5 20:42:43 UTC 2008
I have used privilege levels in RADIUS with success, see link.
On Tue, Aug 5, 2008 at 2:25 PM, Christopher McCrory
<chrismcc at pricegrabber.com> wrote:
> I have been using rancid for a while on our core network equipment.
> I'd like to add a bunch of access layer switches ( 2960s/3560s) to my
> rancid setup. Very few people have access to my core equipment so I
> have not had the need to set up tacacs/radius/kerberos auth. Does
> anyone have a cookie cutter radius ( freeradius) config to restrict a
> rancid user to the minimum required commands to function? (I can setup
> the radius part, it is the command restriction that is stumping me)
> I googled around and looked through my list archives, but could not find
> much info. The closest I could find was
> http://wiki.freeradius.org/Cisco#Command_Authorization where the
> restrict 'show' was broken by cisco.
> Thanks for any help.
> Christopher McCrory
> "The guy that keeps the servers running"
> To the optimist, the glass is half full.
> To the pessimist, the glass is half empty.
> To the engineer, the glass is twice as big as it needs to be.
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
More information about the Rancid-discuss