Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 

Viewing the Current TACACS+ Configuration

To read the current TACACS+ configuration, use the following command

[ctp_cmd@gluon_50 ~ 7]> syscfg -r -u tacplus_cfg
    SIP10.0.0.0:SSnone:TO5:ST0:RP49:OLF1:RF1
    [ctp_cmd@gluon_50 ~ 8]>

Using the above help, the commands will be issued with the following set up:

First TACACS+ server IP:		1.2.3.4
First TACACS+ shared secret IP:		secret
Timeout period:				15
Enable TACACS+:				Yes
TACACS+ server port:			49
Offline Failover:			No
Reject Failover:			No
Second TACACS+ server IP:		1.2.3.5
Second TACACS+ shared secret IP:	secret1
Third TACACS+ server IP:		1.2.3.6
Third TACACS+ shared secret IP:		secret2

    [ctp_cmd@gluon_50 ~ 8]> syscfg -s -u tacplus_cfg -v "SIP1.2.3.4:SSsecret:TO15:ST1:RP49:OLF0:RF0:N1SIP1.2.3.5:N1SSsecret1:N2SIP1.2.3.6:N2SSsecret2"
    Stopping sshd:                                             [  OK  ]
    Starting sshd:                                             [  OK  ]
    [ctp_cmd@gluon_50 ~ 4]> syscfg -r -u tacplus_cfg
    SIP1.2.3.4:SSsecret:TO15:ST1:RP49:OLF0:RF0:N1SIP1.2.3.5:N1SSsecret1:N2SIP1.2.3.6:N2SSsecret2
    [ctp_cmd@gluon_50 ~ 5]>

Note that, when I read back the config string, it comes back exactly as configured, which is a good way to verify that the configuration was accepted.

At this point, if you want to keep the configuration, but disable TACACS+, all you need to do is read the config, set ST1 to ST0, and write it back.

Modified: 2015-11-17