headers
Remy Heiden | 2 Jun 2010 02:02
Picon

[rancid] Re: New device on .cloginrc

Please check that the user and vty-password resemble the ones known to the RADIUS server.

Regards,
Remy


On Fri, Apr 16, 2010 at 10:44 PM, Wagner Pereira <wpereira <at> pop-sp.rnp.br> wrote:
Mickael,

Yes, my .cloginrc is exactly like the below (omitting all the real
values, obviously):

add password 10.0.0.2 {vty passwd} {enable passwd}
add user 10.0.0.2 user
add userprompt 10.0.0.2 {"Username:"}
add passprompt 10.0.0.2 {"Password:"}
add method 10.0.0.2 {ssh} {telnet}
add enableprompt 10.0.0.2 {"Password:"}
add cyphertype 10.0.0.2 {3des}

I already have another device rancid'ing perfectly, that means my
.cloginrc lines are correctly written, since I declared it at the same
way that the above.

Hugs,

--

Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901


Em 16/4/2010 11:09, Mickael GARNIER escreveu:
> Hi,
>
> do you have a 'add user' entry in your .cloginrc ?
>
> it should be like :
> add user<host>  <user>
> add password<host>  <password>  <enable-password>
> add method<host>   ssh
>
> MG
>
>
> Le 16/04/2010 15:46, Drikus Brits a écrit :
>
>> Hi,
>>
>> The root user is most likely because clogin is being executed as the root user, ie: you're logged in as root when you try to clogin into your router.
>>
>> Hope this helps,
>>
>> Drikus.
>>
>> -----Original Message-----
>> From: rancid-discuss-bounces <at> shrubbery.net [mailto:rancid-discuss-bounces <at> shrubbery.net] On Behalf Of Wagner Pereira
>> Sent: 16 April 2010 03:40 PM
>> Cc: Rancid Mailing List
>> Subject: [rancid] Re: New device on .cloginrc
>>
>> Ryan,
>>
>> When I try to connect to my device using /home/rancid/bin/clogin, this
>> is what I get:
>>
>> --------------------
>> spawn ssh -c 3des -x -l root 10.0.0.2
>> root <at> 10.0.0.2's password:
>> --------------------
>>
>> But, there is no root user written in my .cloginrc file.
>>
>> Where does this root user should come from?
>>
>> Hugs,
>>
>>
>>
> Post-scriptum La Poste
>
> Ce message est confidentiel. Sous reserve de tout accord conclu par
> ecrit entre vous et La Poste, son contenu ne represente en aucun cas un
> engagement de la part de La Poste. Toute publication, utilisation ou
> diffusion, meme partielle, doit etre autorisee prealablement. Si vous
> n'etes pas destinataire de ce message, merci d'en avertir immediatement
> l'expediteur.
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss <at> shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 0 comments |
headers
Ben O'Hara | 3 Jun 2010 14:24
Picon
Favicon

[rancid] patch for mrvrancid

Hi,

We recently started using rancid with some MRV LambdaDriver 800P.

Using the 'mrv' in rancid works great, it pulls the configs down etc but we were being mailed for diffs in a
couple of things that wernt really changing.  voltages, temprature and uptime.

The attached patch skips these during the diff so you dont hear about them changing on every run.

Could you add this to rancid?

Cheers
Ben
Attachment (mrvrancid.patch): application/octet-stream, 646 bytes

--

-- 
Ben O'Hara                        RIPE Network Coordination Center
Systems Engineer                         Singel 258, Amsterdam, NL
http://www.ripe.net                                +31 20 535 4444
PGP Fingerprint: 080A 52FF BF0A A7FB F176 E7DB 513D 9A3D E968 7DBC


_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 0 comments |
headers
Rhys Evans | 8 Jun 2010 18:36
Picon

[rancid] Re: Rancid support for Brocade switches

Hi

Was there ever a copy of this script released?

