|
|
- #
- # An example tac_plus configuration. You should change this
- # before using it.
- #
-
- # Define where to log accounting data, this is the default.
- accounting file = /var/log/tac_plus.acct
-
- # This is the key that clients have to use to access Tacacs+
- key = testing123
-
- # Use /etc/passwd file to do authentication
- #default authentication = file /etc/passwd
-
- # You can use feature like per host key with different enable passwords
- #host = 127.0.0.1 {
- # key = test
- # type = cisco
- # enable = <des|cleartext> enablepass
- # prompt = "Welcome XXX ISP Access Router \n\nUsername:"
- #}
-
- # We also can define local users and specify a file where data is stored.
- # That file may be filled using tac_pwd
- #user = test1 {
- # name = "Test User"
- # member = staff
- # login = file /etc/tacacs/tacacs_passwords
- #}
-
- # We can also specify rules valid per group of users.
- #group = group1 {
- # cmd = conf {
- # deny
- # }
- #}
-
- # Another example : forbid configure command for some hosts
- # for a define range of clients
- #group = group1 {
- # login = file /etc/passwd
- # service = ppp
- # protocol = ip {
- # addr = 10.10.0.0/24
- # }
- # cmd = conf {
- # deny .*
- # }
- #}
-
- user = DEFAULT {
- login = file /etc/passwd
- service = ppp protocol = ip {}
- }
-
- # Much more features are availables, like ACL, more service compatibilities,
- # commands authorization, scripting authorization.
- # See the man page for those features.
|
