[tac_plus] tac_plus and PAM
krux at thcnet.net
krux at thcnet.net
Sat Dec 28 22:37:56 UTC 2013
> Please excuse my newbie questions. To utilize PAM do I need to use the
> pam_tacplus module? I currently was only using pam_tally2 but after looking
No, I think that's a module to have PAM use TACACS+ for authentication.
You'll have to create a tac_plus pam config file under /etc/pam.d. A quick
and easy way to do so, is to "cp /etc/pam.d/ssh /etc/pam.d/tac_plus" which
would copy the same method of authentication for SSH as for TACACS. Of course
you can tweak the authentication settings for PAM so it does something
different for tac_plus. For example, our system uses Kerberos for ssh, but
for TACACS authentication, we want it to use RSA for two factor
authentication.
perl -e 's==UBER?=+y[:-o]}(;->\n{q-yp-y+k}?print:??;-p#)'
More information about the tac_plus
mailing list