From AZhang at reliant.com Wed Jan 8 15:39:29 2003 From: AZhang at reliant.com (Zhang, Anchi) Date: Wed, 8 Jan 2003 09:39:29 -0600 Subject: for those with problems with cat5rancid over ssh Message-ID: <4542F75EC5DC2E44AA0B648E20D00E3504C70E@rriexmb10.services.reinternal.com> I made the following change and now collections on all my Cat5 devices successful: log2% diff cat5rancid cat5rancid.orig 977d976 < $clean_run = 1; Anchi From AZhang at reliant.com Mon Jan 13 15:21:16 2003 From: AZhang at reliant.com (Zhang, Anchi) Date: Mon, 13 Jan 2003 09:21:16 -0600 Subject: changing passwords on cat5 devices Message-ID: <4542F75EC5DC2E44AA0B648E20D00E3504C713@rriexmb10.services.reinternal.com> Greetings, In trying to change the enable password on about 100 CatOS devices, I have a bourn shell script calling clogin -c "set enablepass $2$UTXb$gcYEfPcOCt0Ths6szOXc0" $hostname However, no matter how I quote the encrypted password and/or escape meta character $, clogin either fails or executes with an empty password. Using "clogin -x " produces the same effect. Your pointers, please. Anchi From heas at shrubbery.net Mon Jan 13 19:19:19 2003 From: heas at shrubbery.net (john heasley) Date: Mon, 13 Jan 2003 11:19:19 -0800 Subject: changing passwords on cat5 devices References: <4542F75EC5DC2E44AA0B648E20D00E3504C713@rriexmb10.services.reinternal.com> Message-ID: <20030113191919.GH5714@shrubbery.net> Mon, Jan 13, 2003 at 09:21:16AM -0600, Zhang, Anchi: > Greetings, > > In trying to change the enable password on about 100 CatOS devices, I have a > bourn shell script calling > > clogin -c "set enablepass $2$UTXb$gcYEfPcOCt0Ths6szOXc0" $hostname > > However, no matter how I quote the encrypted password and/or escape meta > character $, clogin either fails or executes with an empty password. Using > "clogin -x " produces the same effect. > > Your pointers, please. > > Anchi $ identifies a variable in shell(s) and expect/tcl. if you single quote the command, it will be protected from shell expansion. and, without try it myself, expect may double-eval the command resulting in variable expansion which could be protected by escaping the $s, as in \$. clogin -c 'set enablepass \$2\$UTXb\$gcYEfPcOCt0Ths6szOXc0' $hostname try this with caution. you should have an enable'd login in another window. From AZhang at reliant.com Mon Jan 13 20:30:51 2003 From: AZhang at reliant.com (Zhang, Anchi) Date: Mon, 13 Jan 2003 14:30:51 -0600 Subject: changing passwords on cat5 devices Message-ID: <4542F75EC5DC2E44AA0B648E20D00E3504C716@rriexmb10.services.reinternal.com> That works beautifully. Many thanks. How would you rely on Rancid to add the following to IOS devices? banner motd ^ ************************************************************************ THIS IS A PRIVATE COMPUTING SYSTEM, RESTRICTED TO AUTHORIZED USERS ONLY. IF YOU DO NOT HAVE AUTHORIZATION, YOU ARE WARNED TO DISCONNECT AT ONCE. ************************************************************************^ From asp at partan.com Mon Jan 13 20:34:42 2003 From: asp at partan.com (Andrew Partan) Date: Mon, 13 Jan 2003 15:34:42 -0500 Subject: changing passwords on cat5 devices References: <4542F75EC5DC2E44AA0B648E20D00E3504C716@rriexmb10.services.reinternal.com> Message-ID: <20030113203442.GA28683@partan.com> On Mon, Jan 13, 2003 at 02:30:51PM -0600, Zhang, Anchi wrote: > How would you rely on Rancid to add the following to IOS devices? > > banner motd ^ > ************************************************************************ > > THIS IS A PRIVATE COMPUTING SYSTEM, RESTRICTED TO AUTHORIZED USERS ONLY. > IF YOU DO NOT HAVE AUTHORIZATION, YOU ARE WARNED TO DISCONNECT AT ONCE. > > ************************************************************************^ Stick it into a file on your tftp server & use a modification of util/cisco-load.exp to load it. --asp From jamesgef at sympatico.ca Wed Jan 29 13:24:52 2003 From: jamesgef at sympatico.ca (JamesGEF) Date: Wed, 29 Jan 2003 08:24:52 -0500 Subject: Can't seem to view configs Message-ID: <007801c2c799$ce717160$4232a8c0@diablo.com> Sorry for the ignorance, but I installed rancid per the README, created a rancid user & group, gave it rights to the /usr/local/rancid directory. Could login to all my cisco nodes just fine with the clogin command. However, how do I view the information that rancid has downloaded after executing a do-diffs? I know I have to run the cvs checkout command (i think), but it asks for a module??? Thanks in advance! James From heas at shrubbery.net Wed Jan 29 18:34:28 2003 From: heas at shrubbery.net (john heasley) Date: Wed, 29 Jan 2003 18:34:28 +0000 Subject: Can't seem to view configs References: <007801c2c799$ce717160$4232a8c0@diablo.com> Message-ID: <20030129183428.GE20942@shrubbery.net> Wed, Jan 29, 2003 at 08:24:52AM -0500, JamesGEF: > Sorry for the ignorance, but I installed rancid per the README, created a > rancid user & group, gave it rights to the /usr/local/rancid directory. > Could login to all my cisco nodes just fine with the clogin command. > However, how do I view the information that rancid has downloaded after > executing a do-diffs? > > Thanks in advance! > > James i suspect you missed item #6 of the quick start guide. after rancid collection of a group completes, the files for successfully collected hosts are renamed to that of the first field in the router.db file for that group. eg: router.shrubbery.net.new -> router.shrubbery.net a cvs diff is run and the output is mailed to rancid-. this alias needs to appear in your MTA's aliases file. alternatively, you can use the --enable-mail-plus option of configure at build-time, then the mail-to will become rancid+ and the rancid user can either just forward all with a .forward or use procmail. those files/changes are then committed to the cvs repository. the full configs are available in /usr/local/rancid//configs/ > I know I have to run the cvs checkout command (i think), but it asks for a module??? first off, i suggest that no changes (ie: commits) be made to the cvs repository by any user other than the one who runs rancid. checkouts are fine. a module, in this case, equates to a group. eg: group fubar cvs -rd /usr/local/rancid/CVS co fubar the FAQ contains a reference to a decent cvs guide/faq. i suggest that you check it out.