[rancid] Re: clogin on extreme X450

Joachim Jerberg Jensen joaje at dongenergy.dk
Thu Nov 15 09:20:07 UTC 2007


>From: john heasley [mailto:heas at shrubbery.net]
>
> I do not see why clogin would not have worked, unless you have a rogue
> userpassword else where in your cloginrc.  you can add "exp_internal 1"
> just before the main loop to see what it is doing.

You are absolutely right.. So I started the expect script in debug mode..
And it seems like it does not match the first "login:" prompt, even though the regexp. should match.!?

3. time it tries to login, it matches, if I add a "sleep 1" timer just before.

I also had to change the xrancid script, because the $found_end never becomes set.

        if (/^# Module vrrp configuration./i) {
            printf STDERR "    End WriteTerm: $_" if ($debug);
            $found_end = 1;
            return(0);
        }

Fortunately I don't use vrrp :-)

Br
Joachim Jerberg Jensen

This is the debug output:

[rancid at ns1 bin]$ cat scriptfile.txt
Script started on Fri 09 Nov 2007 02:19:30 PM CET
[rancid at ns1 bin]$ clogin 10.2.0.31
expect version 5.43.0
argv[0] = /usr/bin/expect  argv[1] = -d  argv[2] = /home/rancid/rancid/bin/clogin  argv[3] = 10.2.0.31
set argc 1
set argv0 "/home/rancid/rancid/bin/clogin"
set argv "10.2.0.31"
executing commands from command file /home/rancid/rancid/bin/clogin
10.2.0.31
spawn telnet 10.2.0.31 23
parent: waiting for sync byte
parent: telling child to go ahead
parent: now unsynchronized from child
spawn: returns {17811}

expect: does "" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does "" (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does "" (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? no
"(#| \(enable\))"? no
"Login invalid"? no
Trying 10.2.0.31...
Connected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).
Escape character is '^]'.

expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n" (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n" (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? no
"(#| \(enable\))"? no
"Login invalid"? no

telnet session telnet0 on /dev/ptyb0

login:
expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin: " (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin: " (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? yes
expect: set expect_out(0,string) "login:"
expect: set expect_out(1,string) "login"
expect: set expect_out(spawn_id) "exp6"
expect: set expect_out(buffer) "Trying 10.2.0.31...\r\r\nConnected to BRY_X450_01.MYNETWORK.ftth (10.2.0.31).\r\r\nEscape character is '^]'.\r\r\n\r\ntelnet session telnet0 on /dev/ptyb0\r\n\r\nlogin:"
send: sending "rancid\r" to { exp6 }
expect: continuing expect

expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? no
"(#| \(enable\))"? no
"Login invalid"? no
login: r
expect: does " \r\u001b[Klogin: r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " \r\u001b[Klogin: r" (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " \r\u001b[Klogin: r" (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? yes
expect: set expect_out(0,string) "login:"
expect: set expect_out(1,string) "login"
expect: set expect_out(spawn_id) "exp6"
expect: set expect_out(buffer) " \r\u001b[Klogin:"
send: sending "rancid\r" to { exp6 }
expect: continuing expect

expect: does " r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " r" (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " r" (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? no
"(#| \(enable\))"? no
"Login invalid"? no
ancid
password:
expect: does " rancid\r\n\rpassword: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " rancid\r\n\rpassword: " (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " rancid\r\n\rpassword: " (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? yes
expect: set expect_out(0,string) "password:"
expect: set expect_out(spawn_id) "exp6"
expect: set expect_out(buffer) " rancid\r\n\rpassword:"
send: sending "MYPASSWORD\r" to { exp6 }
expect: continuing expect

expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? no
"(#| \(enable\))"? no
"Login invalid"? no