Thanks

Rhys Evans
Technical Consultant

| Redblade Ltd | Tel: +44 (0)845 094 2389 | Fax: +44 (0)20 7735 1555 | Southbank House, Vauxhall |
www.redblade.co.uk |

-----Original Message-----
From: rancid-discuss-bounces <at> shrubbery.net [mailto:rancid-discuss-bounces <at> shrubbery.net] On
Behalf Of Stephen Flanagan
Sent: 05 March 2010 12:37
To: 'R.Epping <at> meteo.nl'; 'rancid-discuss <at> shrubbery.net'
Subject: [rancid] Re: Rancid support for Brocade switches

Absolutely, its really holding thing back.
Thanks

--------------------------------------
This message has been transmitted from a mobile device.  If you are not the intended recipient please notify
sender and discard message.  Thank you, Juma Corp IT Department.

----- Original Message -----
From: rancid-discuss-bounces <at> shrubbery.net <rancid-discuss-bounces <at> shrubbery.net>
To: rancid-discuss <at> shrubbery.net <rancid-discuss <at> shrubbery.net>; NMaio <at> guesswho.com <NMaio <at> guesswho.com>
Sent: Fri Mar 05 07:04:12 2010
Subject: [rancid]   Re: Rancid support for Brocade switches

Hi,

Tue Jan 26 22:12:55 UTC 2010 nmaio <at> guesswho.com wrote:
> Yes I did but I modified a script do just do a cfgshow and
> configshow.  Would you like a copy?
> It only works with OS versions that don't paginate the output.

I'm interested too. Would it be possible to share your copy
with this list?

THNX && GRTNX,
RobJE
--
Home is near Enter. ((c) RonA)
========================================================================
Tel:    +31 - 317 - 399800                 s-mail: P.O. box 617
Fax:    +31 - 317 - 423164                         6700 AP Wageningen
MailTo: r.epping <at> meteo.nl                     WWW: http://www.meteo.nl/

--

This e-mail is from Meteo Consult B.V., a MeteoGroup company. For more information, see http://www.weer.nl/gebruiksvoorwaarden.

This e-mail may contain confidential information. Only the addressee is permitted to read, copy,
distribute or otherwise use this e-mail or any attachments. If you have received it in error, please
contact the sender immediately. Any opinion expressed in this e-mail is personal to the sender and may not
reflect the opinion of MeteoGroup.

Any e-mail reply to this address may be subject to interception or monitoring for operational reasons or
for lawful business practices.
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

Redblade Ltd is a Company Limited by Guarantee, registered in England, no: 5821834
Registered Office: Southbank House, Black Prince Road, Vauxhall, London, SE1 7SJ

This email and its content are subject to the disclaimer as displayed at the following link http://www.redblade.co.uk/disclaimer.htm

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 0 comments |
headers
Aleksey P | 8 Jun 2010 16:53
Picon

[rancid] Not working rancid with Cisco without enable.

Hello. I can't understand why rancid didn't work with Cisco Routers (Switches) without enable password!?
OS - FreeBSD
Here some of config:
/usr/local/libexec/rancid]# vi /usr/local/etc/rancid/.cloginrc
# THIS IS FOR CISCO
add noenable 172.16.2.2 1
#add autoenable 172.16.2.2 1
add user 172.16.2.2 username
add password 172.16.2.2 password
add method 172.16.2.2 ssh

Trying /usr/local/libexec/rancid/clogin -t 90 -c"show configuration" 172.16.2.2
All work just fine - no enable promt - show configuration - that is all we need:

 /usr/local/libexec/rancid/clogin -t 90 -c"show configuration" 172.16.2.2
172.16.2.2
spawn ssh -c 3des -x -l username 172.16.2.2
username <at> 172.16.2.2's password:

Router>
Router>terminal length 0
Router>>show configuration
...
here we see our config
...
end

Router>exit
Connection to 172.16.2.2 closed.

But if i run rancid-run in my logs i will see:

Trying to get all of the configs.
172.16.2.2: missed cmd(s): show configuration
172.16.2.2: End of run not found
!
=====================================
Getting missed routers: round 1.
172.16.2.2: missed cmd(s): show configuration
172.16.2.2: End of run not found

I can't understand why it works like this.
Help me if u can :)

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 11 comments |
headers
Julian Salmeron | 9 Jun 2010 09:56
Picon

[rancid] Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command)

Hi all.

First of all, hi everybody, it's the first time I post in this list but I've been long time reading all of you and learning with you.

I have a strange situation with a Cisco device where I have to login as normal user , then type the "enable 7" command to enter in level 7 and then type "show startup config" instead of "show running config".
So I have to modify some of the rancid scripts (clogin, rancid and maybe some more), and that's my problem...I don't know how to do that and I'm not sure which scripts I have to modify.

