[tac_plus] Advice for HP Procurve 2626 switches
heasley
heas at shrubbery.net
Wed Jun 6 18:48:22 UTC 2012
Wed, Jun 06, 2012 at 02:29:55AM -0500, David Midlo:
> Hello,
>
> It seems HP Procurves don't report back the username when moving to enable mode. The reply after entering the password is 'invalid password'. You can find my config here http://pastebin.com/MAyFLxxF the switch is configured with the key (removed from paste).
>
> I'm having trouble finding any documentation as to how to approach this issue, any example configs or modifications/directives would be greatly appreciated.
you probably need to spend some quality debugging time. enable the packet
and auth debugging in the daemon.
if the device does not pass the username with the enable and you are using
tacacs for login authentication, complain to HP. even if it does not pass
one initially, the daemon should send a get_user request to get one.
also see the CONFIGURING ENABLE PASSWORDS section of the user_guide and
the user section of the tac_plus.conf manpage for $enab*$ references.
More information about the tac_plus
mailing list