[rancid] Rancid, Cisco login, but no local account

heasley heas at shrubbery.net
Tue Jan 27 22:25:08 UTC 2015


Tue, Jan 27, 2015 at 01:52:53PM -0700, Daniel Schmidt:
> Without control of the TACACS server, you're limited to changing the
> password.  I wonder if Pam can authenticate Tacacs?  If your org is so bass
> ackward they won't let you make a static read only account, you could set
> up your OWN tacacs server, and redirect all accounts but one to
> authenticate Pam set to query the other tacacs server.  (I also work Gov)

there are pam modules for authenticating against a tacacs server.


More information about the Rancid-discuss mailing list