If you could give me a hand on it, I'll thanks to you a lot.

Thanks in advanced.
Julian

(Sorry for my poor English, I'm Spanish and my English is a bit strong) :P


_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 4 comments |
headers
Steve Ousley | 9 Jun 2010 19:46
Picon
Favicon

[rancid] Re: changes in <group> routers

Hi John

It seems that I've deleted the source for Rancid at some point.  Would there be any other place that this would
be set? Somewhere in the Rancid etc or var folder maybe?

Steve Ousley
steve <at> host-it.co.uk

Nuco Technologies Ltd
Unit 1 - Northampton Science Park - Kings Park Road - Moulton Park - Northampton -
England - NN3 6LG
TEL: (0844) 745 1300 FAX: (0844) 745 1303
Skype: nucotech-support
WEB: www.host-it.co.uk

www.nucotechnologies.com - www.computalynx.net - www.northampton.it
----------------------------------------------------------------
IMPORTANT - The information transmitted in this email is
intended only for the person or entity to which it is addressed
and may contain confidential and/or privileged material. Any
review, retransmission, dissemination or other use of, or taking
of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited.
If you received this in error, please delete this email and
inform domainadministrator <at> host-it.co.uk immediately
----------------------------------------------------------------

Nuco Technologies Ltd is a company registered in England and Wales with company number 04470751

(14)

-----Original Message-----
From: john heasley [mailto:heas <at> shrubbery.net] 
Sent: 28 May 2010 22:54
To: Steve Ousley
Cc: rancid-discuss <at> shrubbery.net
Subject: Re: [rancid] changes in <group> routers

Fri, May 28, 2010 at 01:43:48PM +0100, Steve Ousley:
> What I did notice was that there was an email generated for each group stating a list of routers who's status
had changed to down, the list, however, consisted of no routers.
> 
> I thought this was maybe an oddity as it was the first run of rancid since the update, so ignored it.
> 
> Now, after it's scheduled run, I get the email again.
> 
> Literally the entire contents of the email is:
> 
> 
> "Routers changed to down:"
> 
> Does anyone have any ideas why seemingly the upgrade to Lenny could have caused this?

this is most likely the configure script or the PATH in rancid.conf winding-up
with arguments for diff that it doesnt like.  see DIFF_CMD in the config.status
file that was generated by configure.
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 0 comments |
headers
john heasley | 9 Jun 2010 21:10

[rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command)

Wed, Jun 09, 2010 at 09:56:21AM +0200, Julian Salmeron:
> I have a strange situation with a Cisco device where I have to login as
> normal user , then type the "enable 7" command to enter in level 7 and then
> type "show startup config" instead of "show running config".
> So I have to modify some of the rancid scripts (clogin, rancid and maybe
> some more), and that's my problem...I don't know how to do that and I'm not
> sure which scripts I have to modify.

clogin/*login does not have a way to alter the enable command.  afaik, other
commands will fail at lower privilege levels, so i'm not inclined to add the
feature now.

you'd have to create a clogin, rancid, and device type with new names;
example, clogin7, rancid7, cisco7 (rancid-fe script).  change rancid7
to use clogin7, change clogin7 to use the right enable command, add the
cisco7 type to rancid-fe, and change your router.db for the device to be
the cisco7 device type.

> (Sorry for my poor English, I'm Spanish and my English is a bit strong) :P

your english is fine.
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 3 comments |
headers
Jethro R Binks | 9 Jun 2010 21:57
Picon
Picon
Favicon
Gravatar

[rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command)

On Wed, 9 Jun 2010, john heasley wrote:

> Wed, Jun 09, 2010 at 09:56:21AM +0200, Julian Salmeron:
> > I have a strange situation with a Cisco device where I have to login as
> > normal user , then type the "enable 7" command to enter in level 7 and then
> > type "show startup config" instead of "show running config".
> > So I have to modify some of the rancid scripts (clogin, rancid and maybe
> > some more), and that's my problem...I don't know how to do that and I'm not
> > sure which scripts I have to modify.
> 
> clogin/*login does not have a way to alter the enable command.  afaik, 
> other commands will fail at lower privilege levels, so i'm not inclined 
> to add the feature now.

That's true; I also needed the feature for some 3Com/H3C gear which 
doesn't use "enable".  I wasn't inclined to add the feature either, but I 
did make it slightly easier for myself in case I ever did; I simply:

    set enacmd "system-view"

then later:

    send "$enacmd\r"

If the facility to change it ever gets added in via .cloginrc, I at least 
had part of the framework there, and in the meantime it reminds me to 
think about it again every so often.

Jethro.

.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
Jethro R Binks
Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 2 comments |
headers
john heasley | 9 Jun 2010 22:28

[rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command)

Wed, Jun 09, 2010 at 08:57:03PM +0100, Jethro R Binks:
> On Wed, 9 Jun 2010, john heasley wrote:
> 
> > Wed, Jun 09, 2010 at 09:56:21AM +0200, Julian Salmeron:
> > > I have a strange situation with a Cisco device where I have to login as
> > > normal user , then type the "enable 7" command to enter in level 7 and then
> > > type "show startup config" instead of "show running config".
> > > So I have to modify some of the rancid scripts (clogin, rancid and maybe
> > > some more), and that's my problem...I don't know how to do that and I'm not
> > > sure which scripts I have to modify.
> > 
> > clogin/*login does not have a way to alter the enable command.  afaik, 
> > other commands will fail at lower privilege levels, so i'm not inclined 
> > to add the feature now.
> 
> That's true; I also needed the feature for some 3Com/H3C gear which 
> doesn't use "enable".  I wasn't inclined to add the feature either, but I 
> did make it slightly easier for myself in case I ever did; I simply:
> 
>     set enacmd "system-view"
> 
> then later:
> 
>     send "$enacmd\r"
> 
> If the facility to change it ever gets added in via .cloginrc, I at least 
> had part of the framework there, and in the meantime it reminds me to 
> think about it again every so often.

i'd have created a separate script for that one, especially because its a
3com.  yes, i won't hide my disdain for 3com.

but, 'enablecmd' is what i was thinking about.  however, because folks
would be inclined to do things like julian is, it affects authorization
for other commands and quickly becomes far more complicated.
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 1 comment |
headers
Jethro R Binks | 9 Jun 2010 22:52
Picon
Picon
Favicon
Gravatar

[rancid] Re: Modify rancid scripts to enter on Cisco devices level 7 (enable 7 command)

On Wed, 9 Jun 2010, john heasley wrote:

> > If the facility to change it ever gets added in via .cloginrc, I at least 
> > had part of the framework there, and in the meantime it reminds me to 
> > think about it again every so often.
> 
> i'd have created a separate script for that one, especially because its a
> 3com.  yes, i won't hide my disdain for 3com.

:)  But I did: h3clogin.  That's where I put the simple framework, Just In 
Case.

> but, 'enablecmd' is what i was thinking about.  however, because folks 
> would be inclined to do things like julian is, it affects authorization 
> for other commands and quickly becomes far more complicated.

I was just thinking about the general case of "a device where the enable 
command isn't literally 'enable'", rather than Julian's more specialised 
case where he is specifying a particular priv level, but you are correct 
that in that case it can get complicated.

As it happens, my rancid logs into a ASA/PIX with a user of lower priv 
level; I did have to make some of the commands available to the lower priv 
level.

My 'framework', such as it was, was really an example of my continuing 
view (mentioned before) that the more system-specific detail can be 
abstracted out from the scripts themselves, then the less different the 
scripts become.  It then becomes much easier to:

1. abstract common functions out from the scripts;

2. make updates to general functionality across all the scripts;

3. write a script for a new device, concentrating on just the stuff that 
really is different rather than trying to cobble something together 
comparing different scripts for other different devices

Obviously some devices really are quite different, or pernikity, but if 
you can abstract even the simple things like "what's the command to run to 
get to privileged mode", and "how do i turn off paging" to the clogin 
level, or a simple config file listing the vendors and the equivalent 
commands, then you might get some way down that road.  
Net::Appliance::Session attempts to do something like this, by the use of 
vendor-specific 'phrasebooks', e.g.:

http://cpansearch.perl.org/src/OLIVER/Net-Appliance-Phrasebook-1.8/lib/Net/Appliance/Phrasebook/nas-pb.yml

Jethro.

.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
Jethro R Binks
Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Permalink | Reply | 0 comments |

Gmane