[rancid] Re: Redback timeouts lockout admin accounts
john heasley
heas at shrubbery.net
Mon Jul 17 21:30:09 UTC 2006
Mon, Jul 17, 2006 at 12:05:21PM -0400, Ed Ravin:
> On Mon, Jul 17, 2006 at 10:42:43AM -0500, Gary L Roberts wrote:
> > Running ./clogin produces this output:
> >
> > [rancid at Rancid bin]$ ./clogin 10.xxx.xxx.xxx
> > 10.xxx.xxx.xxx
> > spawn ssh -c 3des -x -l adminlogin 10.xxx.xxx.xxx
> > adminlogin at 10.xxx.xxx.xxx's password:
> > [local]REDBACK#show config
> >
> > Error: TIMEOUT reached
> > [rancid at Rancid bin]$ show config
> > bash: show: command not found
> >
> >
> > Redback only allows so many admin sessions at one time to be logged into
> > the system.
> > And since RANCID errors out, it is not closing the ssh session. so after
> > 1 days time, it completely locks out remote access to the router.
>
> I think I fixed that problem with clogin a couple of months ago - see
> patch below. clogin wasn't properly closing the SSH/telnet session
> if there was a timeout error.
That looks correct, though you should catch the close, but I doubt this
related since the telnet/ssh would see EOF on stdin and close the network
side.
> @@ -626,7 +644,7 @@
> exp_continue
> }
> -re "\[\n\r]+" { exp_continue }
> - timeout { return 0 }
> + timeout { close; return 0 }
> eof { return 0 }
> }
> set in_proc 0
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
More information about the Rancid-discuss
mailing list