Unable to use certain combinations of characters in password for TACACS server

Users are unable to use combinations of \n , \t , \r , \’ , \” , \v , \f , etc… in passwords for TACACS server. These are interpreted as escape sequences.

The following log messages are related to a failure of TACACS negotiation:

These logs in traceoptions are generated when there is a escape sequence used in the secret-key or mismatch of key.

A RADIUS shared secret is a case-sensitive password used to validate communications between a RADIUS server such as Steel-Belted Radius Carrier, and a RADIUS client, such as a network access device. Steel-Belted Radius Carrier supports shared secrets of up to 127 alphanumeric characters, including spaces and the following special characters: ~ ! @ # $ % ^ & * ( ) _ + | \ = – ‘ { } [ ] : ” ‘ ; < > ? / . ,

The backwards slash character ‘\’ has special meaning in the C programming language. It begins what is called an “Escape sequence” and it is used to define certain special characters within string literals.

 Unable to use certain combinations of characters in password for TACACS server

Use “juniper\\n” in the RADIUS user configuration if “juniper\n” has been configured in the radius-server.

About the author

Prasanna

Leave a Comment