I am looking for solution to let user access a centos server cli using ssh, scp, ftp or sftp by getting authenticate over radius or tacacs plus protocol running on external server/device (like ACS/ISE).
1) local authentication should only work on user created locally in passwd like root.
2) All other user should be autheticate over radius or tacacs+. These user not suppose to be created on local centos server.
3) Selectvely radius or tacacs+ user should be controlled to read-only, limited-access to commands and full edit command access. (Probably using sudoers).
4) Capable to send accounting records, atleast login and log out details log.
5) Capable to handle 2k+ concurrent session of radius users.
Please help me with solution or any document to achieve these configuration which support to work.
Thanks in advance..
Support for security such as Firewalls and securing linux
1 post • Page 1 of 1