Hi Tyler,<br><br>ok... I will try to give it a shot...<br>What about HP Procurve "Freeze"... can anyone help with this...?<br><br>Thanks in advance :-)!<br>~maymann<br><br><div class="gmail_quote">2012/1/10 Tyler J. Wagner <span dir="ltr"><<a href="mailto:tyler@tolaris.com">tyler@tolaris.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Reading /usr/lib/rancid/bin/clogin, I don't see any intelligence for using<br>
SSH keys. Sorry, if you want that, you'll have to add it. Patches would no<br>
doubt be welcome.<br>
<br>
Tyler<br>
<div class="im"><br>
On <a href="tel:2012-01-10%2013" value="+12012011013">2012-01-10 13</a>:11, Michael Maymann wrote:<br>
> Hi Tyler,<br>
><br>
> Thanks for your reply...:-) !<br>
><br>
> Same thing happens as for my network user...:<br>
> 1. yes<br>
> 2. no (clogin/hlogin requires a .cloginrc file with username/password to<br>
> run) - and my best bet is that this is what it uses currently... so no<br>
> ssh-keys using clogin/hlogin (from wither network user, root, rancid...).<br>
> Furthermore prompt is also "hanging" and it doesn't parse the -c "sh ver"<br>
> that works fine from normal ssh...<br>
> 3. same as network user/root<br>
><br>
> So key-sharing is working fine... but don't know how to utilize it/bypass<br>
> .cloginrc in rancid...<br>
> Just hoping that there is a way... - would'nt like to manually edit scripts<br>
> every time i update Rancid... and I don't know expect that well either...:-) !<br>
><br>
> Thanks in advance :-) !<br>
> ~maymann<br>
><br>
</div>> 2012/1/10 Tyler J. Wagner <<a href="mailto:tyler@tolaris.com">tyler@tolaris.com</a> <mailto:<a href="mailto:tyler@tolaris.com">tyler@tolaris.com</a>>><br>
<div class="im">><br>
> Michael,<br>
><br>
> I've not tried using clogin/hlogin with SSH keys, but I know a great deal<br>
> about SSH. Assuming that clogin will use a key if present (a big if):<br>
><br>
> 1. Can you login with the SSH key using ssh as the root user?<br>
> 2. Can you login with the SSH key using clogin as the root user?<br>
> 3. What about as the rancid user?<br>
><br>
> Regards,<br>
> Tyler<br>
><br>
</div><div class="im">> On <a href="tel:2012-01-10%2008" value="+12012011008">2012-01-10 08</a> <tel:2012-01-10%2008>:17, Michael Maymann wrote:<br>
> > I'm running on rhel-5u7-x64.<br>
> > Anyone...?<br>
> ><br>
> ><br>
> > Thanks in advance :-)<br>
> > ~maymann<br>
> ><br>
> > 2012/1/9 Michael Maymann <<a href="mailto:michael@maymann.org">michael@maymann.org</a><br>
</div>> <mailto:<a href="mailto:michael@maymann.org">michael@maymann.org</a>> <mailto:<a href="mailto:michael@maymann.org">michael@maymann.org</a><br>
<div><div class="h5">> <mailto:<a href="mailto:michael@maymann.org">michael@maymann.org</a>>>><br>
> ><br>
> > hlogin -w <USR> -c "sh ver" <HOSTNAME>:<br>
> > ---<br>
> > <HOSTNAME><br>
> > spawn hpuifilter -- ssh -c 3des -x -l <USR> <HOSTNAME><br>
> > We'd like to keep you up to date about:<br>
> > * Software feature updates<br>
> > * New product announcements<br>
> > * Special events<br>
> ><br>
> > Please register your products now at: <a href="http://www.ProCurve.com" target="_blank">www.ProCurve.com</a><br>
> <<a href="http://www.ProCurve.com" target="_blank">http://www.ProCurve.com</a>><br>
> > <<a href="http://www.ProCurve.com" target="_blank">http://www.ProCurve.com</a>><br>
> ><br>
> ><br>
> > ProCurve J8697A Switch 5406zl<br>
> > Software revision K.15.02.0005<br>
> ><br>
> > Copyright (C) 1991-2010 Hewlett-Packard Co. All Rights Reserved.<br>
> ><br>
> > RESTRICTED RIGHTS LEGEND<br>
> ><br>
> > Use, duplication, or disclosure by the Government is subject to<br>
> > restrictions<br>
> > as set forth in subdivision (b) (3) (ii) of the Rights in Technical<br>
> > Data and<br>
> > Computer Software clause at 52.227-7013.<br>
> ><br>
> > HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA<br>
> 94303<br>
> ><br>
> > Press any key to continue<HOSTNAME>#<br>
> > ---<br>
> > Just "hangs" there...<br>
> ><br>
> ><br>
> > ssh <USR>@<HOSTNAME>:<br>
> > ---<br>
