[tac_plus] md5 and tac_plus
Alan McKinnon
alan.mckinnon at gmail.com
Wed Mar 15 09:18:54 UTC 2017
On 15/03/2017 00:22, Mitch Raful (ITaaS) wrote:
> I cannot find a Python based tacacs client. I am attempting to write one on my own and can’t figure out the md5 data obfuscation. How does tac_plus handling that. Does it XOR an md5 hash, and add that hash to the session_id + key, version and sequence, and then again if needed?
Not quite, but you are on the right track.
There are 2 sources I can think of to fins the correct details:
- There's an unapproved RFC out there from Cisco that despite never
moving out of draft status, is still the way the tacacs protocol works.
Usage of the key is in there.
- read the tacacsplus code. I recall reading it once and the relevant
function was easy to find. don;t have a copy of sources handy to lok for
you though.
--
Alan McKinnon
alan.mckinnon at gmail.com
More information about the tac_plus
mailing list