integration of security enhancement patch

erik at code.de erik at code.de
Fri Jan 2 16:24:07 UTC 2004


Hi List,

I red a mail from Janos Mohacsi[1] about a more secure way of getting
config files, he wrote 1 1/2 years ago. His patch is 62139 Bytes long
mainly to introduce a new mrancid.in with autoconf and so on. An
integration of the patch he was sending is not nessesary, if the
author/community decides to change a single command in two lines of
bin/rancid.in.

Is there a reason why the running-config of a cisco is gathered by
rancid? If not, is there any reason not to change that command to "show
config" which is taking the startup-config? This change is needed to
enable the great feature, of getting configs from a cisco without
granting "privilege 15" access to a cisco device.

I just want to throw that request to the list for discussion.


[1] http://www.shrubbery.net/pipermail/rancid-discuss/2002-June/000230.html

-- 
erik at code.de

"I am not a Geek! I shower."



More information about the Rancid-discuss mailing list