https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4652570#M576242 <P>The kudos go to Luiz Lima, who developed the TACACS+ <A href="https://www.nixcraft.com/t/ubuntu-server-20-04-installing-tacacs/3452" target="_self">docker container</A>, which I tried to use. The RC was typo in copy paste, which created mismatch between Tacacs configuration key and the key supplied in the command line. The configuration contained line "key = tacacs123" and CLI "-k testing 123". Once command line corrected I got expected result:</P> <PRE>$ tacacs_client -v -H 127.0.0.1 -p 55005 -k tacacs123 -u tacadmin authenticate --password password<BR />status: PASS</PRE> <P>Yan&nbsp;</P> Mon, 18 Jul 2022 22:46:14 GMT ygorelik 2022-07-18T22:46:14Z https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4651321#M576201 <P>I am trying to use <A href="https://hub.docker.com/r/llima3000/tacplus" target="_self">Tacacs+ docker container</A> with Mac as a docker host. It starts the container fine although I had to add -P option to map docker exposed port 49 to some local host port. The tac_plus server seems running fine:</P> <PRE><A class="anchor" href="https://www.nixcraft.com/t/ubuntu-server-20-04-installing-tacacs/3452/9#ps-ef-grep-tac-1" name="ps-ef-grep-tac-1" target="_blank"></A>$ ps -ef | grep tac<BR />root 1 0 0 16:48 pts/0 00:00:00 /bin/sh -c service tacacs_plus restart &amp;&amp; bash<BR />root 29 1 0 16:48 pts/0 00:00:00 /usr/sbin/tac_plus -C /etc/tacacs+/tac_plus.conf<BR />root 51 43 0 16:49 pts/1 00:00:00 grep tac</PRE> <PRE><A class="anchor" href="https://www.nixcraft.com/t/ubuntu-server-20-04-installing-tacacs/3452/9#service-tacacs_plus-status-2" name="service-tacacs_plus-status-2" target="_blank"></A>$ service tacacs_plus status<BR />Checking status of TACACS+ authentication daemon tacacs+ [ OK ]</PRE> <P>Unfortunately the Tacacs+ client from Python package <EM>tacacs-plus</EM> returns some encrypted values:</P> <PRE>$ tacacs_client -v -H 127.0.0.1 -p 55005 -k testing123 -u tacadmin authenticate --password password<BR />status: UNKNOWN: 215<BR />server_msg: b’T\x17#\x0c\xed\x8d[<SPAN class="hashtag">#jE</SPAN>\xc2\xdb4\xeev\xcb\xfa\x95&amp;\x96\xf6\xed\xf4[\x9aOP\x0c\xb8[\xd6D\xc2\xc2\x01\x08h\xea!\xda\xf8\xfe\xd9V;$c\xcd\x15z\xac\x1f\x0e’<BR />flags: 166</PRE> <P>And the tac_plus server does not create any logs, which makes it difficult to understand, what is going wrong. Do you have any suggestions, how I can overcome these issues?</P> <P>Yan</P> Fri, 15 Jul 2022 17:31:28 GMT https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4651321#M576201 ygorelik 2022-07-15T17:31:28Z https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4651325#M576202 <P>Does this have anything to do with any Cisco products?&nbsp; Identity Services Engine?</P> Fri, 15 Jul 2022 17:43:07 GMT https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4651325#M576202 ahollifield 2022-07-15T17:43:07Z https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4651391#M576208 <P>As I know, the Tacacs is Cisco developed product and ISE based on it.</P> Fri, 15 Jul 2022 19:05:21 GMT https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4651391#M576208 ygorelik 2022-07-15T19:05:21Z https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4651611#M576215 <P>Although ISE provides T+ protocol, it is definitely not the same as the one you tried to run from the docker container, which has no clear info of sources and support.</P> <P>If you would like to try ISE, please contact us directly.</P> Sun, 17 Jul 2022 00:40:38 GMT https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4651611#M576215 hslai 2022-07-17T00:40:38Z https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4652570#M576242 <P>The kudos go to Luiz Lima, who developed the TACACS+ <A href="https://www.nixcraft.com/t/ubuntu-server-20-04-installing-tacacs/3452" target="_self">docker container</A>, which I tried to use. The RC was typo in copy paste, which created mismatch between Tacacs configuration key and the key supplied in the command line. The configuration contained line "key = tacacs123" and CLI "-k testing 123". Once command line corrected I got expected result:</P> <PRE>$ tacacs_client -v -H 127.0.0.1 -p 55005 -k tacacs123 -u tacadmin authenticate --password password<BR />status: PASS</PRE> <P>Yan&nbsp;</P> Mon, 18 Jul 2022 22:46:14 GMT https://community.cisco.com/t5/network-access-control/tacacs-docker-container-returns-encrypted-response/m-p/4652570#M576242 ygorelik 2022-07-18T22:46:14Z