Installation

Install tacacs+ server:

sudo apt-get install tacacs+

Install tacacs+ client:

sudo pip install tacacs_plus

TACACS+ Server Configuration

For example, you want to create a tacacs configuraiton for this account admin/123456 with the shared secret key is: test.

1. Use tac_pwd (which is installed by above tacacs+ package) to encrypt clear text passwords to make it more secure:

$ tac_pwd
Password to be encrypted: 123456
VFj4MGmISJNmE

2. Configure the tac_plus.conf file with this minimum configuration:

$ sudo vi /etc/tacacs+/tac_plus.conf

#tacacs key
key = "test"

#user details
user = admin {
    login = des VFj4MGmISJNmE
}

3. Restart the tacacs+ server to apply.

sudo /etc/init.d/tacacs_plus restart

Verify using TACACS Client Tool

For example, you want to test above TACACS configuraiton under the same server

$ tacacs_client -v -u admin -H 127.0.0.1 -k test authenticate
password for admin: <Enter 123456>
status: PASS

$ tacacs_client -v -u admin -H 127.0.0.1 -k test authenticate
password for admin: <Enter blablalba>
status: FAIL

That's it.

Reference

• https://github.com/ansible/tacacs_plus
• https://blog.marquis.co/configuring-tacacs-server-on-ubuntu-14-04lts/
• http://freelinuxtutorials.com/tutorials/installation-setup-of-free-tacacs-server-in-linux/