<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">
<p>Using the FAQ as a reference (thank you) I was able generate a string that I can use to login to the device manually.<br>
<br>
</p>
<div>$ssh -v -oHostKeyAlgorithms=+ssh-dss -oKexAlgorithms=+diffie-hellman-group1-sha1 login.name@x.y.148.230</div>
<div><br>
</div>
When running rancid-run, rancid runs and generates the log files. When I run hlogin [ip] it does not work.
<p></p>
<p></p>
<div>$ /opt/rancid/bin/nlogin -t 90 -c "get system;get conf" x.y.148.230 </div>
<div><span style="font-size: 12pt;">spawn ssh -c 3des -x -l login.name x.y.148.230</span><br>
</div>
<div>Unknown cipher type '3des'</div>
<div><br>
</div>
<div>Error: Couldn't login: x.y.148.230</div>
<div><br>
</div>
So my next thought is hrancid isn't passing the correct information to hlogin (even though the ssh algorithm and kex algorithms are specified in ssh.config file.<br>
<br>
<div>$ ./nrancid -d -t netscreen x.y.148.230</div>
<div>executing nlogin -t 90 -c"get system;get conf" x.y.148.230</div>
<div>x.y.148.230 nlogin error: Error: Couldn't login: x.y.148.230</div>
<div>x.y.148.230 nlogin error: Error: Couldn't login: x.y.148.230</div>
<div>x.y.148.230: missed cmd(s): all commands</div>
<div>x.y.148.230: End of run not found</div>
<div>x.y.148.230: End of run not found</div>
<div><br>
</div>
I can edit the nlogin file to explicitly ask pass the cypher type as per the expect function, but I thought was what the point of this function was supposed to do (and far my dynamically than my static configuration)? Do I need to modify it to read the .ssh
config file?
<p></p>
<p></p>
<div> # Figure out cypher type</div>
<div> if {[info exists cypher]} {</div>
<div> # command line cypher type</div>
<div> set cyphertype $cypher</div>
<div> } else {</div>
<div> set cyphertype [find cyphertype $router]</div>
<div> if { "$cyphertype" == "" } { set cyphertype "3des" }</div>
<div> }</div>
<div><br>
</div>
One other thing I noticed was the home directory of the rancid user is /home/rancid versus /opt/rancid(where my sys admin compiled and stored it). I had to add the below the .bashrc to enable rancid to be able to run at all. Is this the root of the issue?<br>
<div>## Changing $HOME directory to allow rancid to run</div>
<div>## $HOME is referenced in the rancid clogin files</div>
<div><span style="font-size: 12pt;">export HOME="/opt/rancid"</span><br>
</div>
<div><br>
</div>
<br>
<p></p>
<div>
<div style="font-size:12pt; color:#000000; background-color:#FFFFFF; font-family:Calibri,Arial,Helvetica,sans-serif">
<div style="font-family:Tahoma; font-size:13px">
<div>
<div>
<p style="font-family:Tahoma; font-size:13px"></p>
<p style="font-family:Tahoma; font-size:13px">Thank you in advance,</p>
<p style="font-family:Tahoma; font-size:13px"><br>
</p>
<p style="font-family:Tahoma; font-size:13px"><br>
</p>
<p>Robert Remsik</p>
<p>ACNS</p>
<p>Desk Phone: 970 491 7120</p>
<p>Robert.Remsik@colostate.edu</p>
<p style="font-family:Tahoma; font-size:13px"></p>
</div>
</div>
</div>
</div>
</div>
<br>
<br>
<div style="color: rgb(0, 0, 0);">
<div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> heasley <heas@shrubbery.net><br>
<b>Sent:</b> Friday, August 12, 2016 6:06 PM<br>
<b>To:</b> Remsik,Robert<br>
<b>Cc:</b> rancid-discuss@shrubbery.net<br>
<b>Subject:</b> Re: [rancid] Debugging Logins for netscreen and procurve switches</font>
<div> </div>
</div>
</div>
<font size="2"><span style="font-size:10pt;">
<div class="PlainText">Thu, Aug 11, 2016 at 09:32:38PM +0000, Remsik,Robert:<br>
> Hello!<br>
> <br>
> I'm using a fresh install of Rancid 3.4.1 and I'm trying to get<br>
> <br>
> logins to netscreen devices and hp procurve devices to work with no success so far. Rancid can successfully login to other devices of different types.<br>
> <br>
> The device is defined as (below) in the router.db file.<br>
> <br>
> #comment<br>
> x.y.148.230;netscreen;up<br>
> <br>
> The log throws the error message of:<br>
> <br>
> x.y.148.230: missed cmd(s): all commands<br>
> <br>
> x.y.148.230 nlogin error: Error: Couldn't login: x.y.148.230<br>
> x.y.148.230: End of run not found<br>
> <br>
> Any help is appreciated, thank you in advance!<br>
<br>
please start with the FAQ S3 Q2.<br>
</div>
</span></font></div>
</div>
</body>
</html>