TACACS

From Wikipedia, the free encyclopedia

This article does not cite any references or sources. (February 2008)
Please help improve this article by adding citations to reliable sources. Unverifiable material may be challenged and removed.

Terminal Access Controller Access-Control System (TACACS) is a remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network.

TACACS allows a client to accept a username and password and send a query to a TACACS authentication server, sometimes called a TACACS daemon or simply TACACSD. This server was normally a program running on a host. The host would determine whether to accept or deny the request and send a response back. The TIP (routing node accepting dial-up line connections, which the user would normally want to log in into) would then allow access or not, based upon the response. In this way, the process of making the decision is "opened up" and the algorithms and data used to make the decision are under the complete control of whoever is running the TACACS daemon.

A later version of TACACS introduced by Cisco in 1990 was called XTACACS (extended TACACS). These two versions have generally been replaced by TACACS+ and RADIUS in newer or updated networks. TACACS+ is a completely new protocol and is therefore not compatible with TACACS or XTACACS.

TACACS is defined in RFC 1492, and uses (either TCP or UDP) port 49 by default.

Software implementations: