[tac_plus] Adding users to tacacs passwd file
john heasley
heas at shrubbery.net
Wed Aug 18 16:27:39 UTC 2010
Wed, Aug 18, 2010 at 08:34:06AM -0500, Jeffrey S. Geist:
> We don't see any information in the /var/log/tacacs.log file. We assume that
> no information will happen in this file until we authenticate with tacacs.
non-accounting logging prefers syslog. also see the -d option.
> We do have tacacs running on another CentOS server but we are not using the
> passwd/shadow files. We are using a passwd file that has username and
> encrypted passwd in the same file (auth-passwd). We are able to authenticate
> to this server. This custom passwd file was created by a Solaris script on a
> Solaris server. We are trying to get away from Solaris.
afaik, linux/centos is a shadow password machine. anytime you use the
file name /etc/passwd, tacacs uses getspnam() to retrieve the DES so
that locking & /etc/shadow handling is supplied. if you really want
to use your password crypts in /etc/passwd, symlink /etc/tac_plus.pwd
to /etc/passwd.
More information about the tac_plus
mailing list