[tac_plus] Patch to add crypt_md5 password support to tac_plus
Alan McKinnon
alan.mckinnon at gmail.com
Sun Dec 12 07:49:44 UTC 2010
Apparently, though unproven, at 08:25 on Sunday 12 December 2010, Kiss Gabor
(Bitman) did opine thusly:
> > The attached patch adds crypt_md5 support to tacacs+-F4.0.4.19. Please
> > feel free to review, test and include in tac_plus. Any feedback would be
> > welcome. A ./configure is required after applying the patch.
> >
> > user = testuser {
> >
> > login = md5 $1$p2KX$UDm4AQrvrq9ockzoQ6h0o1
> > enable = md5 $1$p2KX$UDm4AQrvrq9ockzoQ6h0o1
> >
> > }
> > -------------- next part --------------
>
> Note: this unnecessary on Linux systems because OpenSSL libcrypt
> transparently supports MD5 too. We use config like this:
>
> login = des $1$aXXM6UaV$g.p5Yzi6mkLfmGhKKoo7z3
It's supported in the same way on FreeBSD too if tac_plus was built correctly.
I use "openssl passwd -1" to generate an md5 hash, paste it into
tac_plus.conf, and it all just works.
--
alan dot mckinnon at gmail dot com
More information about the tac_plus
mailing list