VMware + Ubuntu

I installed VMware Workstation on my new laptop so that I can test applications i develop on various platforms. The first one I decided to try on it was Ubuntu 8.04 which was just released a few days ago. The results were amazing. Not only did VMware perform exceedingly well on my system, the entire installation of Ubuntu took under 10 minutes to complete.

Once i rebooted the virtual OS, performance was on par with my native windows OS. There was no lagging or other issues I used to find in virtualization. And while I have always been a RHEL / CentOS guy, this latest release of Ubuntu is proving to be quite functional out of the box. Package management is a breeze with built-in tools for adding and removing applications from the online repositories. The other element that I appreciated is Ubuntu’s small disk footprint. It starts out with the essentials and allows you to add on as necessary and thus a standard desktop install only uses 2.4GB.

Will i be using VMware more now? Absolutely! Will Ubuntu replace my beloved RHEL and CentOS on my servers? Doubt it. While it proves to be a nice desktop environment, there is still more support for RPM based packages on the Red Hat architecture. But who knows, as Ubuntu becomes more and more popular on desktops it may one day overtake Red Hat as the dominant distribution for servers.

TACACS+

So I finally took the plunge and decided to implement TACACS+ at Dark Horse Networks as well as for my personal network. TACACS+ stands for “Terminal Access Controller Access-Control System” and can be used to authenticate users to Unix systems and more importantly Cisco equipment. This will remove the need to have user accounts on each individual device and provide central unified authentication.

In addition to authentication of users it also allows for authorizing a given user to different levels of access. For example: Alice may only have access to view the current configuration of a router, while Bob has access to change the configuration.

Finally, TACACS provides accounting. This allows central logging of all commands a user executes for auditing purposes. That way if “someone” happens to destroy your configuration on a device, you know who to hunt down.

Just to note… In case you are wondering what the difference is between TACACS and TACACS+, TACACS+ is a completely new protocol and is not compatible with the older TACACS protocol. TACACS+ was created by Cisco Systems. The specific implementation I will be using is usually referred to as “tac_plus” and is also the name of the daemon.

(more…)