[c-nsp] TACACS vs RADIUS

Jason 'XenoPhage' Frisvold xenophage at godshell.com
Mon Feb 27 20:01:29 EST 2012


On Feb 27, 2012, at 6:44 PM, Javier Henderson wrote:
> You also lose command accounting.
> 
> Another aspect to consider in the TACACS+ vs. RADIUS comparison is that with RADIUS only the password is encrypted, while with TACACS+ the whole payload is encrypted.

Hrm..  That's concerning..  Though if command accounting is lost, then only authentication packets are passed?  Either way, it sounds like I need to find a way to make TACACS work…

> Javier Henderson
> javier at cisco.com

---------------------------
Jason 'XenoPhage' Frisvold
xenophage at godshell.com
---------------------------
"Any sufficiently advanced magic is indistinguishable from technology."
- Niven's Inverse of Clarke's Third Law






More information about the cisco-nsp mailing list