Advice/resources for setting up TACACS server
Hi -- We are currently trying to set up a TACACS server for authentication to our network gear and have it run on suse linux hosts. Does anyone have any advice/good webpages or guides regarding this? Thank you very much in advance! Leslie
Hi, On Fri, 7 Nov 2008 13:30:32 -0800 Leslie <leslie@craigslist.org> wrote:
We are currently trying to set up a TACACS server for authentication to our network gear and have it run on suse linux hosts. Does anyone have any advice/good webpages or guides regarding this?
I really don't mean to troll, but I think you probably should authenticate against RADIUS instead. Simon
The best answer actually does seem to be to use freeradius instead of tacacs, so I will probably go with that (though if anyone has any good tips on freeradius, please, let me know) Leslie On Nov 7, 2008, at 1:30 PM, Leslie wrote:
Hi --
We are currently trying to set up a TACACS server for authentication to our network gear and have it run on suse linux hosts. Does anyone have any advice/good webpages or guides regarding this?
Thank you very much in advance!
Leslie
Hi, You can extract information from this doc : Installation of Tacacs+, Rancid, Cvsweb http://www.debian-administration.org/articles/429 Freeradius will need more time to implement, but easier to manage after. -- Raphaël Maunier NEO TELECOMS Engineering Manager 2 rue du Chemin Vert 92110 Clichy - France rmaunier@neotelecoms.com Leslie a écrit :
The best answer actually does seem to be to use freeradius instead of tacacs, so I will probably go with that (though if anyone has any good tips on freeradius, please, let me know)
Leslie
On Nov 7, 2008, at 1:30 PM, Leslie wrote:
Hi --
We are currently trying to set up a TACACS server for authentication to our network gear and have it run on suse linux hosts. Does anyone have any advice/good webpages or guides regarding this?
Thank you very much in advance!
Leslie
I disagree with the RADIUS suggestion. TACACS+ is a much more secure protocol. It encrypts the packet contents and has a more secure handshake procedure. Leslie wrote:
The best answer actually does seem to be to use freeradius instead of tacacs, so I will probably go with that (though if anyone has any good tips on freeradius, please, let me know)
Leslie
On Nov 7, 2008, at 1:30 PM, Leslie wrote:
Hi --
We are currently trying to set up a TACACS server for authentication to our network gear and have it run on suse linux hosts. Does anyone have any advice/good webpages or guides regarding this?
Thank you very much in advance!
Leslie
-- Steve King Network Engineer - Liquid Web, Inc. Cisco Certified Network Associate CompTIA Linux+ Certified Professional CompTIA A+ Certified Professional
I second the TACACS+ Thats what you want. Same effort for the most part, to implement. Eddy On Nov 7, 2008, at 2:39 PM, Steven King wrote:
I disagree with the RADIUS suggestion. TACACS+ is a much more secure protocol. It encrypts the packet contents and has a more secure handshake procedure.
Leslie wrote:
The best answer actually does seem to be to use freeradius instead of tacacs, so I will probably go with that (though if anyone has any good tips on freeradius, please, let me know)
Leslie
On Nov 7, 2008, at 1:30 PM, Leslie wrote:
Hi --
We are currently trying to set up a TACACS server for authentication to our network gear and have it run on suse linux hosts. Does anyone have any advice/good webpages or guides regarding this?
Thank you very much in advance!
Leslie
-- Steve King
Network Engineer - Liquid Web, Inc. Cisco Certified Network Associate CompTIA Linux+ Certified Professional CompTIA A+ Certified Professional
Do you have any suggestions for a free tacacs server which will run on linux ? I have so far been unable to find any and the tacacs+ source code hasn't been updated since around 2000 Leslie On Nov 7, 2008, at 2:43 PM, Eddy Martinez wrote:
I second the TACACS+
Thats what you want. Same effort for the most part, to implement.
Eddy
On Nov 7, 2008, at 2:39 PM, Steven King wrote:
I disagree with the RADIUS suggestion. TACACS+ is a much more secure protocol. It encrypts the packet contents and has a more secure handshake procedure.
Leslie wrote:
The best answer actually does seem to be to use freeradius instead of tacacs, so I will probably go with that (though if anyone has any good tips on freeradius, please, let me know)
Leslie
On Nov 7, 2008, at 1:30 PM, Leslie wrote:
Hi --
We are currently trying to set up a TACACS server for authentication to our network gear and have it run on suse linux hosts. Does anyone have any advice/good webpages or guides regarding this?
