[rancid] Re: Possible to use different password in .cloginrc

john heasley heas at shrubbery.net
Sat Nov 25 02:49:23 UTC 2006


Fri, Nov 24, 2006 at 01:56:50PM +0100, Atle ?stb?:
> Hi
>  
> I have installed the rancid-2.3.2a5.tar.gz on an Linux RedHat server.
>  
> Most of our cpe and core routeres/switches have configured tacacs, but there is several of them that use login/enable password to get access to the configuration.
>  
> Are the possible to set up some roule to use the tacacs login first, if that failed - then go to next match in the .cloginrc file.
>  
> Example:
>  
> # Most of the routers have tacacs login - try with that first
> add user *.no.sn.net    auto
> add password *.no.sn.net        {rancid!}
> add autoenable *.no.sn.net      1
>  
> #If login failed - try login/enable password 
> add password *.no.sn.net {differentyou}  {v8motor}
> add autoenable*.no.sn.net 0
>  
> 
> I have used some time to search the web for some solution for this, but I have not get any match.
> If you have some tips how I should do this - please send me an answer.
> 
> I will also say this is a wery good tool - and help us to hold track for our canges on the routers.

This is not possible, ATM.  The cloginrc matching ends upon the first
match.  Either find some unique pattern in the name of your non-tacacs
devices or create one with supplemental names in /etc/hosts such as
prepending an _.

I'll admit that this sounds useful, and cumbersome if continuation is not
something you want.  Perhaps a better alternative is some form of "continue"
token, or some kind ifelse structure, but I can't envision how either might
work at the moment.



More information about the Rancid-discuss mailing list