Acronym for Terminal Access Controller Access Control System.
Described in RFC:1492.
xtacacsd is an extended TACACS server (for Cisco network devices) which authenticates users logging onto a terminal server (or any host which cares to query the server). It uses the standard password file (/etc/passwd) by default, or an alternate list of password files.
This program can be used to authenticate users when they try to access a terminal server (Cisco terminal servers support this option). The server can log information about all queries coming to the server using syslog(2). It is meant to be invoked by inetd(8) but can be run from a terminal in standalone mode if desired. In this mode, it writes all errors to the controlling terminal. It the -d option is specified on the command line (along with -s), it will not fork so all debug messages and errors will be printed on the stderr.
The server expects a username and password to be supplied in the query packet recieved from the terminal servers. This username and password are authenticated by searching in the password file(s). (The default is /etc/passwd but up to five alternate filenames can be specified). If it cannot find a match in any of the password files, it sends an authentication failure reply to the query (unless the quiet option is specified in which case no negative response will be sent).