can you use SecurID with rancid?

Colin Whittaker colin.whittaker at
Tue May 10 07:33:57 UTC 2005

On Mon, May 09, 2005 at 08:23:01PM -0700, Mark Boolootian wrote:
> All good points, but where am I left if I want to protect my network
> gear with OTPs and still run rancid?  It seems they are mutually 
> incompatible.  I can create a single instance of a reusable password to be
> used for rancid logins, but that doesn't improve the situation.

Hi Mark,

We use RSASecurIDs and Ciscos ACS TACACS+ software to do OTP passwords
for all of our networking device. Rancid uses a fixed password account
on ACS but is restricted to excuting only those commands it needs and as
soon as I get arround to it I will also use ACS to restrict where the
rancid user can login from.

Colin Whittaker    colin.whittaker at    Tel: +353 1 6609040
HEAnet NOC         noc at                iNOC-DBA:  1213*752

More information about the Rancid-discuss mailing list