-   Linux - Newbie (
-   -   how to generate DES key for using with tacacs+ in Fedora 8 (

cezaronne 09-26-2008 02:27 AM

how to generate DES key for using with tacacs+ in Fedora 8

I am trying to configure Tacacs+ in Fedora 8.The question is how do I generate the DES key for the user's password:

user = test {

default service = permit

login = des xxxxxxxx

expires = "Sep 1 2009 "

Any ideeas?


w3bd3vil 09-26-2008 04:46 AM

There should be an option in tacas+ to do that.

If not, you could use a program to build one yourself


use Crypt::DES;

my $key = pack("H16", "0123456789ABCDEF");
my $cipher = new Crypt::DES $key;
my $ciphertext = $cipher->encrypt("plaintex"); # NB - 8 bytes
print unpack("H16", $ciphertext), "\n";
Have a look here.

tikit 09-26-2008 07:30 AM


try using htpasswd utilily. It comes with apache2-utils package.

cezaronne 09-29-2008 05:44 AM

Thanks a lot.Acctually I manage to generate the des key with the generate_passwd utility after a long search .... 'generate_passwd is a program to des encrypt a password like Unix. It prompts for the password to encrypt. You can optionally supply a salt to verify a password.'

cachinho 10-25-2012 09:06 AM

Solution: use tac_pwd
Provided by: tacacs+_4.0.4.19-9_i386

tac_pwd - generate DES encryption of a password

tac_pwd [-eh] [salt]

tac_pwd prompts for a clear-text password and produces a DES encryption
of that password on stdout which may be used in lieu of the clear-text
representation in the tac_plus.conf(5).

The DES salt may be provide as a command-line argument.

-e Do not echo the plain-text password to the terminal.

-h Display help message.

All times are GMT -5. The time now is 10:11 AM.