Security

Reply
Highlighted
Contributor I

TACACS+ and hashed passwords in external MS SQL database

It seems that CPPM ignores the password type of an external MSSQL authentication source when using TACACS+ as authentication method.

The same authentication source works fine when using Radius as authentication method.

 

We are trying to perfom an administrators authentication to a router via TACACS+. The credentials are stored in a MSSQL database with MD5(same applies to SHA and SHA265) hashed password:

When authenticating with username and password - the authentication fails

When authentication with username and password-hash - the authentication is successfull

 

It seems no matter which password type is configured in CPPMs authentication source, the CPPM handles it like a cleartext password.

 

Is this expected or does anyone have an idea how we can use hashed passwords an do the tacacs+ authentication?

 

 

Aruba Partner Ambassador | ACMP | ACCX #932
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: