Abstract interface to .tacacsrc credentials file.
Designed to interoperate with the legacy DeviceV2 implementation, but provide a reasonable API on top of that. The name and format of the .tacacsrc file are not ideal, but compatibility matters.
Fetch the password for a device/realm or create a new entry for it. If device is not passed, settings.DEFAULT_REALM is used, which is default realm for most devices.
Parameters: | device – Realm or device name to updated |
---|
Prompt for username, password and return them as Credentials namedtuple.
Parameters: |
|
---|
Converts old .tacacsrc to new .tacacsrc.gpg.
Update the credentials for a given device/realm. Assumes the same username that is already cached unless it is passed.
This may seem redundant at first compared to Tacacsrc.update_creds() but we need this factored out so that we don’t end up with a race condition when credentials are messed up.
Returns True if it actually updated something or None if it didn’t.
Parameters: |
|
---|
Encrypts, decrypts and returns credentials for use by network devices and other tools.
Pass use_gpg=True to force GPG, otherwise it relies on settings.USE_GPG_AUTH
*_old functions should be removed after everyone is moved to the new system.
Update username/password for a realm/device and set self.creds_updated bit to trigger .write().
Parameters: |
|
---|
Checks if user has .gnupg directory and .tacacsrc.gpg file.
Writes .tacacsrc(.gpg) using the accurate method (old vs. new).