[lug] passwd(5) files
charles at lunarmedia.net
charles at lunarmedia.net
Mon Feb 5 15:02:19 MST 2001
this is a bit off the linux specific topic and staddles the cisco fence,
but i think its a worthy topic.
i am setting up a small lab of router that are authenticating off of a
linux server running tacacs+
i have the users' passwords being checked against /etc/shadow for
verification.
there are more users on the box than individuals needing to login to the
routers, so i would like to create a separate password file for tacacs to
look in for users. i am just including the required users in this file. i
am building the file by pulling these users' entries from /etc/shadow and
writing it to /etc/tacacs/tac_pass.cfg
the tacacs docs say that tacacs+ can use any text file that conforms to
the rules of unix-style passwd(5) files. i am not really clear on what
that means, but since i was just copying/pasting out of /etc/shadow i
thought that there would be no problem.
i was wrong. when i set tacacs to look at /etc/tacacs/tac_pass.cfg, no one
can authenticate. when i set tacacs to look at /etc/shadow, it works like
a charm.
like i said, the new password file is just the same info as in /etc/shadow
but only for relevant users. is something missing in order to this new
text file to be recognized as a unix style password file?
thanks! -cjm
More information about the LUG
mailing list