[tac_plus] Tacacs+ and PAM
JOYEZ Philippe
philippe.joyez at renault.com
Wed Oct 17 16:06:32 UTC 2012
Hello,
I’m trying to implement PAM authentication on a tacacs+ (F4.0.4.26) without
success.
Maybe I’m use the wrong approach, but I try to implement a solution to
forward tacacs authentication requests to a backend radius server (we use
radius OTP) and then I don’t want to create users on my Unix server hosting
the tacacs service.
My tacacs.conf file is:
--------------------------
user = DEFAULT {
login = PAM
}
host = 10.228.69.201 {
key="testing123"
}
--------------------------
And my /etc/pam.d/tac_plus is:
--------------------------
auth required pam_radius_auth.so
account required pam_permit.so
It seems that the “ user = DEFAULT” is not valid for authentication as when
I declare my user the authentication is successful.
Is there’s any mistake in my configuration?
Cordialement, Best regards
Description :
http://www.renault.com/RCW_Binaries/signature_renault/logo_renault_drive.jpg
Philippe JOYEZ
DSIR/DPAI/DSMI
API : FR EQV NOV 3 52
13 Avenue Paul Langevin 92359 Le Plessis Robinson CEDEX
Tél. : +33 (0) 1 76 84 59 41 - Mob. : +33 (0) 6 26 12 67 33
(www.renault.com)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20121017/48696e8e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 22326 bytes
Desc: not available
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20121017/48696e8e/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5387 bytes
Desc: not available
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20121017/48696e8e/attachment.bin>
More information about the tac_plus
mailing list