[rancid] Re: Rancid and cisco 'autocommand' users?
john heasley
heas at shrubbery.net
Wed Apr 25 21:17:50 UTC 2007
Wed, Apr 25, 2007 at 10:15:03PM +0100, Randy Bush:
> >> We're currently involved in a deployment of rancid for some cisco
> >> equipment that we manage. We're fairly uncomfortable with storing
> >> full-privilege passwords in plaintext anywhere.
> >
> > There are trade-offs to be made/accepted for automation. You can still
> > limit the exposure, as Ed Ravin has suggested.
>
> ask your router vendor why they do not have the equivalent of
> ~/.ssh/authorized_keys
Indeed, but the pass phrase still needs to be located somewhere or be empty.
and, s/router/device/
More information about the Rancid-discuss
mailing list