[rancid] Re: Access Required For Rancid ID
Justin Grote
justin at grote.name
Tue Mar 21 17:37:08 UTC 2006
Jon TripkeHughes wrote:
>Hello All,
>
>i am trying to work with our networking tea mto setup Rancid and they have
>concerns about the level of access we would be granting the Rancid login id
>for the routers and switches.
>
>is there such thing as a "read-only" Rancid login or, by design, does
>Rancid require more rights?
>
>any help would be greatly appreciated.
>
>
If you're using TACACS+, you can set up the rancid login account to only
be able to execute the commands it needs, such as. "show run" and "show
controller", but nothing else.
If you're using RADIUS or some other means, you can set up a privilege
level that does the same:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ftprienh.htm
--
Justin Grote
Network Architect
JWG Networks
More information about the Rancid-discuss
mailing list