[lug] passwd(5) files

Hugh Brown hugh at math.byu.edu
Mon Feb 5 16:42:03 MST 2001


I think the unix passwd(5) file is of the form of /etc/passwd except
with the passwords in it.

What are the permissions on /etc/tacacs/tac_pass.cfg?  Should probably
be 0400.

Hugh


charles at lunarmedia.net wrote:
> 
> this is a bit off the linux specific topic and staddles the cisco fence,
> but i think its a worthy topic.
> 
> i am setting up a small lab of router that are authenticating off of a
> linux server running tacacs+
> i have the users' passwords being checked against /etc/shadow for
> verification.
> 
> there are more users on the box than individuals needing to login to the
> routers, so i would like to create a separate password file for tacacs to
> look in for users. i am just including the required users in this file. i
> am building the file by pulling these users' entries from /etc/shadow and
> writing it to /etc/tacacs/tac_pass.cfg
> 
> the tacacs docs say that tacacs+ can use any text file that conforms to
> the rules of unix-style passwd(5) files. i am not really clear on what
> that means, but since i was just copying/pasting out of /etc/shadow i
> thought that there would be no problem.
> 
> i was wrong. when i set tacacs to look at /etc/tacacs/tac_pass.cfg, no one
> can authenticate. when i set tacacs to look at /etc/shadow, it works like
> a charm.
> 
> like i said, the new password file is just the same info as in /etc/shadow
> but only for relevant users. is something missing in order to this new
> text file to be recognized as a unix style password file?
> 
> thanks! -cjm
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug



More information about the LUG mailing list