North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical


  • From: Alec H. Peterson
  • Date: Fri Apr 28 17:12:54 2000

Paul Froutan wrote:
> I don't think you can.  However, I use TACACS on all my switches and
> routers.  From what I know, TACACS passwords are encrypted using the key on
> your network devices and the TACACS server.  So, that, in combination with
> a private management LAN not accessible by your customers should lock down
> your network pretty effectively.  Any comments?

Using TACACS+ with some sort of one-time-passwording works very well.


Alec H. Peterson - [email protected]
Staff Scientist
CenterGate Research Group -
"Technology so advanced, even _we_ don't understand it!"