Date: Fri, 30 Apr 1999 13:24:08 +0200 From: Rico Pajarola <pajarola@cybertime.ch> To: Dave Edwards <davo@chunga.apana.org.au> Cc: freebsd-isp@freebsd.org Subject: Re: Tacacs Message-ID: <3.0.32.19990430132403.008c2c30@shrike.overmind.ch>
next in thread | raw e-mail | index | archive | help
Stay away from tacacs (or xtacacs), use tacacs+, or radius. I am using tac_plus 2.1 from cisco (modified so that it writes accounting information into utmp/wtmp style files). I think it is in the ports collection. Development seems dead now though (no new releases or bugfixes for years). I haven't heard of any other free tacacs+ servers. Cisco also has a commercial tacacs+ server with ton's of features, but I don't think it runs on FreeBSD. Have a look at RADIUS, all newer ciscos support it, and it seems to be much more scalable, and there are several free and commercial servers to choose from. As for pam, there is a pam module that can authenticate to a tacplus (not tacacs), but encryption doesn't work, so you'll have to use plaintext (maybe this has been fixed in the meantime). See pam(8), tacplus.conf(5) and libtacplus(3). Rico At 19:10 99.04.30 +0930, you wrote: >Hi folks, > >Anyone seen Tacacs support for FreeBSD? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.19990430132403.008c2c30>