[lug] passwd(5) files

charles at lunarmedia.net charles at lunarmedia.net
Mon Feb 5 17:05:15 MST 2001


you nailed it. once i rewrote the tac_pass.cfg to match the /etc/passwd
format, everything fell into place.


On Mon, 5 Feb 2001, Hugh Brown wrote:

> I think the unix passwd(5) file is of the form of /etc/passwd except
> with the passwords in it.
>
> What are the permissions on /etc/tacacs/tac_pass.cfg?  Should probably
> be 0400.
>
> Hugh
>
>
> charles at lunarmedia.net wrote:
> >
> > this is a bit off the linux specific topic and staddles the cisco fence,
> > but i think its a worthy topic.
> >
> > i am setting up a small lab of router that are authenticating off of a
> > linux server running tacacs+
> > i have the users' passwords being checked against /etc/shadow for
> > verification.
> >
> > there are more users on the box than individuals needing to login to the
> > routers, so i would like to create a separate password file for tacacs to
> > look in for users. i am just including the required users in this file. i
> > am building the file by pulling these users' entries from /etc/shadow and
> > writing it to /etc/tacacs/tac_pass.cfg
> >
> > the tacacs docs say that tacacs+ can use any text file that conforms to
> > the rules of unix-style passwd(5) files. i am not really clear on what
> > that means, but since i was just copying/pasting out of /etc/shadow i
> > thought that there would be no problem.
> >
> > i was wrong. when i set tacacs to look at /etc/tacacs/tac_pass.cfg, no one
> > can authenticate. when i set tacacs to look at /etc/shadow, it works like
> > a charm.
> >
> > like i said, the new password file is just the same info as in /etc/shadow
> > but only for relevant users. is something missing in order to this new
> > text file to be recognized as a unix style password file?
> >
> > thanks! -cjm
> >
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>




More information about the LUG mailing list