Page 1 of 1

Authenticate centos 7 user over Radius or tacacs plus protocol

Posted: 2019/09/19 18:57:21
by diwakar0304

I am looking for solution to let user access a centos server cli using ssh, scp, ftp or sftp by getting authenticate over radius or tacacs plus protocol running on external server/device (like ACS/ISE).

1) local authentication should only work on user created locally in passwd like root.
2) All other user should be autheticate over radius or tacacs+. These user not suppose to be created on local centos server.
3) Selectvely radius or tacacs+ user should be controlled to read-only, limited-access to commands and full edit command access. (Probably using sudoers).
4) Capable to send accounting records, atleast login and log out details log.
5) Capable to handle 2k+ concurrent session of radius users.

Please help me with solution or any document to achieve these configuration which support to work.

Thanks in advance..