Login incorrect
login: MYPASSWORD

expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: MYPASSWORD\r\n\r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? yes
expect: set expect_out(0,string) "login:"
expect: set expect_out(1,string) "login"
expect: set expect_out(spawn_id) "exp6"
expect: set expect_out(buffer) " \r\n\r\r\n\rLogin incorrect\r\nlogin:"
send: sending "rancid\r" to { exp6 }
expect: continuing expect

expect: does " MYPASSWORD\r\n\r" (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " MYPASSWORD\r\n\r" (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? no
"(#| \(enable\))"? no
"Login invalid"? no
password:
expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? yes
expect: set expect_out(0,string) "password:"
expect: set expect_out(spawn_id) "exp6"
expect: set expect_out(buffer) " MYPASSWORD\r\n\rpassword:"
send: sending "MYPASSWORD\r" to { exp6 }
expect: continuing expect

expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? no
"(#| \(enable\))"? no
"Login invalid"? no


Login incorrect
login:
expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: " (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " \r\n\r\r\n\rLogin incorrect\r\nlogin: " (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? yes
expect: set expect_out(0,string) "login:"
expect: set expect_out(1,string) "login"
expect: set expect_out(spawn_id) "exp6"
expect: set expect_out(buffer) " \r\n\r\r\n\rLogin incorrect\r\nlogin:"
send: sending "rancid\r" to { exp6 }
expect: continuing expect

expect: does " " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " " (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " " (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"? no
"Login failed"? no
"% (Bad passwords|Authentication failed)"? no
"Press any key to continue."? no
"Enter Selection: "? no
"Last login:"? no
"@[^\r\n]+ password:"? no
"(Username|Login|login|user name):"? no
"password:"? no
"(#| \(enable\))"? no
"Login invalid"? no
MYPASSWORD
password:
expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match regular expression "(Connection refused|Secure connection [^\n\r]+ refused)"? no
"(Connection closed by|Connection to [^\n\r]+ closed)"? no

expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "unknown host\r"? no

expect: does " MYPASSWORD\r\n\rpassword: " (spawn_id exp6) match glob pattern "Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).*(yes/no)?"? no
"HOST IDENTIFICATION HAS CHANGED.* (yes/no)?"? no
"Offending key for .* (yes/no)?"? no
"(denied|Sorry)"?





Fri, Nov 09, 2007 at 11:45:44AM +0100, Joachim Jerberg Jensen:
> Hey,
>
> With a hint from a friend on the list, I made it work.
> Jlogin works like a charm :)
>
> /Joachim Jerberg Jensen
>
>
> -----Original Message-----
> From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Joachim Jerberg Jensen
> Sent: Friday, November 09, 2007 10:47 AM
> To: rancid-discuss at shrubbery.net
> Subject: [rancid] clogin on extreme X450
>
> Hi,
>
> I have problems with doing clogin into extreme X450 switches doing  TACACS authentication. ExtremeXOS version 11.6.3.5
>
> When I login it get following:
>
> [rancid at ns1 ~]$ clogin 10.2.0.31
> 10.2.0.31
> spawn telnet 10.2.0.31
> Trying 10.2.0.31...
> Connected to 10.2.0.31
> Escape character is '^]'.
>
> telnet session telnet0 on /dev/ptyb0
>
> login: rancid
> password:
>
> Login incorrect
> login: mypassword
> password:
>
> Login incorrect
> login: mypassword
> password:
>
> Login incorrect
> Maximum number of login attempts reached!
> Connection closed by foreign host.
>
> My .cloginrc file:
>
> ##############
> add autoenable * {1}
> add user * {rancid}
> add password * {mypassword}
>
> #add userprompt * {"login:"}
> #add passprompt * {"password:"}
> ##############
>
> It seems like it doesn't apply the password after the login, but applies the password as username instead..
> I have tried rancid-2.3.1 and rancid-2.3.2a7, same problem...
>
> I can login manually with login and password with no problem.
>
> Anyone have a hint?
>
> Best regards
> Joachim Jerberg Jensen
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss


More information about the Rancid-discuss mailing list