Displaying 15 results from an estimated 15 matches for "tacac".
Did you mean:
tacc
2018 Jan 03
2
SSHD and PAM
Sudarshan Soma wrote:
> Does sssd/NSS has a way to fetch user names from sources like
> RADIUS/TACACS server?
My impression is that while this might be theoretically possible, nobody
does this. Especially it's not clear to me how you would push group
membership to the system. And AFAICS in case of TACACS+ there's also
only a single "role" available (translate this to single grou...
2018 Jan 03
3
SSHD and PAM
...o
> m>
> wrote:
>
> > Hi I am trying to write pam_radius module which talks to RADIUS
> > server for
> > aaa.
> >
> > I see sshd checks /etc/passwd for user list. Since RADIUS server
> > has user
> > list, can sshd ignore this check for RADIUS/TACACS+ authentication,
> > Please
> > suggest if there are any flags to control it.
> >
> > I am using the following versions.
> > OpenSSH_6.6p1, OpenSSL 1.0.2n 7 Dec 2017
> >
> > I see sssd (NAS) being used for such use cases, how does sshd
> > ignore...
2007 Jan 13
3
Permission denied by op
i am invoking op from a python proggy which does an op.system() of
op chmod 640 /usr/local/etc/tac_plus.conf
i get "Permission denied by op"
% ls -l /usr/local/etc/op.access
-r-------- 1 root wheel 149 Jan 13 07:41 /usr/local/etc/op.access
% cat /usr/local/etc/op.access
# 2007.01.13
#
#DEFAULT users=src
#
chown /usr/sbin/chown $* ; users=src
chmod /bin/chmod $* ; users=src
2017 Jan 24
2
Need information to bypass the preauth in openssh
...g openssh for SSH connections.
To open a new remote session via SSH, the openssh will look into the
/etc/passwd file. If user present then it will allow to login using
password or key authentication.
But in my case all user info is present in remote database and
authentication is form remote using tacacs+ server.
Due to this I am facing error message as below
2017 Jan 13 10:45:51 : switch : sshd : Invalid user test from 10.12.16.16
2017 Jan 13 10:45:51 : switch : input_userauth_request: invalid user test
[preauth]
Please give some inputs on how to handle this scenario.
Regards,
Vishwanath KC...
2010 Jun 30
1
PAM Module:Openssh and Tacacs+ Question
Hi,
I am trying to get Openssh 5.5p1 to work with TACACS+. I have the TACACS
+ PAM module compiled on Ubuntu. I have compiled SSH --with-pam.
When the user is defined in /etc/passwd, the SSH authentication to the
TACACS+ server takes place successfully.
If I REMOVE the user from /etc/passwd OpenSSH sends a string called
INCORRECT to the TACACS+ server...
1998 Jun 08
27
Services not required?
...I am down to only a handful
but am not sure how much of a security risk they pose and was
wondering if anyone here might be able to comment, or suggest
secure versions to run:
21/FTP (WU-ftpd v2.4.2 BETA 14)
22/SSH (1.22)
23/TELNET (Netkit 0.09)
25/SMTP (Sendmail v8.8.7)
49/TACACS (TACACS_Plus v4.0.2 BETA/Cisco)
53/DNS (BIND v8.1.2)
80/HTTP (Apache v1.2.6 - upgrading to v1.3.0)
110/POP3 (Katie Steven''s v1.016)
111/RPC (Netkit 0.09)
113/IDENTD (????)
669/MOUNTD (RPC/Linux Userspace NFS server v2.2beta29)
2049/NFS (RPC/Linux Use...
2003 Sep 24
4
unified authentication
Howdy list,
Sorry if this is a frequently discussed topic,
or an off-topic question, but I couldn't find much
info about my question by performing quick searches
in the archives, and my question is pretty tightly
related to security...
Background:
===========
I have a number of FreeBSD machines. Most are 4.x,
but a few are 5.x (mainly the testing/devel machines).
