[tac_plus] Tac Plus Auth Error with IOS 16
Andrew Villano
andrew.villano at gmail.com
Tue Nov 21 23:49:35 UTC 2017
Fedora 26
On Nov 21, 2017 6:48 PM, "heasley" <heas at shrubbery.net> wrote:
Tue, Nov 21, 2017 at 06:35:39PM -0500, Andrew Villano:
> I'm using file authentication, it should be reading directly from
> /etc/passwd . The password does not contain quotes.
Then this would be a problem with your system libraries or whatever you
used to create the password hash. because tacacs should be using the
system lib to read the file. what is the o/s?
> On Nov 21, 2017 5:49 PM, "heasley" <heas at shrubbery.net> wrote:
>
> > Tue, Nov 21, 2017 at 05:28:51PM -0500, Andrew Villano:
> > > Certain special characters (I've noticed [ @; ] ) are not tolerated
as a
> > > user password in tac_plus.conf . When I change the system password for
> > > rancid [user] (which tac_plus.conf reads from) to something without
> > special
> > > characters (eg. [A-z0-9] ), i'm able to login without a problem. It
can't
> > > be rancid [application] either because I get consistent experiences
with
> > > interactive ssh login.
> >
> > have you quoted those? "foo at bar:"
> >
> > > On Tue, Nov 21, 2017 at 5:00 PM, heasley <heas at shrubbery.net> wrote:
> > >
> > > > Tue, Nov 21, 2017 at 03:25:06PM -0500, Andrew Villano:
> > > > > Found the problem. Special characters are not tolerated in
passwords.
> > > >
> > > > in do_auth? not sure what you mean by special characters; be more
> > > > specific.
> > > >
> >
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20171121/1e58ffad/attachment.html>
More information about the tac_plus
mailing list