Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
Smokeping_probes_TacacsPlus(3)	   SmokePing	Smokeping_probes_TacacsPlus(3)

NAME
       Smokeping::probes::TacacsPlus - a TacacsPlus authentication probe for
       SmokePing

OVERVIEW
       Measures	TacacsPlus authentication latency for SmokePing

SYNOPSIS
	*** Probes ***

	+TacacsPlus

	forks =	5
	offset = 50%
	passwordfile = /some/place/secret
	secretfile = /another/place/secret
	step = 300

	# The following	variables can be overridden in each target section
	authtype = CHAP
	mininterval = 1
	password = test-password
	pings =	5
	port = 49
	secret = test-secret
	timeout	= 5
	username = test-user # mandatory

	# [...]

	*** Targets ***

	probe =	TacacsPlus # if	this should be the default probe

	# [...]

	+ mytarget
	# probe	= TacacsPlus # if the default probe is something else
	host = my.host
	authtype = CHAP
	mininterval = 1
	password = test-password
	pings =	5
	port = 49
	secret = test-secret
	timeout	= 5
	username = test-user # mandatory

DESCRIPTION
       This probe measures TacacsPlus authentication latency for SmokePing.

       The username to be tested is specified in either	the probe-specific or
       the target-specific variable `username',	with the target-specific one
       overriding the probe-specific one.

       The password can	be specified either (in	order of precedence, with the
       latter overriding the former) in	the probe-specific variable
       `password', in an external file or in the target-specific variable
       `password'.  The	location of this file is given in the probe-specific
       variable	`passwordfile'.	See Smokeping::probes::passwordchecker(3pm)
       for the format of this file (summary: colon-separated triplets of the
       form `<host>:<username>:<password>')

       The TacacsPlus protocol requires	a shared secret	between	the server and
       the client.  This secret	can be specified either	(in order of
       precedence, with	the latter overriding the former) in the probe-
       specific	variable `secret', in an external file or in the target-
       specific	variable `secret'.  This external file is located by the
       probe-specific variable `secretfile', and it should contain whitespace-
       separated pairs of the form `<host> <secret>'. Comments and blank lines
       are OK.

       The default TacacsPlus authentication type is ASCII.  PAP and CHAP are
       also available.	See the	Authen::TacacsPlus documentation for more
       information;

       The probe tries to be nice to the server	and does not send
       authentication requests more frequently than once every X seconds,
       where X is the value of the target-specific "min_interval" variable (1
       by default).

VARIABLES
       Supported probe-specific	variables:

       forks
	   Run this many concurrent processes at maximum

	   Example value: 5

	   Default value: 5

       offset
	   If you run many probes concurrently you may want to prevent them
	   from	hitting	your network all at the	same time. Using the probe-
	   specific offset parameter you can change the	point in time when
	   each	probe will be run. Offset is specified in % of total interval,
	   or alternatively as 'random', and the offset	from the 'General'
	   section is used if nothing is specified here. Note that this	does
	   NOT influence the rrds itself, it is	just a matter of when data
	   acqusition is initiated.  (This variable is only applicable if the
	   variable 'concurrentprobes' is set in the 'General' section.)

	   Example value: 50%

       passwordfile
	   Location of the file	containing usernames and passwords.

	   Example value: /some/place/secret

       secretfile
	   A file containing the TacacsPlus shared secrets for the targets. It
	   should contain whitespace-separated pairs of	the form `<host>
	   <secret>'. Comments and blank lines are OK.

	   Example value: /another/place/secret

       step
	   Duration of the base	interval that this probe should	use, if
	   different from the one specified in the 'Database' section. Note
	   that	the step in the	RRD files is fixed when	they are originally
	   generated, and if you change	the step parameter afterwards, you'll
	   have	to delete the old RRD files or somehow convert them. (This
	   variable is only applicable if the variable 'concurrentprobes' is
	   set in the 'General'	section.)

	   Example value: 300

       Supported target-specific variables:

       authtype
	   The TacacsPlus Authentication type:ASCII(default), CHAP, PAP

	   Example value: CHAP

	   Default value: ASCII

       mininterval
	   The minimum interval	between	each authentication request sent, in
	   (possibly fractional) seconds.

	   Default value: 1

       password
	   The password	for the	user, if not present in	the password file.

	   Example value: test-password

       pings
	   How many pings should be sent to each target, if different from the
	   global value	specified in the Database section. Note	that the
	   number of pings in the RRD files is fixed when they are originally
	   generated, and if you change	this parameter afterwards, you'll have
	   to delete the old RRD files or somehow convert them.

	   Example value: 5

       port
	   The TacacsPlus port to be used

	   Example value: 49

	   Default value: 49

       secret
	   The TacacsPlus shared secret	for the	target,	if not present in the
	   secrets file.

	   Example value: test-secret

       timeout
	   Timeout in seconds for the TacacsPlus queries.

	   Default value: 5

       username
	   The username	to be tested.

	   Example value: test-user

	   This	setting	is mandatory.

AUTHORS
       Gary Mikula <g2ugzm@hotmail.com>

BUGS
       Not as yet....

2.6.11				  2017-07-08	Smokeping_probes_TacacsPlus(3)

NAME | OVERVIEW | SYNOPSIS | DESCRIPTION | VARIABLES | AUTHORS | BUGS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=Smokeping_probes_TacacsPlus&sektion=3&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help