[tac_plus] Host specific Key
heasley
heas at shrubbery.net
Thu May 30 16:49:01 UTC 2013
Thu, May 30, 2013 at 09:22:19AM +0200, BORDIN Patrick:
> Hello,
>
> In my office, we use Tacacs F4.0.4.14 Shrubbery, with some of Cisco routers : it works fine.
> Now, we use BigIP F5 appliance, and we have a problem for the shared key.
> We have this problem :
>
> http://support.f5.com/kb/en-us/solutions/public/12000/300/sol12304.html
>
> We use the character "#" in the shared key.
>
> Question : with this Tacas version, is it possible to define a additionnal key in the tac_plus.conf for a host specific , to avoid changing keys in my routers ?
tac_plus.conf(5):
host The host clause allows the configuration values noted below to
be set for the client name by IP address. If tac_plus is
started with the -L option, the name can also be name as
resolved from the address with the gethostbyaddr(3) system call,
which may be the FQDN (Fully Qualified Domain Name) if DNS is
used. It is recommended that the IP address be used, since the
resolver can be slow to timeout when network faults exist.
host = <IP address> {
key = <string>
prompt = <string>
enable = <password_spec>
}
key specifics the packet encryption <key> for this host.
prompt specifies the username prompt that will be presented to a
user.
More information about the tac_plus
mailing list