> The RANCID docs say that the default for RANCID is to remove reversible > passwords from a configfile to avoid their being sent by email when > the diffs go out. > > What if the diffs were filtered instead? Are there any other reasons > to keep passwords out of the config? they would be stored in decodable text on disk randy