[tac_plus] DEFAULT user and PAM
Michael Costello
mcostello at netflix.com
Tue Aug 23 22:20:45 UTC 2016
Hi tac_plus,
I know this question has been asked before[0], but I have not been
able to find the answer.
I have an Ubuntu 14.04 machine with tac_plus F4.0.4.26 installed
through apt. The box is configured correctly for LDAP through SSSD (I
can ssh into it using LDAP credentials). And I can authenticate to a
router against tacacs using LDAP credentials iff my username is
explicitly configured in tac_plus.conf.
user = me {
login = PAM
member = admin
}
User 'me' is not in /etc/passwd. If however I remove the user and
attempt to use the default user
user = DEFAULT {
login = PAM
member = admin
}
I cannot authenticate:
Tue Aug 23 21:47:53 2016 [10793]: Authenticating ACLs for user
'DEFAULT' instead of 'me'
Tue Aug 23 21:47:53 2016 [10793]: login query for 'me' ssh from 1.2.3.4 rejected
Is there any way to resolve this through configuration or using a
later version (the changelog from 4.0.4.26 to 4.0.4.28 does not
mention anything in regards to this)? Or is what I'm after simply not
supported?
mc
[0]
http://www.shrubbery.net/pipermail/tac_plus/2010-February/000667.html
http://www.shrubbery.net/pipermail/tac_plus/2010-January/000662.html
More information about the tac_plus
mailing list