Tacacs validation
8 views
Skip to first unread message
Juraj Papic
Apr 12, 2018, 10:59:41 AM4/12/18
to Ansible Project
Hello,
I would like to know if there's any chance to configure ansible to validate user/pass via tacacs , instead of hard coding the user/pass.
I dont want to use vault.
Thanks.
I would like to know if there's any chance to configure ansible to validate user/pass via tacacs , instead of hard coding the user/pass.
I dont want to use vault.
Thanks.
Brian Coca
Apr 12, 2018, 11:35:21 AM4/12/18
to Ansible Project
Ansible does not really validate user/pass, the connection system is responsible for it, normally delegating it to the login system.
i.e ansible passes the info to ssh, sshd can delegate validation to login/pam.
----------
Brian Coca
Juraj Papic
Apr 12, 2018, 11:44:41 AM4/12/18
to ansible...@googlegroups.com
Hello Brian,
Thanks for that info, if I manage to configure the sshd to validate directly to the tacacas, do you this will fix the issue?
Juraj A. Papic
Arquitecto de Soluciones
Arias 1639/41. C1429DWA.
Bs. As., Argentina.
M. +54 911 3445-6944
Skype juraj.papic
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/5tvnUXSZ7bE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACVha7coO7wsdYfPn_fu2RE1oZo4RmEMikv06yYzeUyoxJAbQQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
BGH informa que todos los actos o hechos que se interpreten como contrarios a los principios establecidos por el Código de Ética y Conducta de la empresa, podrán ser denunciados en forma anónima, a través de nuestra Línea Ética. Teléfono: 0800-122-0459 | Fax: +54-11-4316-5800 | Email: lineae...@kpmg.com.ar | Correo Postal: Bouchard 710, 6to piso (1001), Buenos Aires, Argentina - Ref: Línea Ética BGH.
Brian Coca
Apr 12, 2018, 4:40:34 PM4/12/18
to Ansible Project
No entiendo la pregunta, pero si quieres, podemos usar Español para entendernos mejor.
--
----------
Brian Coca
Juraj Papic
Apr 12, 2018, 5:11:56 PM4/12/18
to ansible...@googlegroups.com
Genial,
Si puedo configura para que el sshd valide via tacacas, entonces Ansible podria hacer la validacion que necesito, ya que actualmente para un proyecto estoy buscando esta opcion .
saludos y gracias.
Juraj A. Papic
Arquitecto de Soluciones
Arias 1639/41. C1429DWA.
Bs. As., Argentina.
M. +54 911 3445-6944
Skype juraj.papic
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/5tvnUXSZ7bE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACVha7dbKGTBP2NLSzrWd9bOGPEAUZubuR1V9avDoem8SjKC8Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Brian Coca
Apr 12, 2018, 5:22:22 PM4/12/18
to Ansible Project
Como dije inicialmente, Ansible no hace la validación, pasa la información al conector y este as su vez lo pasa al sistema operativo, el cual valida el usuario y contraseña contra lo que esta configurado en la computadora.
Si puedes entrar con usuario y contraseña o certificado, Ansible lo usará del mismo modo que un usuario.
----------
Brian Coca
Juraj Papic
Apr 12, 2018, 5:27:42 PM4/12/18
to ansible...@googlegroups.com
El tema que yo no estoy usando Ansible para conectar a Servidores lo estoy usando para networking.
saludos y gracias.
Juraj A. Papic
Arquitecto de Soluciones
Arias 1639/41. C1429DWA.
Bs. As., Argentina.
M. +54 911 3445-6944
Skype juraj.papic
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/5tvnUXSZ7bE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACVha7cqpeirDudgD%3DN8gKzhwDNfctZNRR7u3eMvfpy6%3D5Si%3DQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Brian Coca
Apr 12, 2018, 5:32:08 PM4/12/18
to Ansible Project
Es lo mismo, simplemente son servidores mas especializados, en cuanto la autentificación, no hay diferencia
----------
Brian Coca
Juraj Papic
Apr 12, 2018, 5:34:36 PM4/12/18
to ansible...@googlegroups.com
muchas gracias, seguire buscando alguna forma.
saludos y gracias.
Juraj A. Papic
Arquitecto de Soluciones
Arias 1639/41. C1429DWA.
Bs. As., Argentina.
M. +54 911 3445-6944
Skype juraj.papic
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/5tvnUXSZ7bE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACVha7cEFGqqbqBBy8aYH530XYv-8VcPG5Y%3DexX1hFm4%2BykuWg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages