A few questions with 2.3.1
joshua sahala
jejs+rancid at sahala.org
Thu Aug 19 19:55:33 UTC 2004
On (19/08/04 13:59), Brian Wilson wrote:
[cut]
>
> First, many of our devices resolve in DNS to multiple IP addresses
> (internal & external firewall addresses), thus, this tends to cause
> problems with rancid and ssh. For instance:
>
[cut]
>
> Anyone else have any suggestions?
>
i personally would have a management name in dns (or /etc/hosts) for
each device, then you would only have one address to resolve
ex: mgmt-myrouter.mydomain
or create a subdomain for you management addresses
ex: myrouter.mgmt.mydomain
as to your other questions, i haven't encountered a need to do either.
my passwords are complex and ugly, but stay with a few 'standard'
special characters. the only user(s) that have access to the rancid
account/directories are the admins who have enable rights, and the
rancid host is secured and monitored (like the rest of the servers)
/joshua
--
A common mistake that people make when trying to design something
completely foolproof is to underestimate the ingenuity of complete
fools.
- Douglas Adams -
More information about the Rancid-discuss
mailing list