Contributor I

TACACS+ and hashed passwords in external MS SQL database

It seems that CPPM ignores the password type of an external MSSQL authentication source when using TACACS+ as authentication method.

The same authentication source works fine when using Radius as authentication method.


We are trying to perfom an administrators authentication to a router via TACACS+. The credentials are stored in a MSSQL database with MD5(same applies to SHA and SHA265) hashed password:

When authenticating with username and password - the authentication fails

When authentication with username and password-hash - the authentication is successfull


It seems no matter which password type is configured in CPPMs authentication source, the CPPM handles it like a cleartext password.


Is this expected or does anyone have an idea how we can use hashed passwords an do the tacacs+ authentication?



Aruba Partner Ambassador | ACMP | ACCX #932
Search Airheads
Showing results for 
Search instead for 
Did you mean: