Skip to content

Instantly share code, notes, and snippets.

@quyenlv

quyenlv/tacacs-plus-launch.rst

Last active May 17, 2024 09:30
Show Gist options
  • Save quyenlv/bda104c2f9282600a692063daaee35e2 to your computer and use it in GitHub Desktop.
Save quyenlv/bda104c2f9282600a692063daaee35e2 to your computer and use it in GitHub Desktop.
Download ZIP
Very basic steps to try TACACS+.
Raw
tacacs-plus-launch.rst

Installation

Install tacacs+ server:

sudo apt-get install tacacs+

Install tacacs+ client:

sudo pip install tacacs_plus

TACACS+ Server Configuration

For example, you want to create a tacacs configuraiton for this account admin/123456 with the shared secret key is: test.

1. Use tac_pwd (which is installed by above tacacs+ package) to encrypt clear text passwords to make it more secure:

$ tac_pwd
Password to be encrypted: 123456
VFj4MGmISJNmE
  1. Configure the tac_plus.conf file with this minimum configuration:
$ sudo vi /etc/tacacs+/tac_plus.conf

#tacacs key
key = "test"

#user details
user = admin {
    login = des VFj4MGmISJNmE
}
  1. Restart the tacacs+ server to apply.
sudo /etc/init.d/tacacs_plus restart

Verify using TACACS Client Tool

For example, you want to test above TACACS configuraiton under the same server

$ tacacs_client -v -u admin -H 127.0.0.1 -k test authenticate
password for admin: <Enter 123456>
status: PASS

$ tacacs_client -v -u admin -H 127.0.0.1 -k test authenticate
password for admin: <Enter blablalba>
status: FAIL

That's it.

Reference

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment