Monday, August 12, 2019

.::: Install & Configuring Free Tacacs Plus with Linux Systems Users Authentication on RHEL/CentOS 7,8,9 :::.

Tacacs Plus is an identity management solutions with a protocol for AAA services such as , authentication, authorization, accounting. It is used as a centralized authentication and identity access management to network devices. It is the protocols for security that can provide a specific authorization and centralized access to particular user to work with network devices.

1. Download freetacacs +

wget http://li.nux.ro/download/nux/misc/el7/x86_64/tac_plus-4.0.4.26-1.el7.nux.x86_64.rpm
wget http://li.nux.ro/download/nux/misc/el7/x86_64/tac_plus-debuginfo-4.0.4.26-1.el7.nux.x86_64.rpm
wget http://li.nux.ro/download/nux/misc/el7/x86_64/tac_plus-devel-4.0.4.26-1.el7.nux.x86_64.rpm


2. Install tacacs on linux
[root@radius-teguht tacacs]# ls
tac_plus-4.0.4.26-1.el7.nux.x86_64.rpm  tac_plus-debuginfo-4.0.4.26-1.el7.nux.x86_64.rpm  tac_plus-devel-4.0.4.26-1.el7.nux.x86_64.rpm
[root@radius-teguht tacacs]# rpm -ivh tac_plus-*
warning: tac_plus-4.0.4.26-1.el7.nux.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 85c6cd8a: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:tac_plus-4.0.4.26-1.el7.nux      ################################# [ 33%]
   2:tac_plus-devel-4.0.4.26-1.el7.nux################################# [ 67%]
   3:tac_plus-debuginfo-4.0.4.26-1.el7################################# [100%]
[root@radius-teguht tacacs]#

3. Create user and password on linux
[root@radius-teguht tacacs]# useradd teguht
[root@radius-teguht tacacs]# useradd tom
[root@radius-teguht tacacs]# useradd jerry
[root@radius-teguht tacacs]# useradd noc
[root@radius-teguht tacacs]# passwd teguht
[root@radius-teguht tacacs]# passwd tom
[root@radius-teguht tacacs]# passwd jerry
[root@radius-teguht tacacs]# passwd noc

4. Configuring Tacacs Plus

[root@radius-teguht tacacs]# more /etc/tac_plus.conf
key = "TGH@123"
accounting file = /var/log/tac.acct
# authentication users not appearing elsewhere via
.........
## Groups Definition ##
group = netadmins {

default service = permit
login = PAM
service = exec {
priv-lvl = 15
}

}
group = guestusers {

default service = deny
login = PAM

service = exec {
priv-lvl = 15
}
cmd = show {
permit .*
}
cmd = exit {
permit .*
}
cmd = quit {
permit .*
}
cmd = end {
permit .*
}

}
## Users Definition ##

user = teguht {
member = netadmins
}

user = tom {
member = netadmins
}
user = jerry {
member = netadmins
}

user = noc {
member = guestusers
}
.......

[root@radius-teguht tacacs]#

5. Restart and enable tac_plus
[root@radius-teguht tacacs]# /etc/init.d/tac_plus start
[root@radius-teguht tacacs]# systemctl status tac_plus
[root@radius-teguht tacacs]# systemctl enable tac_plus

6. Testing login 

No comments:

Post a Comment

Popular Posts