Ubuntu20.04下tacacs服务器安装

1、下载文件，最新的版本可以在这里看到（ftp://ftp.shrubbery.net/pub/tac_plus）

百度网盘https://pan.baidu.com/s/1z8pEHDrJW0kyuyYF6U0Jag，密码(r1r1)
sudo wget ftp://ftp.shrubbery.net/pub/tac_plus/tacacs-F4.0.4.28.tar.gz

2、使用apt-get软件包管理器安装了libwrap0-dev、flex和bison软件包。libwrap0-dev提供基于客户端主机名或IP地址的网络服务访问控制，而flex和bison是用于生成编程语言词法分析器和解析器的工具

sudo apt-get install libwrap0-dev flex bison

3、sudo tar -zxvf tacacs-F4.0.4.28.tar.gz

4、sudo ./configure

5、sudo make install

6、添加库路径,修改该文件如下所示：

sudo vi /etc/ld.so.conf
//改成下面这样
include /etc/ld.so.conf.d/*.conf
/usr/lib
//改完后退出，然后在命令行上执行下面这条语句
sudo ldconfig

7、创建配置文件，/etc/tacacs+/tac_plus.conf ，内容如下：

+ View Code?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98

#Make this a strong key,共享密钥 key = 12345678   #Am using local PAM which allows us to use local linux users, you can use any backend like Windows AD default authentication = file /etc/passwd    #Define groups that we shall add users to later  #In this example I have defined 2 groups support and unicorns and assign them respective privileges   #************************* #***USERS ACCOUNTS HERE*** #************************* # #将下面这样的用户需要添加到Linux里面，因为是使用linux自身的验证机制。 # user = master {         member = Network_Engineers    #组的配置 } user = node1 {         member = Field_Techs } user = node2 {         member = Managers }     #************************* #***   GROUPS HERE     *** #************************* group = Network_Engineers {         default service = permit    #这个选项是授权(Author)使用的         login = file /etc/passwd    #使用系统的用户名和密码验证机制         enable = file /etc/passwd }   #仅开放部分cmd group = Field_Techs {         default service = deny         login = file /etc/passwd         enable = file /etc/passwd         service = exec {         priv-lvl = 2         }         cmd = enable {                 permit .*         }         cmd = show {                 permit .*         }         cmd = do {                 permit .*         }         cmd = exit {                 permit .*         }         cmd = configure {                 permit terminal         }         cmd = interface {                 permit .*         }         cmd = shutdown {                 permit .*         }         cmd = no {                 permit shutdown         }         cmd = speed {                 permit .*         }         cmd = duplex {                 permit .*         }         cmd = write {                 permit memory         }         cmd = copy {                 permit running-config         } }   group = Managers {         default service = deny         login = file /etc/passwd         enable = file /etc/passwd         service = exec {         priv-lvl = 2         }         cmd = enable {                 permit .*         }         cmd = show {                 permit .*         }         cmd = exit {                 permit .*         } }

 8、执行程序

#重启tacacs_plus
sudo tac_plus -C /etc/tacacs+/tac_plus.conf -t -d 1
 
#查看log
tail -f /var/log/tac_plus.log
 
#添加用户
adduser master
adduser node1
adduser node2

9、