nanog mailing list archives

Re: The state of TACACS+

From: Saku Ytti <saku () ytti fi>
Date: Mon, 30 Dec 2013 15:59:48 +0200

On (2013-12-30 08:49 -0500), Christopher Morrow wrote:

Nor accounting...


I think this is probably sufficient justification for TACACS+. I'm not sure if
command authorization is sufficient, as you can deliver group via radius which
maps to authorized commands.
But if you must support accounting, per-command authorization comes as free
gift more or less.

-- 
  ++ytti

Current thread:

The state of TACACS+ Robert Drake (Dec 30)
- Re: The state of TACACS+ Jonathan Lassoff (Dec 30)
- Re: The state of TACACS+ Saku Ytti (Dec 30)
  - Re: The state of TACACS+ Christopher Morrow (Dec 30)
    - Re: The state of TACACS+ Christopher Morrow (Dec 30)
    - Re: The state of TACACS+ Saku Ytti (Dec 30)
    - Re: The state of TACACS+ cb.list6 (Dec 30)
    - Re: The state of TACACS+ Christian Kratzer (Dec 30)
    - Re: The state of TACACS+ Javier Henderson (Dec 30)
    - Re: The state of TACACS+ Jimmy Hess (Dec 30)
    - Re: The state of TACACS+ Javier Henderson (Dec 30)
    - Re: The state of TACACS+ Jimmy Hess (Dec 30)