[tac_plus] Unable to get details in the log for authentication failure.

Manoj Kannachari MKannachari at infinera.com
Mon Oct 19 10:57:32 UTC 2015


More details from the log:

Mon Oct 19 21:36:27 2015 [14792]: Reading config
Mon Oct 19 21:36:27 2015 [14792]: Version F4.0.4.28 Initialized 1
Mon Oct 19 21:36:27 2015 [14792]: tac_plus server F4.0.4.28 starting
Mon Oct 19 21:36:27 2015 [14793]: Backgrounded
Mon Oct 19 21:36:27 2015 [14794]: socket FD 0 AF 2
Mon Oct 19 21:36:27 2015 [14794]: socket FD 2 AF 10
Mon Oct 19 21:36:27 2015 [14794]: uid=0 euid=0 gid=0 egid=0 s=31384336
Mon Oct 19 21:38:01 2015 [14815]: connect from x.x.x.x [x.x.x.x]
Mon Oct 19 21:38:01 2015 [14815]: pap-login query for 'cisco' port InfiTac from x.x.x.x rejected
Mon Oct 19 21:38:01 2015 [14815]: login failure: cisco x.x.x.x (x.x.x.x) InfiTac



How can I =increase the debug print level so as to get detailed logs?

Thanks
Manoj
From: Manoj Kannachari
Sent: Monday, October 19, 2015 4:22 PM
To: 'tac_plus at shrubbery.net' <tac_plus at shrubbery.net>
Subject: Unable to get details in the log for authentication failure.

Hi
I installed tacacs+ server from shrubbery with following configuration details:
#key
key = "cisco"
#user details
user=cisco {
default service = permit
member = admingroup
login = cleartext cisco
}
#group details
# admin group
group = admingroup {
default service = permit
service = exec {
priv-lvl = 15
}
}
#Enable password setup for users:
user = $enable$ {
login = cleartext HD.Hw0OHKmO/c
}
I ran the server with logs enabled using:  tac_plus -C etc/tacacs/tac_plus.conf -d 16.
When I am trying to connect to the server using my client with above credentials , all I can see in tac_plus.log is


Oct 19 21:36:27 in-sjain-dt tac_plus[14792]: Reading config
Oct 19 21:36:27 in-sjain-dt tac_plus[14792]: Version F4.0.4.28 Initialized 1
Oct 19 21:38:01 in-sjain-dt tac_plus[14815]: connect from x.x.x.x [x.x.x.x]
Oct 19 21:38:01 in-sjain-dt tac_plus[14815]: login failure: cisco x.x.x.x(x.x.x.x) InfiTac

Without detailed logs I am not able to decipher the cause of failure. Would you provide me details on anything that is missing ?
How can I =increase the debug print level so as to get detailed logs?

Thanks
Manoj
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20151019/d5fa846c/attachment.html>


More information about the tac_plus mailing list