You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58 lines
1.4 KiB
58 lines
1.4 KiB
#
|
|
# An example tac_plus configuration. You should change this
|
|
# before using it.
|
|
#
|
|
|
|
# Define where to log accounting data, this is the default.
|
|
accounting file = /var/log/tac_plus.acct
|
|
|
|
# This is the key that clients have to use to access Tacacs+
|
|
key = testing123
|
|
|
|
# Use /etc/passwd file to do authentication
|
|
#default authentication = file /etc/passwd
|
|
|
|
# You can use feature like per host key with different enable passwords
|
|
#host = 127.0.0.1 {
|
|
# key = test
|
|
# type = cisco
|
|
# enable = <des|cleartext> enablepass
|
|
# prompt = "Welcome XXX ISP Access Router \n\nUsername:"
|
|
#}
|
|
|
|
# We also can define local users and specify a file where data is stored.
|
|
# That file may be filled using tac_pwd
|
|
#user = test1 {
|
|
# name = "Test User"
|
|
# member = staff
|
|
# login = file /etc/tacacs/tacacs_passwords
|
|
#}
|
|
|
|
# We can also specify rules valid per group of users.
|
|
#group = group1 {
|
|
# cmd = conf {
|
|
# deny
|
|
# }
|
|
#}
|
|
|
|
# Another example : forbid configure command for some hosts
|
|
# for a define range of clients
|
|
#group = group1 {
|
|
# login = file /etc/passwd
|
|
# service = ppp
|
|
# protocol = ip {
|
|
# addr = 10.10.0.0/24
|
|
# }
|
|
# cmd = conf {
|
|
# deny .*
|
|
# }
|
|
#}
|
|
|
|
user = DEFAULT {
|
|
login = file /etc/passwd
|
|
service = ppp protocol = ip {}
|
|
}
|
|
|
|
# Much more features are availables, like ACL, more service compatibilities,
|
|
# commands authorization, scripting authorization.
|
|
# See the man page for those features.
|