Authenticate centos 7 user over Radius or tacacs plus protocol

Support for security such as Firewalls and securing linux
Post Reply
diwakar0304
Posts: 4
Joined: 2019/03/28 15:39:26

Authenticate centos 7 user over Radius or tacacs plus protocol

Post by diwakar0304 » 2019/09/19 18:57:21

Hi,

I am looking for solution to let user access a centos server cli using ssh, scp, ftp or sftp by getting authenticate over radius or tacacs plus protocol running on external server/device (like ACS/ISE).

1) local authentication should only work on user created locally in passwd like root.
2) All other user should be autheticate over radius or tacacs+. These user not suppose to be created on local centos server.
3) Selectvely radius or tacacs+ user should be controlled to read-only, limited-access to commands and full edit command access. (Probably using sudoers).
4) Capable to send accounting records, atleast login and log out details log.
5) Capable to handle 2k+ concurrent session of radius users.

Please help me with solution or any document to achieve these configuration which support to work.

Thanks in advance..

Post Reply