Rancid+Cisco privs?
Saku Ytti
saku+rancid at ytti.fi
Thu Nov 24 07:16:26 UTC 2005
On (2005-11-23 15:18 -0800), Shaun wrote:
> I just setup rancid and all it working fine but now I want to secure things
> a bit. Right now the user rancid logs into my Cisco gear with has a priv of
> 15 but I want to lock this user down so that the user only have privs to do
> what rancid needs to do. I'm not very familiar with rancid, it's my first
> time using it so I'm not really sure what it's doing in the back end. I
> searched around a bit but couldn't really find much on this subject. Right
> now all my equipment rancid it polling is IOS.
>
> Will a priv 1 be enough access for rancid?
Reading NVRAM is priviledged command always, so priv 1 will not help you.
However if you're running cutting edge IOS you have 'views' where you
can add just the commands you need.
--
++ytti
More information about the Rancid-discuss
mailing list