[c-nsp] Error in tacacs

Brian McMahon brmcmaho at cabrillo.edu
Sat May 27 19:10:19 EDT 2006


On May 27, 2006, at 07:50, Jorge Evangelista wrote:

> I have been setting up a Tacacs Server, but I can not log in to
> router, I have a problem with authentication, I am not sure if this
> problem is in the server or router.
> I have put correct time and date and router and server.
>
> User Access Verification
> Username: jorgee
> Password:
> Password has expired
[...]
> In my tac_plus.cfg  I have put for user jorgee
>  user = jorgee {
>         default service = permit
>         login = file /etc/shadow
>         }

What happens when you SSH or telnet into the host (the one whose /etc/ 
shadow you're authenticating against) directly?  If you can get in,  
try changing jorgee's password to something new, and see if the  
problem disappears.  "Password has expired" suggests to me that,  
well, your password has expired.  Lots of Unixoid systems these days  
support some kind of password lifetime security feature.

-- 
Brian McMahon <brian dot mcmahon at cabrillo dot edu>
Computer Networking and System Administration Instructor
Cabrillo College, Aptos, California




More information about the cisco-nsp mailing list