[j-nsp] AAA Juniper using TACACS+

Kevin Blackham blackham at gmail.com
Mon Jun 25 00:46:56 EDT 2007


My tac_plus.conf:

key = "xxxxxxxxxxxxxxxxxx"
group = enabled {
        service = junos-exec { local-user-name = en }
}
user = rockstar {
        login = file /etc/passwd
        member = enabled
}
user = looking-glass { login = cleartext "xxxxxxxxxxx" }
user = newbie { login = file /etc/passwd }

JunOS snippet:

system {
    tacplus-server {
        x.x.x.x {
            secret "xxxxxxxxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA
            single-connection;
        }
    }
    login {
        message "\n\nUnauthorized users will be violated\n";
        user en {
            uid 60001;
            class super-user;
        }
}


More information about the juniper-nsp mailing list