Thank you very much in advance!
Leslie
-- Steve King
Network Engineer - Liquid Web, Inc. Cisco Certified Network Associate CompTIA Linux+ Certified Professional CompTIA A+ Certified Professional
We use tac_plus with good results: http://www.shrubbery.net/tac_plus/ On Nov 7, 2008, at 2:56 PM, Leslie wrote:
Do you have any suggestions for a free tacacs server which will run on linux ? I have so far been unable to find any and the tacacs+ source code hasn't been updated since around 2000
Leslie
On Nov 7, 2008, at 2:43 PM, Eddy Martinez wrote:
I second the TACACS+
Thats what you want. Same effort for the most part, to implement.
Eddy
On Nov 7, 2008, at 2:39 PM, Steven King wrote:
I disagree with the RADIUS suggestion. TACACS+ is a much more secure protocol. It encrypts the packet contents and has a more secure handshake procedure.
Leslie wrote:
The best answer actually does seem to be to use freeradius instead of tacacs, so I will probably go with that (though if anyone has any good tips on freeradius, please, let me know)
Leslie
On Nov 7, 2008, at 1:30 PM, Leslie wrote:
Hi --
We are currently trying to set up a TACACS server for authentication to our network gear and have it run on suse linux hosts. Does anyone have any advice/good webpages or guides regarding this?
Thank you very much in advance!
Leslie
-- Steve King
Network Engineer - Liquid Web, Inc. Cisco Certified Network Associate CompTIA Linux+ Certified Professional CompTIA A+ Certified Professional
It's not free, but I want to praise Radiator (http://www.open.com.au/radiator/) as a great radius/tacacs+ server. (I have previously battled both with freeradius and openradius.) - d. On Fri, 7 Nov 2008, Leslie wrote:
Do you have any suggestions for a free tacacs server which will run on linux ? I have so far been unable to find any and the tacacs+ source code hasn't been updated since around 2000
Leslie
On Nov 7, 2008, at 2:43 PM, Eddy Martinez wrote:
I second the TACACS+
Thats what you want. Same effort for the most part, to implement.
Eddy
On Nov 7, 2008, at 2:39 PM, Steven King wrote:
I disagree with the RADIUS suggestion. TACACS+ is a much more secure protocol. It encrypts the packet contents and has a more secure handshake procedure.
Leslie wrote:
The best answer actually does seem to be to use freeradius instead of tacacs, so I will probably go with that (though if anyone has any good tips on freeradius, please, let me know)
Leslie
On Nov 7, 2008, at 1:30 PM, Leslie wrote:
Hi --
We are currently trying to set up a TACACS server for authentication to our network gear and have it run on suse linux hosts. Does anyone have any advice/good webpages or guides regarding this?
Thank you very much in advance!
Leslie
-- Steve King
Network Engineer - Liquid Web, Inc. Cisco Certified Network Associate CompTIA Linux+ Certified Professional CompTIA A+ Certified Professional
-- Dominic J. Eidson "Baruk Khazad! Khazad ai-menu!" - Gimli ---------------------------------------------------------------------------- http://www.dominiceidson.com/
Do you have any suggestions for a free tacacs server which will run on linux ? I have so far been unable to find any and the tacacs+ source code hasn't been updated since around 2000
Available (and maintained) at: http://www.shrubbery.net/tac_plus/ (direct download link: ftp://ftp.shrubbery.net/pub/tac_plus) The latest was last updated end of year 2007
First time poster, long time lurker. Also if you are going RADIUS route. There's a simple web shell boot version available at http://www.zeroshell.net/eng/radiusdetails/ that support RADIUS. -bn On Fri, Nov 7, 2008 at 3:04 PM, Buhrmaster, Gary <gtb@slac.stanford.edu>wrote:
Do you have any suggestions for a free tacacs server which will run on linux ? I have so far been unable to find any and the tacacs+ source code hasn't been updated since around 2000
Available (and maintained) at:
http://www.shrubbery.net/tac_plus/
(direct download link: ftp://ftp.shrubbery.net/pub/tac_plus)
The latest was last updated end of year 2007
participants (9)
-
Bao Nguyen -
Buhrmaster, Gary -
Dominic J. Eidson -
Eddy Martinez -
Jeremy Hanmer -
Leslie -
Raphael Maunier -
Simon Vallet -
Steven King