> > We'd like to keep you up to date about:<br>
> > * Software feature updates<br>
> > * New product announcements<br>
> > * Special events<br>
> ><br>
> > Please register your products now at: <a href="http://www.ProCurve.com" target="_blank">www.ProCurve.com</a><br>
> <<a href="http://www.ProCurve.com" target="_blank">http://www.ProCurve.com</a>><br>
> > <<a href="http://www.ProCurve.com" target="_blank">http://www.ProCurve.com</a>><br>
> > ProCurve J8697A Switch 5406zl<br>
> > Software revision K.15.02.0005<br>
> ><br>
> > Copyright (C) 1991-2010 Hewlett-Packard Co. All Rights Reserved.<br>
> ><br>
> > RESTRICTED RIGHTS LEGEND<br>
> ><br>
> > Use, duplication, or disclosure by the Government is subject to<br>
> > restrictions<br>
> > as set forth in subdivision (b) (3) (ii) of the Rights in Technical<br>
> > Data and<br>
> > Computer Software clause at 52.227-7013.<br>
> ><br>
> > HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA<br>
> 94303<br>
> > Press any key to continue<br>
> > <HOSTNAME># sh ver<br>
> > Image stamp: /sw/code/build/btm(K_15_02)<br>
> > Oct 20 2010 16:19:41<br>
> > K.15.02.0005<br>
> > 121<br>
> > Boot Image: Primary<br>
> > <HOSTNAME># logout<br>
> > Do you want to log out [y/n]? y<br>
> > Connection to <HOSTNAME> closed.<br>
> > ---<br>
> > So SSH is working fine...<br>
> > I'm running Rancid 2.3.6... hlogin=$Id: <a href="http://hlogin.in" target="_blank">hlogin.in</a><br>
</div></div>> <<a href="http://hlogin.in" target="_blank">http://hlogin.in</a>> <<a href="http://hlogin.in" target="_blank">http://hlogin.in</a>><br>
<div class="im">> > 2251 2010-10-01 19:26:36Z heas $<br>
> > Could there be a problem with HP Procurve 5406zl hlogin script<br>
> > somewhere... or can someone actually confirm this to be working on<br>
> > their 5406zl ?<br>
> ><br>
> > Furthermore, I would like to run hlogin+clogin wihout having to<br>
> > configure anything inside .cloginrc... is this possible somehow ?<br>
> ><br>
> ><br>
> > Thanks in advance... :-) !<br>
> > ~maymann<br>
> ><br>
> ><br>
> > 2012/1/9 Michael Maymann <<a href="mailto:michael@maymann.org">michael@maymann.org</a><br>
</div>> <mailto:<a href="mailto:michael@maymann.org">michael@maymann.org</a>> <mailto:<a href="mailto:michael@maymann.org">michael@maymann.org</a><br>
<div class="im">> <mailto:<a href="mailto:michael@maymann.org">michael@maymann.org</a>>>><br>
> ><br>
> > Hi List,<br>
> ><br>
> > We have a setup where we have destributed 4096 bit RSA<br>
> public-keys<br>
> > to all our equipment from a network-user for optimanl security.<br>
> > Our equipment is already in a DB and we have a scripting<br>
> > environment that figures out the vendor/model/type for us<br>
> already.<br>
> > 1. Can I use rancid without using .cloginrc (e.g. directly from<br>
> > commandline) - how... ?<br>
> > 2. Alternatively, can I configure .cloginrc with ssh-keysharing -<br>
> > how... ?<br>
> ><br>
> > We will need to connect to HP ProCurve (hlogin) and Cisco<br>
> (clogin)...<br>
> ><br>
> ><br>
> > Thanks in advance :-) !<br>
> ><br>
> > ~maymann<br>
> ><br>
> ><br>
> ><br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > Rancid-discuss mailing list<br>
</div>> > <a href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a> <mailto:<a href="mailto:Rancid-discuss@shrubbery.net">Rancid-discuss@shrubbery.net</a>><br>
<div class="HOEnZb"><div class="h5">> > <a href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss" target="_blank">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a><br>
><br>
> --<br>
> "[...] we are not attacking the corporations, but endeavoring to do<br>
> away with any evil in them. We are not hostile to them; we are merely<br>
> determined that they shall be so handled as to subserve the public<br>
> good. We draw the line against misconduct, not against wealth."<br>
> -- Theodore Roosevelt<br>
><br>
><br>
<br>
</div></div><span class="HOEnZb"><font color="#888888">--<br>
"I respect you too much to respect your ridiculous ideas."<br>
-- Johann Hari<br>
</font></span></blockquote></div><br>