[rancid] Re: Rancid and cisco 'autocommand' users?
Austin Schutz
tex at off.org
Wed Apr 25 18:00:54 UTC 2007
On Wed, Apr 25, 2007 at 02:19:04PM +0100, Phil Stoneman wrote:
> Hi folks,
>
> We're currently involved in a deployment of rancid for some cisco
> equipment that we manage. We're fairly uncomfortable with storing
> full-privilege passwords in plaintext anywhere.
>
> One solution to this might be for us to configure a user with an
> autocommand:
>
> username auditor password 0 mypassword
> username auditor privilege 15 autocommand show running-config
>
> When the user 'auditor' logs in, the configuration is dumped (with any
> --More-- bits in between), and the connection is then closed.
I fail to see how automatically logging in the users from an ACL of
hosts is more secure than doing that plus requiring a password.
Austin
More information about the Rancid-discuss
mailing list