Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TACACs+

Does tacacs+ encprypt the whole session from logging and doing commands or does it only encrypt the login?

thanks,

gilbert

2 REPLIES
Cisco Employee

Re: TACACs+

Hi Gilbert,

TACACS+ encrypts the whole session.

Snippet from the the below url

--------

TACACS+ encrypts the entire body of the packet but leaves a standard TACACS+ header. Within the header is a field that indicates whether the body is encrypted or not. For debugging purposes, it is useful to have the body of the packets unencrypted. However, during normal operation, the body of the packet is fully encrypted for more secure communications.

------------

http://www.cisco.com/en/US/partner/tech/tk583/tk547/technologies_tech_note09186a0080094e99.shtml

Thanks,

yatin

Silver

Re: TACACs+

Hi Gilbert,

It encrypts the while session between the NAS ( router) and the tacacs+ server. If you want an unencrypted session, all you need to do is not defining the shared secret key. If you don't define shared secrect, there will not be any hashing involved between the NAS and the tacacs+ server.

Regards,

Mynul

317
Views
0
Helpful
2
Replies
CreatePlease login to create content