I also have a single Red
2003 Oct 20
1
looking for a job
...eshoot network
connections/problems.
Ethernet, FastEthernet, Frame Relay, HDLC, xDSL, LRE, HPNA,
ISDN/PRI/R2/E1 (G.703), VPN/PPTP/GRE, PPP.
A solid understanding and experience of TCP/IP, SNMP,
SMTP/POP3/IMAP/UUCP, NNTP, HTTP/FTP, DNS, NFS, NTP,
Telnet/SSH/RSH, TACACS/RADIUS, DHCP, IRC/Jabber, SSL. Knowledge
of protocol internals.
* Databases:
PostgreSQL, MySQL, mSQL.
* Software:
* Routing: routed, gated, zebra. * WWW: apache, squid, jesred,
HTML::Mason, mod_perl, mod_ssl, mod_rewrite, Apache::ASP,
Parser3, PHP. * Develop...
2017 Jan 24
2
Need information to bypass the preauth in openssh
...24, 2017 at 11:16 AM, Darren Tucker <dtucker at zip.com.au> wrote:
> On Tue, Jan 24, 2017 at 4:17 PM, Vishwanath KC <vicchi.cit at gmail.com>
> wrote:
> [...]
> > But in my case all user info is present in remote database and
> > authentication is form remote using tacacs+ server.
>
> What platform is this? You probably want a NSS module or the
> equivalent for your platform so that getpwnam(3) knows about those
> users (including things like uid/gid, home directory and shell). I'm
> not sure TACACS can provide the required details, though.
>...
2017 Jan 24
2
Need information to bypass the preauth in openssh
> On 24 Jan 2017, at 06:01, Darren Tucker <dtucker at zip.com.au> wrote:
>
> On Tue, Jan 24, 2017 at 4:54 PM, Vishwanath KC <vicchi.cit at gmail.com> wrote:
> [...]
>> Distributor ID: Debian
>> Description: Debian GNU/Linux 8.2 (jessie)
>
> As you've seen, sshd requires that the system's getpwnam() function
> knows the user, without which
2005 Nov 10
1
tacacs+ RPM.?
Hi All,
is there an RPM for it for CentOS.? I tried "yum install tacacs+" but
got nothing. I also checked dags repo and found nothing. Cheers.
Mark Sargent.
2006 Aug 09
3
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
http://bugzilla.mindrot.org/show_bug.cgi?id=1215
Summary: sshd requires entry from getpwnam for PAM accounts
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: PAM support
AssignedTo: bitbucket at mindrot.org
2012 Oct 13
0
tacacs+ to radius bridge or proxy or something?
Is there any working solution to proxy tacacs+ to radius server? (it
can be commercial too?)
I found this old project: http://portal-to-web.de/tacacs/, but it is a
bit antique?
--
Eero
2004 Aug 13
1
help with LDAP and Samba
...l variations to no
avail. I would REALLY appreciate it if someone who has a working
samba/OpenLDAP enviroment could take a moment to assist me.
As I stated I am not getting any errors in the error logs. OpenLDAP is
a production server being used as the authentication system for our
email and TACACS, so that is working. I added the samba schema when I
set it up as I knew it would be only a matter of time before we went to
samba. Note in the config below I have tried it with and without the
filter along with and without group/user/computer suffix.
OS: Fedora Core 2
Samba: 3.0.3-5
below...
2004 Aug 10
1
Your mail to Firewalls-Book-Info
...Lookup Services
Chapter 21: Authentication and Auditing Services
What Is Authentication?
Passwords
Authentication Mechanisms
Modular Authentication for Unix
Kerberos
NTLM Domains
Remote Authentication Dial-in User Service (RADIUS)
TACACS and Friends
Auth and identd
Chapter 22: Administrative Services
System Management Protocols
Routing Protocols
Protocols for Booting and Boot-Time Configuration
ICMP and Network Diagnostics
Network Time Protocol (NTP)
File Synchronization...